So, Epicor has created a Cyber Security Hub. I was expecting something different as this is a marketing site for their security suite and SaaS product.
It also includes the talk that Rich Murr gave at Insights and later recorded for webinars. In it he mentions that the FBI wouldn’t be interested in your “encryption incident”, as they are called recently. He’s not wrong in that they won’t help you, but I have heard recently the FBI on a podcast asking companies to build a relationship with the local FBI office and to let them know if you do have an incident.
From Cyber Crime — FBI
I’ve been filing Epicor Ideas related to security, but one was closed because it wasn’t the proper channel to discuss these kinds of things. I don’t disagree. Epicor Ideas is probably not the right place.
What would a good Security Channel look like? How can this be done responsibly?
Are there good examples with other software providers others have used?