Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

FBI's Freese Shares Risk Management Tips

Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.

Confusion over the definitions of "threat" and "risk" exist when IT security teams talk to members of the executive suite. One strategy security professionals may consider is approaching the discussion from a business perspective instead of leading with fear, said Don Freese, deputy assistant director with the FBI's information technology branch.

Freese, who served as a keynote speaker Monday at the ISC(2) Security Congress convention in Austin, Texas, noted that risks are measurable, providing that companies practice good security hygiene, such as logging network activity and taking inventory of the data that the enterprise possesses.

In addition to those best practices, Freese also advised IT security leaders to consider the industry that they operate in and the type of data that would be desired by cybercriminals or nation-states. That assessment would help provide a framework for the potential intent of the attackers and the magnitude of the impact to the company's business.

And while companies may prefer to horde as much information as possible on customers - to use for driving sales - Freese cautioned against this practice.

"The more data you keep, the more ways an actor can come after you," he said.

Calling on the FBI

If a company suspects a nation-state has launched a cyberattack against their organization, they can work with the FBI in a confidential manner, Freese said. And the type of information that will help the FBI in its investigation are strong data metrics, such as incident logs and data that shows activity trends for at least a three-year period, he advised.

Recent trends in nation-state activity that concern Freese are an expanded role these entities are adopting. Although intelligence gathering is the tradecraft of nation-states, these players are taking coding, technology, and social engineering to new levels and morphing into cybercriminals as well, he added.

For example, the FBI has noticed nation-states are using malware sniffers to see how the federal agency will react, depending on which industry is poked, Freese said. While not much is going beyond the sniffing, the FBI is aware criminal intent is behind these actions, he added.

In addition to stressing the importance of building relationships with customers, vendors, and employees, Freese also noted companies may want to take the initiative and get to know the agents at their local FBI office before a cyberattack ever hits.

"Going to the field office is one first step," Freese said. "We are very relationship oriented."

But it takes more than just one visit to develop a relationship, he said. Consistently meeting with the agency to develop trust and respect between the parties is the best tack.

Related Content:

 

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...