Pub15-2020-2021-Issue5

WWW.NEBANKERS.ORG 14 In his career, Bob has also worked on cyber-crime investigations as well as public corruption, white collar, and financial criminal and civil investigations. Bob has been both a certified computer forensics examiner and an accounting forensics investigator. He has testified numerous times as a fact witness in criminal trials and before grand juries, and drafted expert reports for both accounting and computer investigations. Bob has been a member of the Association of Certified Fraud Examiners and the Heartland ACFE for 12 years. During that time, he has served as a Director for the local board and as a member of the editorial advisory committee for the ACFE’s “Fraud Magazine”. He is also a Certified Public Accountant (CPA) and a member of the Nebraska Society of CPAs; Certified Information Systems Security Professional (CISSP); Certified in Financial Forensics (CFF); Certified Fraud Examiner (CFE); and AccessData Certified Examiner (ACE). But there are actions an organization can take to minimize the effect and cost of a hack. To protect themselves, OFAC encourages organizations to perform a risk-based analysis and keep regular backups to protect themselves from ransomware. Secure, offline backups are the key to recovering from ransomware attacks. Perform due diligence on the threat actors before payment. Notify and cooperate with law enforcement. This includes knowing who to contact and how to contact law enforcement. Institute and maintain a risk-based compliance programwhich includes a management commitment, risk assessments, internal con- trols, auditing and training. The key to dealing with ransom- ware is planning – have a plan based on a risk-based approach and practice, practice, practice that approach.  COUNSELOR’S CORNER — continued from page 13 organization from unknowingly violating the sanctions. As OFAC states, a violation of the sanctions is a strict liability crime and does not require knowledge that someone is on the list; the payment to someone on the SDN list is a violation. Finally - and this may be the most important part of the memo - OFAC highly encourages the cooperation with law enforcement and investigative officials. The cooperation with law enforcement will be considered a “significant mitigating factor.” OFAC will also consider the “full and timely cooperation … a significant mitigating factor when evaluating possible enforcement outcome.” During a pre- sentation regarding this memo by members of the Department of Justice and the Department of Treasury, the presenters were quick to point out that no companies have been prosecuted for paying a ransom to a threat actor on the SDN list, but cooperation with law enforcement will ensure your organization is not the first. Planning Ahead According to Robert Mueller there are two kinds of compa- nies; those that have been hacked and those that are about to be hacked. And according to the Cisco CEO John Chambers, there are two kinds of companies; those that have been hacked and those that don’t know it yet. Given the recent hack of FireEye through the compromise of SolarWinds, there are most likely many companies that have yet to know that they have been com- promised. As the analysis continues on the scope of the attack, there will be many more organization filing breach notifications. Bob Kardell, Attorney, Baird Holm LLP Halle Hayhurst, Law Student and Summer Associate, Baird Holm LLP Lyle Haugen celebrated his 55th work anniversary at Security National Bank of Omaha on January 20, 2021. He started in the consumer loans department when the bank was only two years old, working his way to become President in 1982. Lyle has served as the bank’s Vice Chairman of the Board for 30 years. “My greatest achievement is helping people start businesses and fostering customer relations. This is a great place to work. I have truly enjoyed my time here.” —Lyle Haugen Congratulations Lyle Haugen Security National Bank 1120 S. 101 St . Omaha, NE 68124 402-344-7300 or 1-844-SNB-1964 SNBconnect .com