FBI Lessons on Fighting Cybercrime: Enter the Cyber Warriors

Invest in intelligence

“COVID-19 has dramatically changed the way we work,” Harrington says. “Most companies were not prepared for this transition.”

Companies spent millions of dollars to secure their office computers, but now are faced rapidly trying to shore up home systems for remote workers. “This crisis is helping accelerate new approaches to cybersecurity and moving us ahead rapidly,” he believes. “Unfortunately, if you don’t stay current on these improvements, you have a growing risk of becoming an early victim to our adversaries.”

It's crucial to have an "intelligence-led" approach, he suggests. Most large corporations have invested in the creation of cyber-intelligence resources, he notes, hiring intelligence analysts to work in-house.

Yet “intelligence without action has little value,” he warns. “Intelligence should help to influence decisions made by cybersecurity professionals and our business leaders,” and CEOs should have regular briefings on cyber threats, challenges, and investment opportunities.

Fighting back

Combatting these threats requires brutal honesty. “The adversaries we face are ever-adapting; they are flexible, agile, and only need to be right once to enjoy success. We, on the other hand, must be perfect in our defence or we are judged as failing,” he warns. Organisations must bluntly assess every possible weak spot to be prepared.

Teamwork is imperative, and not just in the cyber division. “We face adversaries that are well-networked; therefore, the only way to meet this challenge is to create our own trusted networks.” This includes all parts of an organisation, and outside peers as well. Leaders should seek to work with ISACS, Infraguards, and CISCP organisations. 

Speed is more important than ever, he warns. “My 30 years at the FBI taught me that adversaries are early adopters of technology. Going back to the 1920s, the bad guys adopted new technology like machine guns and new fast cars to give them an advantage. They will always embrace new technology to give them the upper hand over their victims who are slow to evolve.” 

This means that cyber teams must innovate and anticipate change. Risk taking must be rewarded, he adds.

Enter the Cyber Warrior

Given the scale of the challenge, there must be strong leadership of cyber teams. Harrington calls for the concept of a “cyber warrior”, which notes that: “This is not a 9 to 5 job. It is a professional career, and when challenged, they don’t want to be beaten. They are disciplined in their approach and confident in their preparation.”

The CISO leads these troops, he says, but the CEO and the Board of Directors should also play their part. In particular, there should be opportunities for lifelong training and upskilling to battle the constant attacks. “Cyber leadership today must include a focus on talent acquisition and development, foster a strong teamwork atmosphere, and ensure technology tools support mission success,” Harrington believes.

Some of the most important roles include skilled security architects, security engineers specialising in software and digital transformations, and forensic analysts, penetration testers, and senior leaders who share a strategic view of the future, he says.

Ultimately, today’s cyber-leaders cast a large shadow. “Everyone is watching. Their commitment, their energy level, their integrity, and their loyalty are all being seen and evaluated by their team and those they come in contact with daily,” Harrington says.

“It needs to be a very positive shadow.”