LEADER 03326oam  2200469   450 
001 9910713078503321
005 20200317133524.0
035   $a(CKB)5470000002499415
035   $a(OCoLC)1098213632
035   $a(EXLCZ)995470000002499415
100   $a20190424d2019      ua             0
101 0 $aeng
135   $aurnn|||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aAudit of the Federal Bureau of Investigation's cyber victim notification process /$fU.S. Department of Justice, Office of the Inspector General, Audit Division
210  1$aWashington, DC :$cOffice of the Inspector General, U.S. Department of Justice,$d2019.
215   $a1 online resource (ii, 48 pages) $cillustrations
300   $a"Audit Division 19-23."
300   $a"March 2019."
300   $a" ... we examined the FBI's adherence to Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and the FBI Cyber Division Policy Guide 0853pg as well as other related policies." -- Executive summary.
300   $a"The FBI established Cyber Guardian for tracking the production, dissemination, and disposition of cyber-victim notifications which can help victims mitigate the damage caused by cyber intrusions and increase the potential for intelligence collection by the FBI. However, we found that the data in Cyber Guardian was incomplete and unreliable, making the FBI unable to determine whether all victims are being notified. The quality of formal requests for investigative actions, called leads, set for victim notification was inconsistent. In addition, not all agents indexed victims within Sentinel, as required. Together, the inconsistent leads and indexing contributed to some notifications not being tracked property or taking place too long after the attack for the victim to effectively mitigate the threat to its system. Further, the Department of Homeland Security (DHS) -- a partner in using Cyber Guardian --was not entering information into the system as required, contributing to the incompleteness of data in Cyber Guardian. We also found that victims identified in national security cyber cases were not informed of their rights as required by the Attorney General Guidelines for Victim and Witness Assistance (AG Guidelines). The FBI plans to replace Cyber Guardian in fiscal year (FY) 2019 with CyNERGY, a new system which may solve some, but not all data quality issues." -- Executive summary.
300   $aReport includes FBI's response to draft audit report.
517 1 $aRedacted for public release
606   $aManagement audit
606   $aCyberterrorism$zUnited States$xPrevention$xEvaluation
606   $aComputer networks$xSecurity measures$zUnited States
606   $aNational security$zUnited States
615  0$aManagement audit.
615  0$aCyberterrorism$xPrevention$xEvaluation.
615  0$aComputer networks$xSecurity measures
615  0$aNational security
712 02$aUnited States.$bDepartment of Justice.$bOffice of the Inspector General,
801  0$bZCY
801  1$bZCY
801  2$bOCLCF
801  2$bGPO
906   $aBOOK
912   $a9910713078503321
996   $aAudit of the Federal Bureau of Investigation's cyber victim notification process$93353555
997   $aUNINA