Also in April, the Cybersecurity Unit of the Computer Crime & Intellectual Property Section of DOJ’s Criminal Division released its first report on “Best Practices for Victim Response and Reporting of Cyber Incidents.” The report, which is aimed primarily at smaller organizations with fewer resources, compiles lessons learned by federal prosecutors and provides input from private sector companies that have managed cyber incidents. It contains detailed steps to take before, during, and after a cyber attack, as well as a “preparedness checklist.” The Cybersecurity Unit recommends that organizations identify their most important or sensitive information, create an actionable plan, and engage with their legal counsel, law enforcement, and cyber information sharing organizations before a breach occurs. If an attack does happen, the victim should make an initial assessment, attempt to minimize ongoing damage, record information on the attack, and notify personnel within the organization as well as law enforcement, the Department of Homeland Security, and other potential victims. After an incident, the victim should continue monitoring its network and conduct a review of its incident response plan and execution. The full text of the report is available here. For further information and analysis, see Arnold & Porter Client Advisory DOJ Seeks Cybersecurity Cooperation as Best Practice in Responding to Cyber Incidents (May 2015).