System Intrusions and Law Enforcement

Get BibTex-formatted data

Author

Eugene Spafford

Entry type

article

Abstract

Should an organization inform law-enforcement officials when it discovers evidence of unauthorized activity in its information systems processing operations? Deciding how to answer that question depends on some considerations. Information systems security professionals should address the issue before to decide how to resolve it arises. Building in law-enforcement agency personnel can create problems for the organization. A criminal investigationmy drap on for some time. During this time, much of the organization's information systems security resources could be tied up in responding to requests for information, helping with teh investigation, and then appearing in court. However, not informing the appropriate law- enforcement officials may lead to other types of problems for the organization. These problems could include civil or criminal litigation, denial by its insurers of recompense for incurred losses, and the imposition of penalties for breach of statutory requirments.

Date

1996 – August

Address

New York, NY 10014

Editor

Belden Menkus, CISA

Institution

Auerbach, RIA Group

Journal

EDPACS

Key alpha

Spafford

Number

Pages

1-5

Volume

Publication Date

0000-00-00

Keywords

Audit, Control, Security, Newsletter

Location

A hard-copy of this is in the Papers Cabinet

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Spafford,
	title = "System Intrusions and Law Enforcement",
	author = "Eugene Spafford",
	year = "1996",
	month = "August",
	address = "New York, NY 10014",
	editor = "Belden Menkus, CISA",
	institution = "Auerbach, RIA Group",
	journal = "EDPACS",
	number = "2",
	pages = "1-5",
	volume = "24",
	abstract = "Should an organization inform law-enforcement officials when it discovers evidence of
unauthorized activity in its information systems processing operations? Deciding how to
answer that question depends on some considerations. Information systems security professionals
should address the issue before to decide how to resolve it arises.
Building in law-enforcement agency personnel can create problems for the organization. A criminal
investigationmy drap on for some time. During this time, much of the organization's information
systems security resources could be tied up in responding to requests for information, helping
with teh investigation, and then appearing in court. However, not informing the appropriate law-
enforcement officials may lead to other types of problems for the organization. These problems
could include civil or criminal litigation, denial by its insurers of recompense for incurred losses,
and the imposition of penalties for breach of statutory requirments.",
	keywords = "Audit, Control, Security, Newsletter",
}