November 28, 2022

What is the secret sauce for this fight? Recently, government leaders from DHS, FBI, IRS, and Secret Service compared notes at the recent ACT-IAC Homeland Security and Law Enforcement forum. Each Cyber Crime panelist said it a little differently, but the secret sauce they agreed upon is innovation in leadership and sustained collaboration across agencies and partners. Panelists were Tracy Cormier, DHS, Assistant Director, Cyber & Operational Technology; Shawn Devroude, FBI, Deputy Assistant Director, Cyber Division; Jarod Koopman, IRS, Acting Executive Director, Cyber & Forensic Services; and Dave Smith, U.S. Secret Service, Assistant Director, Office of Investigations.

Moderator Gregg Garrett, Peraton, VP, Cybersecurity, set the stage with data from the SONICWALL - Mid-Year 2022 Global Cyber Threat Report.

• 132% Increase in cyberattacks on encrypted data
• 77% Increase in cyberattacks on Internet of Things (IoT) devices
• 30% Increase in crypto-jacking cyberattacks
• 19% Increase in cyber intrusion attempts = 3 trillion intrusion attempts (January-June 2022)
• $6 Trillion in estimated global damages from cybercrime in 2021 (Source: Cybersecurity Ventures, 2022)

Are we nervous yet? How can we not be?

The panelists and their organizations clearly valued their collaborations and partnerships. Collaborations mentioned came in many flavors, including:

-Pursue “borderless” law enforcement and other initiatives. Cyberattacks are increasingly borderless and so too must be the responses. Panelists agreed on the need to expand global and US law enforcement and other collaboration, for example, to “follow the money” (including digital assets).

-Work with the private sector to increase reports and resolutions. Actions and innovations the IRS is implementing in partnership with DHS, FBI, and CISA help small businesses to enhance their cybersecurity education, training, and cyber defense to increase cyber resilience.

-Harmonize responsibilities. This coordination is facilitated by joint cyber operations and multi-partner Task Forces that include those working in DoD and the Intelligence community, or those outside of the law enforcement community.

-Deploy cyber innovations, training and awareness. For example, DHS is deploying cyber technology innovations including cyber auto incident response automation with AI/ML, continuous diagnostics and monitoring (CDM), and advanced data analytics to improve cyber incident response time.

-Share and publish best practices. One example cited was using behavior-based analytics as a low-cost, high-yield approach that could be collaboratively pursued.

-Improve de-confliction. Coordinate across government agencies regarding “cyberattack targets” as well as tactics, techniques, and procedures (TTPs).

It was said in many ways that the most important innovation is in collaboration so that cooperation is less reliant on the strength of will and leadership, and increasingly formalized and institutionalized.

Authors:

Judy Douglas, Peraton, Client Industry Executive; NAPA Fellow; IAC Executive Committee Member, ACT-IAC Collaboration Council Co-Chair, and ACT-IAC Innovators’ Circle Member and past Chair

Gregory A. Garrett, Peraton, Vice President, Cybersecurity; Cyber Crime Panel Moderator, Homeland Security and Law Enforcement Forum