Howard Marshall, deputy assistant director of the cyber division at the Federal Bureau of Investigation (FBI), said Thursday at MeriTalk’s Akamai Government Forum that the bureau is taking a proactive approach to defending and apprehending when it comes to cyber criminals.
“We’re not waiting for the cyber 9/11 to happen,” Marshall said. “We went ahead a couple years ago and started instituting task forces in all 56 of our field offices.”
He said that the main criticism of the bureau that came out of the 9/11 attacks was that the FBI only had two joint terrorism task forces at the time. On the cyber front, resources are being provisioned ahead of time to quickly respond to incidents whenever they occur.
In addition to cyber task forces in all 56 field offices, the bureau has 400 resident agencies–smaller satellite offices that report into the field offices.
“It allows us the opportunity to respond literally within a matter of hours to almost any corner of the United States,” Marshall said. “If and when these major intrusions and significant breaches happen, we have people that are no more than a two or three-hour drive away from any part of the United States.”
He provided context that shows just how important cyber threat prevention is to the FBI. With some 13,500 FBI agents in total – a number that might seem large – that still only correlates to about one agent for every 29,000 Americans, Marshall said.
That breakdown further highlights the importance of the bureau’s resource allotment when you consider that it has established legal attaché programs in foreign countries where agents collaborate to sniff out criminals and nation-state actors.
“In none of these places do we have true enforcement authority,” Marshall noted. “But if we do our jobs well and we develop relationships with the host country law enforcement intelligence services, we utilize those authorities, or we ask them to work something with us jointly, and then we return the favor here in the United States.”
The cyber division takes advantage of that program, with 17 different cyber assistant legal attachés deployed to U.S. embassies across the globe.
“Our legal attaché program is designed to help us to develop the relationship with the host country’s services, so we can respond to instances of crime in the United States that emanate from other parts of the world.”
On the intelligence side, Marshall discussed the FBI footprint within like-minded agencies such as the National Security Agency and Department of Homeland Security for the purposes of gathering intelligence. But it doesn’t stop with government agencies, as Marshall contended that private sector employees dealing in cyber may have even better threat intelligence. Partnership on all fronts becomes key, he said.
“We’ve married up our outreach efforts with our intelligence efforts, and we’re as proactive as we can be,” he said. “If we can identify through all of our collection where our gaps are, we can find those people out there that have that information and work with them. Conversely, if we have stuff that we can declassify and push out that may make your jobs as cyber defenders easier, we want to do that.”