Thursday August 9th, 2018

The Wild Wild World of Spies and Cyber Crime

Tom Gobeille

At the August CEOtoCEO breakfast, Tom Gobeille of National Computing Architects and two members of the FBI cyber task force asked business owners one important question: “Does your business know what to do in response to a cyber attack?” Cyber attacks on businesses of any size are growing in quantity as well as in scope. It’s not just large companies with massive amounts of data who are targeted. It’s also small businesses, individuals, even entire nations. And the consequences of an attack aren’t as simple as many might think. Aside from the headache, there is massive financial loss that too often accompanies a cyber breach, stemming from loss of business, intellectual property theft, mitigation service expenses, and business disruption.

So what can you do to protect your business?
Gobeille and the FBI agents offered some key insights, providing an overview of the past, present, and future states of cybersecurity, as well as what measures you can take to keep your business and customers safe in the rapidly changing cyber landscape. Chief among those measures is an Incident Response Plan (IRP). Like a fire drill, an IRP can be simple. It includes the action steps to be taken and allocates responsibilities in the moments during or following an attack. Strong and organized leadership in these moments demonstrates to all employees and everyone involved in the IRP that there is a plan in place to handle these types of events



The main concerns that need to be addressed when forming an IRP are:

  • Defining the tasks and responsibilities needed to respond to an event.
  • Defining the time in the process to notify law enforcement.
  • Determining how much responsibility can be delegated to employees or outside professionals.


An IRP is just like a fire evacuation procedure. A regular, monthly cyber drill that engages your employees and teaches them the appropriate response is the only way to give your employees the confidence to follow the plan. In addition, the panel of speakers offered some basic “Do’s and Don’ts” in responding to an attack. For example:

  • Do—Preserve the scene of the crime. Do not turn off the breached computer so law enforcement can do thorough forensic analysis on the machine as it’s running.
  • Do—Disconnect the breached system from the network.
  • Do not—Make any broad internal or external communications about the event on the network. Attackers can use that information to plan their next steps.
  • Do not—Panic. Instead, project a calm demeanor, and follow your IRP so you can provide clear information to law enforcement.


Their most imperative word of advice, however, is even more simple. Business owners cannot ignore this threat and need to learn the risks and consequences of a cyber attack. The IRP will help companies ask the right questions and be prepared to protect their business. The buck cannot be passed to a CTO or an IT department. Rather, cybersecurity, like many other parts of any business, affects everyone in the work place from the executive suite down. For additional reading, the FBI agents provided the following resources



REPORTING A FEDERAL CRIME:
Cyber Crimes

www.ic3.gov
www.fbi.gov/investigate/cyber
www.dhs.gov/topic/cybersecurity
www.nist.gov/topics/cybersecurity
www.sans.org/security-resources

All other Federal crimes, including terrorist threats, counterintelligence concerns
tips.fbi.gov

Compliance with Respective State Regulations on Disclosure
RCW 19.255.010
    RCW 42.56.590

Counterintelligence and Intellectual Property
www.fbi.gov/investigate/counterintelligence
www.iprcenter.gov
www.invntip.com
www.ipcommission.org

Our Sponsors:

UnitedHealthcare
AristaPoint
Network Computing Architects
KIRO Radio 97.3 FM
Clarity Financial Advisors
Seattle Business Magazine
Pacific Capital Resource Group
Ryan Swanson Lawyers
Asure Consulting