Audit of the Federal Bureau of Investigation's cyber victim notification process
(eBook)
Contributors
Published
Washington, DC : Office of the Inspector General, U.S. Department of Justice, 2019.
Status
Description
Loading Description...
Also in this Series
Checking series information...
Subjects
LC Subjects
Computer networks -- Security measures -- United States.
Cyberterrorism -- United States -- Prevention -- Evaluation.
Management audit.
National security -- United States.
United States. -- Federal Bureau of Investigation -- Information technology -- Evaluation.
United States. -- Federal Bureau of Investigation -- Management -- Evaluation.
Cyberterrorism -- United States -- Prevention -- Evaluation.
Management audit.
National security -- United States.
United States. -- Federal Bureau of Investigation -- Information technology -- Evaluation.
United States. -- Federal Bureau of Investigation -- Management -- Evaluation.
More Details
Format
eBook
Language
English
Notes
General Note
"Audit Division 19-23."
General Note
"March 2019."
General Note
" ... we examined the FBI's adherence to Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and the FBI Cyber Division Policy Guide 0853pg as well as other related policies." -- Executive summary.
General Note
"The FBI established Cyber Guardian for tracking the production, dissemination, and disposition of cyber-victim notifications which can help victims mitigate the damage caused by cyber intrusions and increase the potential for intelligence collection by the FBI. However, we found that the data in Cyber Guardian was incomplete and unreliable, making the FBI unable to determine whether all victims are being notified. The quality of formal requests for investigative actions, called leads, set for victim notification was inconsistent. In addition, not all agents indexed victims within Sentinel, as required. Together, the inconsistent leads and indexing contributed to some notifications not being tracked property or taking place too long after the attack for the victim to effectively mitigate the threat to its system. Further, the Department of Homeland Security (DHS) -- a partner in using Cyber Guardian --was not entering information into the system as required, contributing to the incompleteness of data in Cyber Guardian. We also found that victims identified in national security cyber cases were not informed of their rights as required by the Attorney General Guidelines for Victim and Witness Assistance (AG Guidelines). The FBI plans to replace Cyber Guardian in fiscal year (FY) 2019 with CyNERGY, a new system which may solve some, but not all data quality issues." -- Executive summary.
General Note
Report includes FBI's response to draft audit report.
General Note
GPO Cataloging Record Distribution Program (CRDP).
Citations
APA Citation, 7th Edition (style guide)
United States. Department of Justice. Audit Division. (2019). Audit of the Federal Bureau of Investigation's cyber victim notification process . Office of the Inspector General, U.S. Department of Justice.
Chicago / Turabian - Author Date Citation, 17th Edition (style guide)United States. Department of Justice. Audit Division. 2019. Audit of the Federal Bureau of Investigation's Cyber Victim Notification Process. Office of the Inspector General, U.S. Department of Justice.
Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)United States. Department of Justice. Audit Division. Audit of the Federal Bureau of Investigation's Cyber Victim Notification Process Office of the Inspector General, U.S. Department of Justice, 2019.
MLA Citation, 9th Edition (style guide)United States. Department of Justice. Audit Division. Audit of the Federal Bureau of Investigation's Cyber Victim Notification Process Office of the Inspector General, U.S. Department of Justice, 2019.
Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.
