Tech, Law, and Education: A Cybersecurity Deep Dive from Redmond to Seattle
Washington state & Seattle, King County
When we headed towards Seattle, we already knew that this would be the last stop on our American tour, which made it a special feeling. The airport itself and the route from the airport to the city are not particularly beautiful. It is evident that this is an industrial city with a large port and industrial sites bordered by huge parking lots. We were informed in advance that this city and state receive the most rainfall in the United States. Upon our arrival, this was indeed the case, but during our stay, the sun shone almost continuously. We got to know a wonderful city.
As we arrived in Seattle, it was election night. It was a bit surprising to see that there wasn't much fuss about it; the streets weren't filled with giant billboards. In fact, there were hardly any billboards at all. You couldn't really tell that an election was taking place, except for a few flags or small signs with the names of the candidates. Even stranger was that when we entered a bar with many TVs, none of them were showing election summaries or coverage; instead, they were playing various sports games. Our American hosts, who were more knowledgeable about politics, had already indicated that Trump was likely to win. As the evening progressed and more significant results came in, we also saw that this was almost certain. Thus, we returned home from the United States knowing that change was coming.
About the state and it’s cyber aspects
Washington state, located in the Pacific Northwest, is known for its diverse geography, including the Cascade Range and major features like Mount Rainier and the Columbia River. With a population of around 7.96 million, it boasts urban centers like Seattle and Tacoma. The economy is driven by technology, aerospace, agriculture, and trade, with major companies like Microsoft and Starbucks headquartered here. Microsoft, based in Redmond, significantly impacts the local economy and community, while Starbucks, founded in Seattle, has grown into a global coffeehouse chain. Washington's blend of natural beauty, diverse population, and thriving economy makes it a dynamic and influential region.
If you look at the cyber protection of this state, you’ll find of course the similar pattern being tehre all over the US, so CISA, FBI, NIST and other federal agencies support the local ones. On state it is the State Office of Cybersecurity (OCS) in Washington state who is responsible for safeguarding the state's digital infrastructure through various services.
Security Engineering: OCS provides security assessments for new or updated systems, ensuring compliance with state IT security policies and standards.
Security Operations Center: The SOC proactively identifies threats and alerts agencies, with the Computer Incident Response Team assisting in incident remediation and restoration.
Cybersecurity Risk Assessment: This service offers a consistent methodology for assessing and prioritizing risks associated with information assets, aiding decision-makers in risk management.
Small Agencies: WaTech's Information Security Program offers centralized security services, including vulnerability management, risk assessments, and compliance assistance for small agencies.
King County Emergency management center
We had the privilege to participate on a tour in the emergency center. Even the building radiates the strength and reliability which makes you feel safer if you live in one of cities of King County, let’s say in Seattle.
The organization is responsible for coordination and taking the leadership when it comes to extraordinary or even disastrous events. Also, IT security threats fall under their scope of actions, however it is not a SOC, rather a multi-capability institute.
Imagine a significant earthquake occurring in the region, which unfortunately is a possibility. This could lead to complete power outages, the cessation of water services, fires, and other consequences, such as the failure of traditional telecommunications or certain roads becoming impassable due to a large number of vehicles blocking them. This center is prepared for such situations, meaning they will operate and be able to manage the state's resources even in the most extreme cases.
The building itself can be envisioned as a large facility with the county sheriff's headquarters, with a large control room and numerous smaller rooms where various issues can be discussed. It is equipped with radios of all wavelengths, its own power supply, water supply, helicopter landing pad, and a fleet of vehicles capable of reaching the necessary locations even off-road. During our visit, the current topic was election security. For example, due to the election, they maintained operations to address misleading campaigns or threats to polling stations. If any disturbances occurred, the on-duty personnel were in contact with city leaders, the election commission, federal organizations, and had all resources at their disposal to resolve these issues.
But still, in terms of cybersecurity the everyday activity of center is rather about prevention: they fund and organize preparation programs. Threat the EMAC they perform table top exercises and other practice drills.
In case you are interested how to organize such a multi-objective response center, you’ll find their training center very informative and useful:
Microsoft
One of the most important spots of our visit in the US was our meeting with the Ms representatives in the heart of their cybersecurity-, and cybercrime division in Redmond.
Before diving into the professional aspects, the campus itself deserves an introduction. The Microsoft Redmond campus serves as the company's corporate headquarters. Spanning 502 acres, the campus includes over 125 buildings and accommodates more than 50,000 employees. It features a variety of amenities such as treehouses, recreational spaces, and a visitor center. Microsoft is currently modernizing the campus, adding 3 million square feet of new workspace and enhancing transportation infrastructure. This initiative aims to create a more sustainable and collaborative environment for employees.
The area looks like a utopistic city quarter, with endless office space between beautiful greens, walkable surfaces clean and tidy steets. It’s no surprise, that around Redmond the real estate prices are on moon level, but I need to admit it’s not only the job possibilities but the nature itself is amazing. Woods, mountains, streams, lakes, the see, islands, bridges – a place for fairy tales.
Microsoft Digital crime unit
Microsoft is the largest software provider on Earth, in terms of operation systems, the office software and cloud services they have a tremendous variety of solutions. Microsoft had turned into a cloud first company some years ago and as the change accelerated even more nowadays Ms defines itself as an AI first company. Knowing how much dependent the societies are all over the world we can understand how important it is for the company to protect its interest. Defend their network, users from breaches, hackers and professional cyber-criminal organizations.
