ASSOCIATE Magazine FBINAA Q1-2026

continued from "A Message From Our Chaplain" page 30

Healing is not about erasing love or forgetting—it is about learn ing to carry love differently, more gently, in a way that brings peace rather than pain, and sometimes even through the pain. Grief does not mean we are stuck. It means we are human. Conflict and uncertainty do not have to cause our defeat. They can build our character. We can honor those we’ve lost and begin to heal gradually by sharing our memories and stories of the people and events that influenced us, and using the lessons we have learned to improve the lives of others. The pain finds a purpose and the wisdom isn’t wasted. These truths are reinforced when we remember that the Apostle Paul wrote those words of joy and encouragement to the Phillipians while imprisoned and in chains, and when we consider Viktor Frankl’s reflections in Man’s Search for Meaning, written after surviving the horrors of Nazi concentration camps. Frankl witnessed a few selfless prisoners, under the worst of conditions, sacrifice their last piece of bread so that others could live. He later observed:

“Everything can be taken from a man but one thing: the last of the human freedoms—to choose one’s attitude in any given set of circumstances, to choose one’s own way.” Even in the darkest places, hope, purpose, and compassion endured. As each of us continue to serve in our own environments, under challenging conditions, and as we experience our indi vidual and collective trials and triumphs, may we continue to choose pure perspectives, faith, and love—especially in hard ship. May the product of our hardships be compassion, resilience and growth. May we support one another through loss, honor those we carry in our hearts, and keep looking up as we move forward together.

FBINAA.ORG | Q1 2026

Blessings,

Kevin Jensen Chaplain

continued from "Spidey Senses" page 29

The primary indicators of a computer intrusion are in system and network log files. Results hinge on how quickly the intrusion is recognized, how promptly evidence is preserved, and how ef fectively risks are mitigated. Complicating matters, sophisticated intruders can modify or delete records, and operate with the same administrative tools defenders use. This is known as “living off the land.” Like homesteaders who live off the land, they use the system and network tools that are already in the environment rather than introducing malware, which makes detection harder. Your “Spidey senses” still matter, but in cyberspace, they work differently. There is no broken glass, no alarm, and no visible suspect. Instead, those instincts help you spot subtle anomalies: activity that doesn’t fit, log entries that don’t line up, or data moving when it shouldn’t. The key is pairing intuition with structure. See Figure 1 for the pairing and Figure 2 for a com parison of techniques. Seeing a computer intrusion as the same sequence as a burglary (casing, vulnerability identification, entry, theft, command and control, covering tracks, getaway, and mon etization) gives leaders a mental model that helps them apply those instincts in the digital domain and command the response with clarity and speed.

Figure 1: The similarities between a burglary and computer intrusion created by the author.

MONETIZATION AND FOLLOW-ON USE Physical: Stolen goods are fenced, sold, or traded to support ad ditional criminal activity. Digital equivalent: Stolen data is sold or traded, victims are extorted, footholds are reused to pivot into partner networks, or the information is exploited for strategic advantage, including espionage. Commander’s question: Where is the stolen data or access likely to surface next, and who benefits most? EVIDENCE For a physical intrusion, the perimeter is everything because it marks the barrier that defines the protected space. Evidence is tangible: fingerprints, access logs, tool marks, and video. In mod ern networks, there is no single control point; therefore, there is no true perimeter. Cloud services, mobile devices, and remote work spread the “premises” across many locations. As a result, risk shifts from the network edge to people and data. Two practical frames help: an identity-centric view (who can access a resource) and a data-centric view (how the resource is protected and used).

The views expressed in this article are the author’s alone, and do not necessarily reflect the official position of the DKI APCSS or the United States Government.

About the Author: Dr. Inez Miyamoto is a faculty member at the Daniel K. Inouye Asia-Pacific Center for Security Studies, a U.S. Department of Defense educational institution (now also styled as the Department of War), where she teaches cybersecurity, cyber warfare, and transnational crime. As a technologist, she specializes in preparing leaders to see cyber as a strategic battlespace, to understand the interdependencies adversaries exploit, and to strengthen multinational cooperation to counter advanced cyber threats.

A former FBI Special Agent, she led cyber intrusion investigations, served as a certified computer forensics examiner, and supported national security programs at FBI Headquarters. Dr. Miyamoto is a graduate of the FBI National Academy Session 266.

31