Thursday, September 6, 2012

FBI's Top Cyber Lawyer Steven Chabinsky Joins CrowdStrike as SVP of Legal Affairs and Chief Risk Officer

I am delighted to announce that Steven Chabinsky is joining the CrowdStrike team on September 10th, 2012.  Steve most recently served in the highest-ranking civilian (non-law enforcement officer) position in the FBI’s Cyber Division.  Steve will be assuming the role of SVP of Legal Affairs and Chief Risk Officer (CRO) for CrowdStrike.  In this role, Steve will be instrumental in addressing complex cyber security issues faced by our customers as well as helping to manage privacy and risk matters for CrowdStrike. Steve is leaving the FBI after a long and extremely distinguished career.  He is excited to continue his vision for changing the private sector’s cyber-security model to increasingly focus on adversary deterrence, threat discovery, and threat mitigation.  Steve will employ the same focus and passion at CrowdStrike he has demonstrated repeatedly over a 17-year career at the FBI. Similar to Shawn Henry, Steve is the second senior executive to join CrowdStrike after a distinguished FBI service record.

Pushing The Envelope

For more than ten years, Steve has helped shape and draft many of the most significant U.S. national cyber and infrastructure protection strategies including the Homeland Security Act of 2002, the National Strategy to Secure Cyberspace of 2003 and, in 2008, National Security Presidential Directive 54, which includes the Comprehensive National Cyber-security Initiative (CNCI).  As I have written in prior blog posts, CrowdStrike is on a mission to fundamentally change the way organizations think about security.   We are working night and day on some of the coolest technology I have personally been involved in creating; however, technology alone is not going to solve all of our collective security problems.  Pushing the envelope in “Offensive” security or “Active Defense” is the next key step in our industry’s evolution.  What better person to help advance the full range of actions that can be taken against cyber threat actors, without overstepping legal boundaries, than the former top cyber attorney for the FBI?  In his new role, Steve will directly assist CrowdStrike’s Services and Intelligence customers respond to the legal aspects of a breach and assist General Counsels in evaluating all their legal options, including liaising with law enforcement.

Sharing Intelligence Is Key

Steve is an expert on cyber law and cyber intelligence and has testified numerous times in front of Congress.  He served as chief of the FBI’s Cyber Intelligence Section where he organized and led the FBI’s analysis and reporting on terrorism, foreign intelligence, and criminal matters with a cyber threat nexus.  In this capacity, Steve also helped shape the public/private partnership of sharing critical threat information by helping to develop InfraGard into a national program.  Today InfraGard is an association of over 50,000 individuals across critical infrastructure sectors in each of the 50 states who are dedicated to building trusted relationships and sharing security information and intelligence, which is key in dealing with targeted intrusions.  Steve will play a critical role for CrowdStrike in extending the successes he has achieved in the government by helping to foster the trusted and actionable sharing of security intelligence across targeted industry sectors.

Privacy and Risk

Steve will oversee and manage CrowdStrike’s privacy and risk strategies as we evolve our big data platform.  In his new role, Steve will report directly to me and advise the company on all cyber legal, privacy, and reputational issues across the business from product development to execution. Steve’s tremendous experience and knowledge while at the Bureau in managing information sharing, compliance, and risk issues in a myriad of cyber security areas makes him an ideal addition to our already stellar team.   Steve will also help navigate the complex set of privacy laws that will allow CrowdStrike to offer the most robust Intelligence and Consulting Services to our customers.  This is really important to me because we are currently assisting some of the world's largest organizations in responding to sophisticated targeted intrusions that require a broad knowledge of appropriate legal responses. 

The Way Forward

I believe in Steve’s vision and strategy to help CrowdStrike and its customers better protect themselves.  Our mission is too important to ignore the legal complexities of cyber security law and the legal responses companies can take to raise the financial, organizational, reputational, and legal costs to the adversary.   I feel as if we are in the early days of a cyber revolution where companies can choose to stop taking daily body blows from determined adversaries and take aggressive action to deter and create a hostile environment for the enemy inside their own networks.   While there are no silver bullets or miracle “security programs” that can fix all of the challenges we face, legal “Offensive” security is the right way forward to flip the inherent asymmetry in cyberspace, which currently favors the attacker, into the defender’s favor.

