If you are hacked, a good place to start is the Internet Crime Complaint Center (IC3) created by the Federal Bureau of Investigation (FBI) Cyber Investigations department. The IC3 provides a user incident reporting system and then distributes these reported incidents to appropriate law enforcement. For coordinated domestic responses, FBI Computer Crimes Task Forces which according to the FBI's website "combine state-of-the-art technology and the resources of our federal, state, and local counterpart." When it decides such a response is warranted, the FBI creates an ad hoc Cyber Action Team (CAT) that will “travel around the world on a moment’s notice to assist in computer intrusion cases” and that will “gather vital intelligence that helps us identify the cyber crimes that are most dangerous to our national security and to our economy.” A rapid deployment CAT team can be on the scene just about anywhere in the world within 48 hours. While not Internet fast to stop an ongoing hack, this is the best response available for gathering the identifying forensics on hacker signatures in tools, techniques, and procedures (TTPs).
Internationally, the U.S. Secret Service Electronic Crimes Task Forces focus on identifying and locating international criminals that perpetuate domestic computer-related crimes including: cyber intrusion, bank fraud, and data breaches. The Secret Service runs the National Computer Forensic Institute and trains law enforcement officers, prosecutors, and judges on cyber security. A full duplication of these responsibilities lies in the U.S. Immigration and Customs Enforcement (ICE) Homeland Security Investigations (HSI) Cyber Crimes Center (C3). It also can interact with international law enforcement agencies.
But when these groups take on a cyber-crime case; identifying, catching, and bringing criminals to justice is problematic. New laws are needed to give a jurisdiction to a virtual space. Geographic jurisdiction is very problematic in cases on the borderless Internet, where the perpetrator is remote from the victims and the victims are often legion in number. There are many ways a cyber criminal hides their identity. Most of the time, the best opportunity for punishing the perpetrator is to bring a civil case of property damage or business impairment. Civil awards are also relatively easier to enforce across international borders.
After department proliferation, the next institutional evolutionary step is consolidation of the diverse approaches and the creation of common goals and one universal approach. The creation of new civil infrastructure is slow. New laws must precede the creation of new civil response organizations. Government consolidation has been underway since the creation of the 2008 Comprehensive National Cybersecurity Initiative (CNCI). With its authority, the National Cyber Investigative Joint Task Force (NCIJTF) was established under Presidential Directive. This FBI-led NCIJTF serves as the national focal point for coordinating cyber threat investigations. But in civil institutions, this seems to be stalled.
The U.S. Department of Defense began its consolidation with the creation of Cyber Command as a new branch of the military. The last two administrations have increased coordination in cyber planning and responses, including placing the headquarters of Cyber command right next to the NSA campus. NATO is following suit. In a statement made in July 2016, Allies reaffirmed NATO's defensive mandate and recognized cyberspace as a domain of operations in which NATO must defend itself as effectively as it does in the air, on land and at sea.” Under the North Atlantic Council’s political oversight, the Cyber Defense Committee leads political governance of cyber defense. NATO Computer Incident Response Capability (NCIRC) Technical Centre provides the technical cyber security services; mostly this is disseminating information, but it has the responsibility "to respond" in any cyber aggression against the Alliance. It potentially could be leveraged for cyber war. NATO stepped up to cyber defense cooperation with the European Union in February 2016.
While the military is on track, the European Union and the U.S. government are way behind in such a consolidation. Common policy creation is even worse. In the USA, this seems to rely on NIST, but frankly the NIST security standard’s papers are still primitive. What is needed in the USA is a consolidated national agency-level organization with its own cabinet post. Or an agency re-tasking, such as directing the NSA resources away from domestic data collection and towards protecting infrastructure. But it is not likely to happen.
This does apply to you. While better than most companies, ICT providers still get surprised by how much of their networks are compromised. Start at home. For example, you can begin by developing a corporate and personal policy to encrypt all sensitive emails. In the end, security comes down to you.