On April 27, 2016, Waller hosted the Middle Tennessee InfraGard Members Alliance’s Incident Response Briefing. The presenters highlighted increasing cybersecurity risks and the need for a proactive, coordinated approach to limit the impact of cybersecurity compromises.
InfraGard is a partnership between the FBI and the private sector dedicated to sharing information and intelligence to prevent hostile acts against the United States. The presenters included Jared Myers, an incident responder for RSA, FBI Special Agents Scott Augenbaum and Victor Rodriguez, news anchor Jennifer Johnson, InfraGard Board Member Dan Wittig, and Waller attorney Robb Harvey.
In his presentation, Myers described current trends in cyberattacks and pointed out that most attacks follow the same script: get in, get credentials, and get data out. More cyber security technology, by itself, will not be effective in preventing cyberattacks. Instead, the private sector needs to employ “adaptive hunting” techniques—a process that involves determining the normal activity of a business’ information technology system and looking for and isolating abnormal activity.
The presenters then participated in a panel discussion concerning the proactive steps that a business should take to limit its cyber security risk. The panel agreed that a business should have an incident response plan in place and that it should regularly run drills to train incident responders and to identify improvements to the incident response plan. Additionally, an incident response plan should be more than just an information security program. To be effective, it should address all of the disciplines that shape a response to a cyberattack, including legal, crisis management, and finance.