News sources quoted from: FBI National Press Office
Media www.rajawalisiber.com – FBI Special Agent Brett Yeager has seen the cyber fight from nearly every side. Time in the military, the FBI, the intelligence community, and in the private sector has improved his understanding of how different organizations see and respond to the cyber threat. His range of experiences has also heightened his appreciation for the work of the FBI’s Cyber Division—so much so that he decided to return to the Bureau after leaving for a corporate position.
Yeager entered the FBI in 2009. As a military veteran with a degree in electrical engineering, he saw the FBI as a way to continue to serve his country and a great opportunity to combine law enforcement and complex problem solving.
Assigned to a cyber squad within the FBI’s Newark Field Office, he was working on some of the Bureau’s most sophisticated and sensitive investigations into nation-state cyber actors. As part of those investigations, he spent time embedded within another intelligence agency, which added yet another valuable perspective. “Whenever we are working a cyber investigation, we have our priorities as the FBI and other agencies have their priorities,” Yeager said. “When we are looking at the same set of cyber actors, the ability to deconflict real-time and share information is really important.”
A few years after he moved into a supervisory role with the FBI, Yeager was approached by a private company to take a position overseeing the operations side of cyber incident response. “It felt like a good opportunity to see what a cyber incident looks like as you help a company navigate it from day one,” Yeager said. He also hoped to be an advocate for law enforcement reporting in these situations.
In his new role, he saw companies work toward two primary goals after an attack: assessing the damage and getting business back up and operational. The other concern was any legal considerations. If it was a data breach, for example, what kind of notifications are required?
“It’s a little bit chaotic for a company, especially if they are getting hit with ransomware or something that has really crippled their systems,” Yeager explained. In a lot of cases, the last thing to cross a company’s mind is to call in law enforcement—especially if they don’t have a pre-established contact. “Even me,” he admitted. “I would be completely consumed in the incident itself.
Yeager enjoyed the challenge of the incident response work but he felt himself drawn to return to the FBI. “What brought me back is that I really had a better understanding of the FBI’s mission after I stepped away from it,” he said. “And I found I left a lot of energy on the table to do the FBI’s work.”
What he couldn’t replicate in the private sector was the ability he had with the FBI to investigate and understand all sides of an intrusion—how it happened, who may be responsible. “You have the criminal information and the national security information,” he said. “We have the best vantage point out of any agency to be able to work cases, and I find that to be one of the most fulfilling parts of the job. To be able to see the whole picture and not just a sliver of what’s going on.”
He now better understands why businesses in the midst of a crisis don’t report the intrusion right away, but he also knows how much valuable information may be lost if a company reports late or not at all. He stressed that’s why it’s so important for companies to establish a relationship with the FBI before they face an intrusion or attack.
“We have the best vantage point out of any agency to be able to work cases, and I find that to be one of the most fulfilling parts of the job.”
Special Agent Brett Yeager
Simply put, the FBI’s cyber mission only succeeds with strong partnerships and information sharing. Each time a hacker succeeds, the criminals get a little stronger. They have learned something, acquired something, or gotten a payout from a company who is understandably eager to get their business back online. “If people aren’t reporting attacks or aren’t willing to take those steps to help stop it, cyber actors are going to continue to increase their capabilities and expand operations,” Yeager said. “They may revictimize an organization or wreak havoc on another organization.”
Yeager is inspired by how much more collaboration he sees now, noting the remarkable increase in engagement over the last several years—a trend he hopes will continue. Organizations are sharing more information with each other and with law enforcement and vice versa, he said. “This is not just the government’s battle.”