On Thursday, May 3rd congressional staff participated in a cyber attack response simulation. Hosted by the Center for Public Policy Innovation in partnership with FireEye, a leading provider of cybersecurity solutions, the exercise featured a number of experts that played specific roles including:
- Chief Information Security Officer: Matt Shelton, Director, Intelligence-Led Risk Management, FireEye, Inc.
- Legal Counsel: Laura Jehl, Partner, Baker & Hostetler LLP
- Incident Response Lead: Gerasimos Stellatos, Managing Director, Mandiant/FireEye, Inc.
- Law Enforcement: Supervisory Special Agent David Martin, Director, Cyber Action Team, Federal Bureau of Investigation
- Moderator: Ronald Bushar, Vice President, Global Government Services, FireEye, Inc.
In a panel format, the team of experts walked through a mock incident that took place at a multi-million dollar brokerage firm, providing the audience with a first-hand opportunity to understand the phases of cyber incident response and related best practices. The event covered a variety of important areas including: initial point of threat detection, compiling forensic findings, the role of the FBI in providing additional indicators of compromise, notification obligations of the attack, and finally, remediation and steps to fix compromised systems. The exercise demonstrated a number of important considerations such as the need to balance response and containment of the incident with pressures to conduct normal business functions, as well as the appropriate notification timeframe as it relates to internal executives, clients, customers, federal agencies, Congress, and regulatory authorities.
For more information about the current cyber threat environment, FireEye’s M-Trends 2018 Report provides a detailed intelligence assessment based on investigations of the most successful cyber attacks from the past year.