Articles

“Why is the FBI here?” and reporting controversies 2021

“Why is the FBI here?” employees may wonder as an organization grapples with the fallout from a data breach. The FBI seeks to mitigate all threats to the American public, including cyber threats. The FBI prioritizes the investigation of high-level intrusions, state-sponsored hacks, and those involving international cyber crime syndicates. In short, the FBI has played a significant role in the fight against cyber crime.

However, the FBI might be sidelined in emerging cyber security legislation, according to Politico. The absence of America’s most powerful law enforcement agency from the cyber crime scene has officials concerned.

Who is right and who is wrong, if anybody?

The Biden administration is “troubled” by legislation poised to exclude the FBI from cyber security investigations, Brian Vordran, assistant director to the FBI’s Cyber Division, stated in congressional testimony. At present, legislation pertaining to incident reporting “fails to recognize the critical expertise and role that DOJ, including the FBI, play…” he continues.

The Biden administration’s dismay regarding the exclusion of the FBI from cyber security incident reporting throws a wrench into expediting security efforts. Legislators want to get this bill passed quickly and here’s why…

The annual defense bill

After a year of high-profile ransomware attacks, experts and legislators alike are eager to move forward with legislation that would improve incident reporting. The nation’s most important companies and infrastructure groups, says the Biden administration, should be subject to mandated security incident reporting.

At present, the House’s annual defense bill describes how critical infrastructure operators and federal defense contractors are expected to handle cyber security events, should they occur. These instructions are also expected to make it into the Senate’s version of this bill. These new reporting regulations might be the beginning of sweeping cyber security changes for private entities.

“The earlier that CISA, the federal lead for asset response, receives information about a cyber incident, the faster we can conduct urgent analysis and share information to protect other potential victims,” stated CISA Director Jen Easterly in September.

FBI and threat response

CISA and the FBI play complementary roles when it comes to incident management, and incident reports need to be delivered and analyzed quickly in order for organizations to pursue optimal mitigation tactics. Advocates argue that the FBI needs to continue evaluating incident reports. Further, mandatory incident reporting to FBI offices could prove beneficial.  At the same time, it’s unclear as to whether the private sector would chafe against a mandate to report incidents to the FBI.

Says Representative Yvette Clarke (D-NY) “…ultimately, we believe that CISA… should lead the federal government’s cyber incident reporting program.”

In summary

“Why is the FBI here?” is a question that lawmakers are asking this week. Does the FBI need to receive security incident reports of cyber incidents or should the FBI focus on other efforts?

Updates to this story will be made as more information becomes available. For more insights into US cyber security initiatives, click here. Lastly, get exclusive tech, cyber security and business stories when you sign up for the CyberTalk.org newsletter.

Back to top button