FBI chief: We need to share cybersecurity data in 'machine-time'

FBI chief: We need to share cybersecurity data in 'machine-time'

Summary: The director of the FBI discusses closing the gap between government and the private sector by sharing data in "machine-time" -- not "human-time."

SHARE:
fbi-vehicle_1

SAN FRANCISCO---The private sector is the "key" to outsmarting cybercriminals, according to James Comey, director of the Federal Bureau of Investigation.

Speaking at the 2014 RSA Conference in San Francisco, Comey emphasized that agencies at all levels of the federal government, including the Secret Service and the Department of Defense, are making cybersecurity a top priority -- especially to predict and prevent attacks rather than react.

"We are trying to actively listen to your concerns," Comey assured, acknowledging that many businesses are reluctant to share information or admit data breaches in fear of legal or market repercussions -- or both.

Comey also remarked that all citizens should always remain suspicious government power and remain skeptical.

However, Comey stressed that the FBI (and other government agencies) often need to keep select information underwraps -- sometimes much to the ire of businesses and consumers.

"I don't need to explain to you the cyberthreats that we face. This room is full of experts," Comey told the keynote audience on Wednesday afternoon.

Still, Comey hinted that one starting point is more transparency, asserting we need to find a way to provide assurances and routinely share information at "machine-speed, not human-speed." Effective partnerships are one way to do this, he added.

One example provided by Comey is the FBI's Flash Liaison Alert System, which spits out specific data used in attacks that FBI experts believe will be used again.

Another is BACSS, or Binary Analysis, Characterization, and Storage System, a near real-time triage system for malware identified in FBI investigations worldwide. Comey provided an unclassified version will be rolled out worldwide later this year under the moniker, "Malware Investigator."

However, Comey highlighted a roadblock for cybercrime investigations, noting that what might be criminal in the United States, in regards to malware and intrusion, might not be illegal elsewhere.

"I don't need to explain to you the cyberthreats that we face. This room is full of experts," Comey told the keynote audience on Wednesday afternoon.

At the beginning of his keynote address, Comey noted that he is at the beginning of a decade-long term, affirming that this is one of many appearances he plans to make at the annual RSA security show.

"You are stuck with me for 10 years," Comey concluded. "The FBI is in this for an even longer haul."

Topics: Security, Data Management, Government US, Legal, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Partnerships need limits

    Share your own data with the police if you want to, but institutions should not be allowed to share customer/client or employee data without the subjects' consent, unless ordered to do so by a court. And exactly the same rule should apply to sharing data with private parties. Institutions are custodians of such data, but they do not own them.
    John L. Ries
  • security

    "citizens should always remain suspicious of government power and remain skeptical."

    Truer words never spoken.
    preferred user
  • Suspicious... and stupid?

    Mr. Comey heads an organization that, based on publicly released documents, has the power to hack our PCs, plant kiddie porn, arrange for it to be "found" and prosecute to a long prison term. Obviously, he and others in govt. would react in horror at the suggestion that he/they would do that.

    How stupid ... does he ... think we are?

    Known liars and partisan hacks pretending to be public servants, starting with our current president and many of his appointees, must be thrown out of office and (in some cases) jailed before the public will believe the FBI is on their side. This is NOT a political conviction; though I am a conservative, I would take an honest liberal over a corrupt RINO any day. Mr. Comey might finally get this during his decade of tenure, but it looks like it will take awhile... if it ever happens.

    Think it can't happen? Mr. Snowden has a few documents for you to check out...
    ClearCreek
    • So

      Is there good reason to believe that the FBI has *employed* the capabilities you claim for them? If so, what is it? And what documents are you actually citing? Merely stating that their "publicly available" doesn't really tell us where to find them or how credible they are.

      While I prefer honest politicians over corrupt ones regardless of their affiliation or stated opinions, you seem to be insinuating that "RINOs" and presumably other people whose views don't neatly match their party affiliations (to be found mostly in the center of the political spectrum) are inherently dishonest. Am I reading you correctly, or would you similarly prefer an honest "RINO" or "DINO" over a corrupt, but outwardly orthodox Conservative?

      I should note that I was politically unaffiliated for 22 years, but reluctantly returned to the Democratic Party almost two years ago on the theory that one of the reasons for the political polarization of recent decades has been the withdrawal of moderate voters from both major parties. I'm not committed to the platform of any party and have major disagreements with both major parties and all the minor ones; and have routinely voted split ticket since 1981; so I probably qualify as a DINO (though I vote for Democrats more often than for Republicans). Does that make me dishonest? Should I therefore completely withdraw from partisan politics since there is not a single political party in the United States that really reflects my views?
      John L. Ries