The FBI should restructure how it prioritizes and catalogues cybersecurity investigations, according to a new report from the Justice Department inspector general.
Rather than relying on instinct and experience to determine the severity of a cyber threat and then allocating resources based on that assessment to solve cases, Inspector General Michael Horowitz recommends the Bureau move towards more data-driven decision making — supported by custom data analytics software.
The FBI’s current, primary cybersecurity case assessment procedure is known as Threat Review and Prioritization, or TRP. The TRP provides guidance, annually, for the FBI’s operational divisions and field offices to reference when defining the level of threat and deciding on resources available to address a case.
The OIG audit, however, concludes that TRP is “subjective and open to interpretation” because, among other things, it does not define specific targets. For example, under TRP, what constitutes a “small business” is up for an agent to decide.
Because TRP is only updated annually the OIG believes this approach is not agile enough to respond to the rapidly changing threat landscape of the cyber arena. The current approach does not use “an algorithmic, objective, data-driven, reproducible and auditable” process, the report reads.
To read more click here.