Staff View
Grouped Work ID
7ee6f64b-6e5e-80d2-d067-ad252e108bac-eng
Grouping Information
| Grouped Work ID | 7ee6f64b-6e5e-80d2-d067-ad252e108bac-eng |
|---|---|
| Full title | audit of the federal bureau of investigations cyber victim notification process |
| Author | united states department of justice |
| Grouping Category | book |
| Last Update | 2022-07-13 05:41:45AM |
| Last Indexed | 2024-07-07 00:06:55AM |
Book Cover Information
| Image Source | default |
|---|---|
| First Loaded | Sep 1, 2022 |
| Last Used | May 9, 2024 |
Marc Record
| First Detected | Apr 24, 2019 12:00:00 AM |
|---|---|
| Last File Modification Time | Aug 18, 2021 09:02:39 AM |
MARC Record
| LEADER | 03630nam a2200469 i 4500 | ||
|---|---|---|---|
| 001 | on1098213632 | ||
| 003 | OCoLC | ||
| 005 | 20200317133524.0 | ||
| 006 | m o d f | ||
| 007 | cr nn||||||||| | ||
| 008 | 190424s2019 dcua o f000 0 eng c | ||
| 040 | |a ZCY|b eng|e rda|e pn|c ZCY|d OCLCF|d GPO|d MvI | ||
| 042 | |a pcc | ||
| 043 | |a n-us--- | ||
| 074 | |a 0718-C-01 (online) | ||
| 086 | 0 | |a J 37.2:C 99 | |
| 099 | |a J 37.2:C 99 | ||
| 110 | 1 | |a United States.|b Department of Justice.|b Audit Division,|e author. | |
| 245 | 1 | 0 | |a Audit of the Federal Bureau of Investigation's cyber victim notification process /|c U.S. Department of Justice, Office of the Inspector General, Audit Division. |
| 246 | 1 | |i At head of title:|a Redacted for public release | |
| 264 | 1 | |a Washington, DC :|b Office of the Inspector General, U.S. Department of Justice,|c 2019. | |
| 300 | |a 1 online resource (ii, 48 pages) :|b illustrations | ||
| 336 | |a text|b txt|2 rdacontent | ||
| 337 | |a computer|b c|2 rdamedia | ||
| 338 | |a online resource|b cr|2 rdacarrier | ||
| 500 | |a "Audit Division 19-23." | ||
| 500 | |a "March 2019." | ||
| 500 | |a " ... we examined the FBI's adherence to Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and the FBI Cyber Division Policy Guide 0853pg as well as other related policies." -- Executive summary. | ||
| 500 | |a "The FBI established Cyber Guardian for tracking the production, dissemination, and disposition of cyber-victim notifications which can help victims mitigate the damage caused by cyber intrusions and increase the potential for intelligence collection by the FBI. However, we found that the data in Cyber Guardian was incomplete and unreliable, making the FBI unable to determine whether all victims are being notified. The quality of formal requests for investigative actions, called leads, set for victim notification was inconsistent. In addition, not all agents indexed victims within Sentinel, as required. Together, the inconsistent leads and indexing contributed to some notifications not being tracked property or taking place too long after the attack for the victim to effectively mitigate the threat to its system. Further, the Department of Homeland Security (DHS) -- a partner in using Cyber Guardian --was not entering information into the system as required, contributing to the incompleteness of data in Cyber Guardian. We also found that victims identified in national security cyber cases were not informed of their rights as required by the Attorney General Guidelines for Victim and Witness Assistance (AG Guidelines). The FBI plans to replace Cyber Guardian in fiscal year (FY) 2019 with CyNERGY, a new system which may solve some, but not all data quality issues." -- Executive summary. | ||
| 500 | |a Report includes FBI's response to draft audit report. | ||
| 500 | |a GPO Cataloging Record Distribution Program (CRDP). | ||
| 588 | |a Description based on online resource; title from PDF cover (OIG.JUSTICE.gov website, viewed April 24, 2019). | ||
| 610 | 1 | 0 | |a United States.|b Federal Bureau of Investigation|x Information technology|x Evaluation. |
| 610 | 1 | 0 | |a United States.|b Federal Bureau of Investigation|x Management|x Evaluation. |
| 650 | 0 | |a Management audit. | |
| 650 | 0 | |a Cyberterrorism|z United States|x Prevention|x Evaluation. | |
| 650 | 0 | |a Computer networks|x Security measures|z United States. | |
| 650 | 0 | |a National security|z United States. | |
| 710 | 1 | |a United States.|b Department of Justice.|b Office of the Inspector General,|e issuing body. | |
| 856 | 4 | 0 | |u https://purl.fdlp.gov/GPO/gpo133609 |
| 922 | |a BIBCONEW | ||
| 949 | |a J 37.2:C 99|t x | ||