Consider the vast network involved, where the data of over a billion users is managed, and the daily operations of millions of businesses depend on the continuous availability of Microsoft services and software. This is also a tremendous opportunity, as very few large-scale or even smaller operations in cyberspace can be imagined without leaving some trace on Microsoft's infrastructure. Therefore, virtually every government in the world collaborates with Microsoft. When it comes to dismantling or locating any major criminal network, it is beneficial to cooperate with them. The amount of information available to them is unimaginable even for a larger government.
The Microsoft Digital Crimes Unit (DCU) is an international team of technical, legal, and business experts dedicated to combating cybercrime and protecting customers. Established in 2008, the DCU focuses on disrupting cybercriminal networks, malware, botnets, and technology-facilitated child exploitation. They leverage Microsoft Threat Intelligence to understand and dismantle online criminal networks through civil legal actions, technical measures, criminal referrals, and public-private partnerships. The DCU has successfully disrupted numerous malware families and collaborated with law enforcement to achieve significant arrests.
We were honored to be accompanied by Mr. Steven Masada, Assistant General Counsel at the DCU, who plays a crucial role in leading legal actions against cybercriminals. Recently, he has been involved in efforts to disrupt a global cybercrime network exploiting generative AI to bypass safety measures and create harmful content. His work includes filing lawsuits, gathering evidence, and enhancing safeguards to protect users and AI services from abuse.
In case you’d like to get in contact with them to ask for cooperation or report a potential incident you have two ways: the primary is to turn to your local support representative as a subscriber, but you have the opportunity to reach out to them at the Cyber Defense Operations Center here:
https://www.microsoft.com/en-us/msrc/cdoc
https://msrc.microsoft.com/report
Everett Community college
My personal interest area within cybersecurity is OT, that’s why I was happy that we visited our last university, more closely their laboratory and faculty dealing specifically with industrial security. There’s an enormous need for well-trained people with, higher education degree who can act on the field with such a skillset. I was delighted to learn, how precisely have Everett Community College hit this target.
Everett Community College (EvCC) in Everett, Washington, educates over 15,000 students annually across multiple locations in Snohomish County. The college offers a variety of programs, including associate degrees, certificates, and a Bachelor of Applied Science degree in accounting. EvCC is known for its small class sizes, affordable tuition, and personalized instruction, making it a popular choice for students seeking quality education and professional training.
Dennis Skarr was our primary host in there. Dennis has been in the field for 30 years, partly serving in the armed forces and partly in the industry, where he has gained extensive experience in protecting complex organizations and operational technology. The university collaborates so closely with certain companies that participants receive practical tasks during their training and can be confident that they will find a worthy job by the end of their studies. The team also participates in various research projects and model building, and Dennis himself has founded a company dedicated to improving industrial security.
I doubt that there are many such dedicated teams for OT security education around the globe, so you might find their programs and tutorial videos useful:
https://www.everettcc.edu/programs/stem-health-prof/it-program/industrial-cybersecurity
Jake Bernstein, K & L Gates
The final visit of our entire journey led us to this huge law firm K & L Gates, where Jake Bernstein was our host. It was excellent to have him as our host because he is one of those rare individuals who possess both an IT degree and practical experience in cybersecurity, as well as a legal degree and practical experience in various lawsuits and proceedings related to information security, cybercrime, and privacy issues.
Jake also has served both as a regulator, working as an Assistant Attorney General with the Washington State Attorney General's Office, and as a private defense counsel representing companies under data security and privacy regulations enforced by federal, state, and international authorities. He has frequently been invited to speak at various events and is also known for discussing cybersecurity and privacy issues as the co-host of the Cyber Risk Management Podcast (https://cr-map.com/podcast).
It is worth noting the sheer volume of lawyer advertisements found on every conceivable platform in the United States. They dominate TV, online spaces, billboards, flyers, newspapers—practically everywhere. Movies have also shown us that many compensation lawsuits are initiated by such lawyers. However, it cannot be said that those wishing to file a lawsuit related to personal data breaches will find it easy. As mentioned, there is no unified federal regulation for data protection issues, with some exceptions like child protection. Therefore, if someone wants to protect their own data and file a civil lawsuit, they will need very thorough and good lawyers, and even then, success is not guaranteed. Most often, the basis of the lawsuit will not be the actual grievance.
But in case the process goes through, the stakes can be really high. A recent public lawsuit in Washington state where an individual won a case against a company for data breach involved Progressive Casualty Insurance Company. In this case, a class action lawsuit was filed due to negligent data security practices that resulted in a data breach compromising the personal information of approximately 350,000 individuals. The lawsuit led to a $3.25 million settlement in January 2025. See: https://www.classaction.org/news/3.25m-progressive-settlement-resolves-class-action-lawsuit-over-years-long-data-breach
In case you are interested in typical customers of such a law firm, you can find a list of their assignments in the cyber area here:
https://www.klgates.com/Experience/subarea/83523?LangCode=en-US
Epilogue
To conclude, I must admit that this three-week tour of the United States has been a defining experience for me. Firstly, because the country itself is incredibly interesting and vast. Visiting four different states, exploring both small and large cities, and conversing with a wide range of professionals and average citizens has given me a very good understanding of the diverse nature of the country. Seattle was one of the most beautiful places we visited, though this is, of course, subjective. Nonetheless, I was fortunate that the tour ended in a place I found so delightful.
From a professional perspective, I would summarize our experiences by highlighting the practical approach taken by the government, industry, and higher education institutions towards cybersecurity. It is evident that they have been actively engaged in this field for several decades and no longer deal with superficial issues. Every institution we visited conducted various public situational exercises and Capture The Flag (CTF) events. The FBI, local police, Secret Service, NIST, and state organizations work in absolute collegial cooperation in both preparation and incident response.
