FBI Cyber Readiness, Outreach, and Intelligence Branch Deputy Assistant Director Tonya Ugoretz stressed at today’s MeriTalk Cyber Security Brainstorm that robust and resilient Federal cybersecurity requires collaboration across agencies and non-government partners.
“When we look left and right at our partners, we see a variety of different authorities, priorities, and capabilities, both offensive and defensive, woven together, that create a fabric that is more resilient together than if we were any one entity looking to solve what are complex problems that have no linear solution,” Ugoretz said.
The FBI is in the middle of this cooperative fabric, Ugoretz added, tying together the Departments of Homeland Security and Defense, intelligence community, local governments, and the private sector by using its access, authorities, and capabilities to strengthen the FBI’s and other agencies’ abilities to combat cyber threats. Ugoretz said that the connective role the FBI plays contributes to the collaborative approach she urges in Federal cybersecurity.
Ugoretz said that engagement and cooperation with victims of cybercrimes – particularly ransomware, which Ugoretz said has become a leading source of cybercrime in the United States – is also important to the FBI’s work in attributing and indicting cyber criminals and deterring future attacks.
“Every infection … has the potential to provide a critical building block of information that enables us to identify who’s responsible, how the activity’s being done, and how to stop it,” she said. “That’s why having that engagement with victims – their cooperation, their willingness to work with us, even as their mitigating the effect of an incident – is so critical.”
Ugoretz used the SamSam ransomware response as an example of cooperation between the FBI and victims, the overseas cybersecurity community, and virtual currency experts to track the individuals behind the ransomware campaign.
The work the FBI and its partners did in responding to the SamSam event required work in law enforcement response, evidence collection, victim support, intelligence, and information access from partners to hold the attackers accountable. This incident, Ugoretz explained, is a key example of why collaboration is critical to Federal cyber incident responses.
“The way the FBI is looking at things, cyber threats can’t be confronted by any one organization alone,” Ugoretz said, adding that “Instead, we have to continue to strengthen and build on this woven fabric we have composed of entities with different authorities, priorities, and capabilities, sewn together with those trusted relationships … if we’re to fully understand and combat the threat.”
She urged the room of attendees to consider the place they each play in the fabric of the cybersecurity community and to consider how they can better partner with other to help their own and other teams combat cyber threats.