Thanks again for all of your continued support and encouragement!


For daily updates on our mission, you can follow me on Twitter @george_kurtz, and you can follow CrowdStrike via Twitter @crowdstrike .

We continue to seek out world-class programmers, designers, incident response consultants, malware researchers, and intelligence analysts who have strong skills and experience. If you think your experience matches up, please send your resume to

Steve Chabinsky - Full Bio

Prior to joining CrowdStrike, Steven Chabinsky served as Deputy Assistant Director and as the highest-ranking civilian (non-law enforcement officer) position in the FBI's Cyber Division.  In that capacity he helped oversee all FBI investigative strategies, intelligence analysis, policy development, and major outreach efforts that focused on protecting the United States from cyber attack, cyber espionage, online child exploitation, and Internet fraud.  For over ten years, Mr. Chabinsky helped shape and draft many of the most significant US national cyber and infrastructure protection strategies, to include the Homeland Security Act of 2002, the National Strategy to Secure Cyberspace of 2003 and, in 2008, National Security Presidential Directive 54, which includes the Comprehensive National Cybersecurity Initiative.  Between 2007 and 2009, Mr. Chabinsky served in the Office of the Director of National Intelligence (ODNI) in various capacities, including Acting Assistant Deputy Director of National Intelligence for Cyber, Chairman of the National Cyber Study Group, and Director of the Joint Interagency Cyber Task Force.  In these roles, he led national intelligence efforts to coordinate, monitor, and provide recommendations to the President of the United States regarding implementation of America’s cyber strategy. Prior to his ODNI tour, Mr. Chabinsky served as chief of the FBI’s Cyber Intelligence Section where he organized and led the FBI’s analysis and reporting on terrorism, foreign intelligence, and criminal matters having a cyber threat nexus. 

Mr. Chabinsky joined the FBI in 1995 as an attorney in the Office of the General Counsel where he initially focused on employment law and personnel litigation.  In 1998, Mr. Chabinsky was selected as the Principal Legal Advisor to the multi-agency National Infrastructure Protection Center (NIPC) and became Senior Counsel to the FBI's Cyber Division upon its creation in 2002, during which time he rose in prominence as one of the nation's foremost authorities in the complex areas of cyber law, surveillance law, information sharing, and privacy.  Mr. Chabinsky played a prominent role in the national expansion of InfraGard, a critical infrastructure partnership between the private sector, academia, and government agencies.  Mr. Chabinsky helped develop InfraGard from an organization with roughly two hundred unvetted members located in three cities into its current size of over 50,000 vetted members meeting in over 85 cities.  Between 2002 and 2003, Mr. Chabinsky also served in the White House Transition Planning Office for the creation of the Department of Homeland Security, overseeing all legal issues associated with standing up DHS' Information Analysis and Infrastructure Protection Directorate. 

Prior to joining the FBI, Mr. Chabinsky worked as an associate attorney in the law firm of Simpson Thacher & Bartlett in New York City practicing complex litigation including insurance and reinsurance contract disputes, class action product liability, and internal investigations.  Mr. Chabinsky clerked for the Honorable Judge Dennis G. Jacobs (now Chief Judge) of the United States Court of Appeals for the Second Circuit and holds his undergraduate and law degrees, both with honors, from Duke University.  He has testified before the House and Senate, and is a frequent keynote speaker and guest lecturer.  His ideas have been featured in print news media, he has appeared on radio and television, and he is the author of the article "Cybersecurity Strategy:  A Primer for Policy Makers and Those on the Front Line," published in the peer-reviewed Journal of National Security Law and Policy.  He is the recipient of numerous awards and recognitions, including the National Security Agency's bronze medallion for inspired leadership, the ODNI's bronze medallion for Collection, and the Rank Award of Meritorious Executive conferred by the President of the United States for unwavering leadership and sustained extraordinary performance.  In August 2012, Mr. Chabinsky was selected as one of Security magazine's "Most Influential People in Security."