CIO Magazine, FBI And Secret Service Announce New Cyberthreat Reporting Guidelines For Businesses

FRAMINGHAM, MA – FEBRUARY 12, 2002 – Today, the first set of national Cyberthreat Response and Reporting Guidelines jointly sanctioned by the Federal Bureau of Investigation (FBI) and the United States Secret Service (USSS) was unveiled to the nation's CIOs (chief information officers). Four months ago, CIO magazine requested the FBI and USSS help create and standardize a process for businesses to report cybercrime and security breaches to law enforcement authorities.


The CIO Cyberthreat Response & Reporting Guidelines provide step-by-step information on how businesses should plan and respond to attacks on their information systems, including worms, viruses, hacks and other breaches. The guidelines advise CIOs and business leaders to establish a relationship with law enforcement today, before their next attack happens. The document also provides suggested points of contact, as well as an easy-to-follow report form detailing the initial information law enforcement needs to investigate.

The FBI and USSS share federal jurisdiction for investigating and prosecuting cybercrime across state lines. Law enforcement's ability to identify coordinated efforts by cybercriminals is directly tied to the amount of reporting that takes place. Historically, reported cyberattacks are those of great magnitude such as the Code Red virus.

The need for cyber reporting guidelines came to the forefront at a CIO magazine conference in October 2001 when a United States Attorney addressed CIOs on law enforcement post 9/11 and the need for businesses to report cybercrime to officials. A member of the audience said his company was suffering thousands of attacks a month and asked which attacks to report and where to send the information.


Following the CIO Conference in October 2001, CIO magazine editor in chief Abbie Lundberg identified the need for creating cybercrime-reporting standards. The government and public relations arm of CXO Media Inc. (publisher of CIO magazine) initiated discussions with the FBI and USSS on creating such guidelines for reporting cyberthreats and attacks. A select team of industry advisors and law enforcement officials was brought together to develop project goals, logistics, resources and a reporting template for businesses to follow. A larger team of experts reviewed and tested the guidelines before they were turned over to the FBI and USSS for review, validation and authorization. A complete copy of the CIO Cyberthreat Response & Reporting Guidelines is available at

About CIO Magazine

CIO magazine (launched in 1987) is published by CXO Media Inc. CXO Media serves CIOs, CEOs, CFOs, COOs and other corporate officers who use technology to thrive and prosper in this new era of business. The company strives to enhance partnerships between C-level executives, as well as create

opportunities for information technology (IT) and consumer marketers to reach them. In addition to publishing CIO, CXO Media produces, The CIO Insider, Darwin magazine and, as well as CIO and Darwin Executive Programs, a series of conferences that provide educational and networking opportunities for corporate and government leaders. CXO Media Inc. is a subsidiary of IDG, the world's leading technology media, research and event company.