FBI Director: We Can’t Close All Vulnerabilities, We Must Identify and Deter Attackers

Robert Muller shares some insight at the RSA Conference

  FBI Director Robert Muller
Speaking at the 2013 RSA Conference in San Francisco, FBI Director Robert Muller explained that the partnership between government agencies and private industry must be strengthened, also saying that a new approach is needed in the effort to combat cybercrime.

Speaking at the 2013 RSA Conference in San Francisco, FBI Director Robert Muller explained that the partnership between government agencies and private industry must be strengthened, also saying that a new approach is needed in the effort to combat cybercrime.

Muller has highlighted the fact that after 9/11, the FBI has been trying to fight terrorism by identifying and disrupting terrorist threats.

“This has been the mindset at the heart of every terrorism investigation since then, and it must be true of every case in the cyber arena as well,” he noted.

“For two decades, corporate cyber security has focused principally on reducing vulnerabilities. These are worthwhile efforts, but they cannot fully eliminate our vulnerabilities. We must identify and deter the persons behind those computer keyboards,” Muller said.

“And once we identify them—be they state actors, organized criminal groups, or 18-year-old hackers—we must devise a response that is effective, not just against that specific attack, but for all similar illegal activity.”

According to the FBI director, the idea that better defenses are sufficient should be abandoned and replaced with the approach that’s been applied to countering terrorism.

“Instead of just building better defenses, we must build better relationships. If we do these things, and if we bring to these tasks the sense of urgency that this threat demands. I am confident that we can and will defeat cyber threats, now and in the years to come,” he added.

Muller provided several positive examples of organizations that facilitate collaboration between the government and the private sector.

The examples include the National Cyber Investigative Joint Task Force, which comprises 19 agencies, the National Cyber Forensics and Training Alliance, which has over 80 industry partners, and the Domestic Security Alliance Council, which includes chief security officers from more than 200 companies.

Comments