Cybersecurity should be more active, official says

The federal government has taken a “failed approach” to cybersecurity, with efforts that focus on reducing vulnerabilities rather than actively deterring attackers, according to one of the FBI’s top former cyber officials.

Steven Chabinsky, a 17-year bureau veteran who stepped down this month as the FBI’s top cyber lawyer, argued that the movement to set security standards for companies — which has been a goal for the Obama administration and the focus of congressional debate — is useful only “in the margins.” More important is to enable companies whose computer networks are targeted by criminals and foreign intelligence services to detect who’s penetrating their systems and to take more aggressive action to defend themselves, Chabinsky said in his first interview since leaving office. “The FBI needs stronger partners in the private sector who can figure out who the bad guys are, and there needs to be much stronger relationships between the private sector, law enforcement and the courts to ensure that all the legal authorities that exist can be brought to bear against cyberattackers,” he said.