informed decisions about how to protect their organisations. But our primary remit is to catch cyber criminals.
CSE: Does that mean you also proactively oppose cyber attackers?
BR: What we want to do in the law enforcement space is simple: to stop cyber attacks recurring by catching the people behind them. That applies both inside and outside targeted organisations. So if there’s an insider threat, for instance, we want to stop a rogue employee – or employees – from moving to another company and repeating their attacks.
CSE: Some commercial entities will (perhaps understandably) have a concern about the wider impacts of being the target of a cyber attack should the news get out.
BR: Some companies can be nervous about what it means to work with law enforcement – and we understand that. We do want to help protect them, and do that in a way that’s sensitive to confi dentiality. But we need to know something about their internal processes to do that. There are misconceptions around how law enforcement operates, and also around what it means to support law enforcement in a cyber investigation.
CSE: What sort of misconceptions? BR: Well, we’re not going to walk into an organisation that’s been breached and wrap ‘DO NOT CROSS LINE’ tape around their servers that could be running line-of- business applications. Nor are we going to unilaterally release information about an attack to the media, which I suspect is another concern that some companies
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53
