Adam Hickey, deputy assistant attorney general within the Department of Justice’s national security division, has said that private companies also have the responsibility to contact law enforcement during cyber breaches, Fifth Domain reported Thursday.
Hickey told attendees at the RSA Conference in San Francisco that the private sector has a key role in informing the FBI and DOJ to accelerate the attribution process.
He noted that law enforcement authorities also work to assess companies’ timeliness in identifying cyberattacks as well as the presence of security architecture.
“The intelligence community may know well from other sources who’s responsible, but when I think about bringing an indictment, I’m sourcing that from unclassified information,” said Hickey. “So I’m often starting from victim information and going from there.”
Hickey also said that DOJ underwent a cultural shift and implemented a mindset focused on adversarial attacks rather than companies’ track record of cyber breaches.