The FBI Was Our #1 Partner During the Worst Time of Our Company’s History, and They Should Be Yours Too


As the CEO of Kaseya, I have intimate and detailed first-hand experience of what it’s like to deal with a cyberattack. In July of 2021, our company was attacked. We had the distinction of being on every major news outlet around the world, discussing the incident. It was a 24X7 media frenzy for a few days, until the facts were revealed, and the impact of the attack proved to be minimal. However, when an assault like that happens, regardless of the preparation and “doomsday scenario” planning exercises that are a part of most companies’ playbooks, it is VERY frightening and VERY real. Over the past 8+ months since the incident, I have been asked by many people from government, the private sector, even academia about the experiences, and what advice I can give to people who are dealing with cyberattacks. 

While every company is different, and the nuances of each business require unique levels of preparation and response, the one constant that I tell EVEYONE without exception is that the VERY FIRST call should be to the FBI to get them and all their full resources to help IMMEDIATELY. That call should be prior to calling the board, lawyers, or anyone else.  Call the FBI and bring them in right away.    

That often is surprising for people to hear – they act stunned. I have had many people tell me that they were advised AGAINST bringing in the FBI by colleagues or even their legal counsel. Often, it is rooted in the fear that the FBI will come in and start an investigation on every aspect of the company looking to find wrongdoing in any, and all, areas of the business. I have also heard people claim they are concerned that the FBI might uncover poor investment levels or poor cyber prevention measures, and they may be “punished” by the FBI.  The FBI did none of that. Their goal was to help us, and they assured us they would do nothing to jeopardize our mission to restore operations – and they were true to their word. 

Often, once an organization suffers an attack, everyone in the company is on edge, and the idea of bringing in the FBI further increases stress and anxiety. It is normal. I think it’s safe to say that everyone gets a little nervous when they see a bunch of people with FBI on the back of their windbreakers.   However, it is in that EXACT vulnerable and dire moment when making that FIRST call to the FBI is the MOST important. And the reason is simple. The FBI has more experience dealing with cyberattacks than anyone in the world.  Period. They are THE experts. They have more resources within the agency, as well as relationships with every major private and government organization that can help – very deep, and very real, relationships.

When an attack happens, a million questions run through the minds of executives at that organization. As mentioned earlier, regardless of the preparation, it is the FIRST TIME that it is real. Stress sets in. Panic sets in. With stress and panic come BAD decision making, driven by fear and resistance to logic and reason. The FBI eliminates that fear and doubt and most importantly, the panic.   

When we were hit, our playbook had as a standard process (luckily) to call the FBI the second something seemed suspicious. And we did just that. To this day, it was the single best decision that I, as the CEO, and we as a company, made. They were 100% professional, and ONLY INTERESTED IN HELPING address the company’s cyber issues. In addition, they were on point for everything. They had answers right away. They framed everything for us immediately, allowing our fears and stress levels to come down instantly because we had a partner in this. Neither I, nor anyone in my company, ever felt anything but partnership from our engagement with them. Even things that I thought the FBI would not care about, from issues related to our business reputation to communication strategy with the press, etc., they were incredibly helpful, just as you would expect a true partner to be.   

As I look back at the past 8 months, I can attest that the collaboration with the FBI was the single most important partnership on our journey. To this day, we team with the FBI helping them with other cases, as any, and all, resources at Kaseya are now available to the agency for the next organization that gets hit. The FBI should be the first call for any organization, big or small, that experiences any cyber-related incident. For Kaseya, and for me personally, calling the FBI 30 seconds into our incident was the best professional decision I have ever made.  

On another note, many who read this may remember the Kaseya cyberattack of July 2021.  However, a few short months later, the FBI, working with partners around the world, CAUGHT the people who executed the attack against my company. Now that, in itself, is a real-life James Bond scenario! 

Posted by Fred Voccola
Fred Voccola
Fred Voccola is the CEO of Kaseya, the leading global provider of AI-powered cybersecurity and IT management software for managed service providers (MSPs) and small to mid-size businesses (SMBs). Prior to joining Kaseya, Mr. Voccola served as president and general manager of Yodle’s Brand Networks Division, providing digital and market automation solutions to small and medium businesses. In 2016, Yodle successfully was sold to (NASDAQ: Web). Prior to that, Mr. Voccola was president of Nolio, Inc., a devops SaaS company, where he drove 100% year-over-year growth and successfully sold the business to CA Technologies. Mr. Voccola also co-founded and served as president and CEO of Trust Technology Corp., where he drove significant growth over three years prior to the company’s sale to FGI Global. Earlier in his career, Mr. Voccola co-founded and served as COO of Identify Software, substantially growing the business during his five-year tenure, culminating in a sale to BMC Software. He then served as vice president of worldwide sales and services at BMC Software. In addition, Mr. Voccola has held various management and executive roles at Intira (acquired by Divine Systems) and Prism Solutions (acquired by Ardent Software/Informix/IBM). Mr. Voccola holds a Bachelor of Science in Finance from the Carroll School of Management at Boston College.

2023 MSP Benchmark Survey: Where Executives Differ From Their Tech Partners

Whether you run a managed services business or are a tech wizard working at one, your first-hand experience equips youRead More

The Best of Kaseya 2022 — IT Managers, Check This Out!

IT professionals have long been tasked with maintaining the security and performance of their company’s endpoints. However, the proliferation ofRead More

IT Reports: Examples, Benefits, Best Practices and More

Data makes the world go round, forming the basis for some of the most critical business and political decisions. InRead More

Help! button on keyboard

Service Request Management: Purpose & Objectives

What Is a Service Request? A service request may be defined as a formal request that a client or anRead More