FBI Director James Comey wants to see private businesses report data breach incidents and other detected cyber intrusions directly to the Bureau more than they are already doing so.
“All the information, all the evidence we need, sits in private hands in the United States and that is a wonderful thing,” Comey said, speaking at Symantec’s Government Symposium conference Tuesday.
“We have discovered that the majority of our private partners do not turn to law enforcement when they face an intrusion. And that is a very big problem,” Comey said. “It is fine to turn to one of the many excellent private sector entities that will help with attribution and with remediation — that’s good. But we have to get to a place where it is routine for people who are victimized to turn to us for assistance.”
Comey reiterated what he described as important and necessary cooperation needed between the private sector and FBI so as to improve the mitigation and response process following a data breach.
This working partnership, Comey told the D.C. crowd, will help deter future cyber attacks and better prepare all parties for new threats from a variety of actors.
“We know your primary concern is getting back to normal when you run any type of enterprise, especially a for-profit business. But we need to figure out who is behind that attack and it is in your interest … you’re kidding yourself if you think that problem is going to go away and not return to re-victimize you,” said Comey.
The FBI director explained that the Bureau’s strategy to increase cooperation will center on four missions: partner outreach and education, establishing trusted relationships, working to minimize the disruption felt by both a company’s employees and customers, and keeping all investigations private by securely holding and not disclosing internal enterprise data publicly.
“It is important for you to include the FBI in your risk assessment plan,” Comey said, “you spend a lot of time, no matter where your facility is, making sure that the fire department has a basic understanding of the layout of your building so that in the case of a disaster they can save lives. I suggest you do the same with respect to your cyber threat and risk assessment plan.”
Trust is a key element in establishing any positive, working relationship, Comey said, and the FBI would like to prove they’re trustworthy.
“If you’re a CISO in private enterprise and you do not know someone at every regional FBI office where you have a significant presence then you’re not doing your job well enough,” said Comey, “our people are waiting for those phone calls to build those relationships.”