Thursday August 9th, 2018

The Wild Wild World of Spies and Cyber Crime

Tom Gobeille

At the August CEOtoCEO breakfast, Tom Gobeille of Network Computing Architects and two members of the FBI cyber task force asked business owners one important question: “Does your business know what to do in response to a cyber attack?” Cyber attacks on businesses of any size are growing in quantity as well as in scope. It’s not just large companies with massive amounts of data who are targeted. It’s also small businesses, individuals, even entire nations. And the consequences of an attack aren’t as simple as many might think. Aside from the headache, there is massive financial loss that too often accompanies a cyber breach, stemming from loss of business, intellectual property theft, mitigation service expenses, and business disruption.

So what can you do to protect your business?
Gobeille and the FBI agents offered some key insights, providing an overview of the past, present, and future states of cybersecurity, as well as what measures you can take to keep your business and customers safe in the rapidly changing cyber landscape. Chief among those measures is an Incident Response Plan (IRP). Like a fire drill, an IRP can be simple. It includes the action steps to be taken and allocates responsibilities in the moments during or following an attack. Strong and organized leadership in these moments demonstrates to all employees and everyone involved in the IRP that there is a plan in place to handle these types of events

The main concerns that need to be addressed when forming an IRP are:

  • Defining the tasks and responsibilities needed to respond to an event.
  • Defining the time in the process to notify law enforcement.
  • Determining how much responsibility can be delegated to employees or outside professionals.

An IRP is just like a fire evacuation procedure. A regular, monthly cyber drill that engages your employees and teaches them the appropriate response is the only way to give your employees the confidence to follow the plan. In addition, the panel of speakers offered some basic “Do’s and Don’ts” in responding to an attack. For example:

  • Do—Preserve the scene of the crime. Do not turn off the breached computer so law enforcement can do thorough forensic analysis on the machine as it’s running.
  • Do—Disconnect the breached system from the network.
  • Do not—Make any broad internal or external communications about the event on the network. Attackers can use that information to plan their next steps.
  • Do not—Panic. Instead, project a calm demeanor, and follow your IRP so you can provide clear information to law enforcement.

Their most imperative word of advice, however, is even more simple. Business owners cannot ignore this threat and need to learn the risks and consequences of a cyber attack. The IRP will help companies ask the right questions and be prepared to protect their business. The buck cannot be passed to a CTO or an IT department. Rather, cybersecurity, like many other parts of any business, affects everyone in the work place from the executive suite down. For additional reading, the FBI agents provided the following resources

Cyber Crimes:

All other Federal crimes, including terrorist threats,
counterintelligence concerns:

Compliance with Respective State Regulations on Disclosure:
RCW 19.255.010     RCW 42.56.590

Counterintelligence and Intellectual Property:

To learn more about Tom Gobeille and Network Computing Architects,
you can visit:

Our Sponsors:

Network Computing Architects
KIRO Radio 97.3 FM
Clarity Financial Advisors
Seattle Business Magazine