‹‹ RETURN TO NEWS

“How That Happened” Episode 32: Preston Ackerman, FBI Special Agent – Navigating Through Cyber Threats

 

Interview Transcript


Preston Ackerman:


The very clear thing that I can say is that the FBI never recommends paying the ransom, that’s just not something that’s … it furthers that scheme. You’re funding the next victim by paying that organized crime group committing that scheme.


Aaron Ackerman:


From HoganTaylor, I’m Aaron Ackerman, and this is How That Happened, a business and innovation success podcast. On each episode of the show we sit down with business and community leaders behind thriving organizations to learn how business and innovation success actually happens.


Hello, and welcome to another episode of How That Happened, thank you so much for joining and listening to the episode today. I am really excited about my guest today, it’s going to be a treat for me, I think all of our listeners are going to get a lot out of this conversation as well. Joining me today is Preston Ackerman, a special agent with the FBI. And no coincidence that we have the same last name, Preston is my younger brother.


As a lot of you may know, next month, the month of October is National Cyber Security Awareness Month, and so we’re going to talk quite a bit today about cyber security, how it affects our businesses, and Preston has been with the FBI for almost 17 years. A lot of that time he’s been focused on various aspects of cyber crime units with the FBI. Prior to the FBI, Preston also was a networking consultant for a privately owned company, and so he’s got experience on that side of the table as well. He has a degree from Oklahoma Christian University in IS, and he’s got a master’s in cyber security. So, bro, thanks for joining me today.


Preston Ackerman:


Absolutely, it’s a pleasure, thanks for having me.


Aaron Ackerman:


Yeah, you bet. So, first question, when we were growing up we were both going to be Major League Baseball players, so tell me what happened to that dream, and how did you end up being a special agent with the FBI?


Preston Ackerman:


Well, in my teens I was always kind of interested in crime, TV shows, books, and so on, just like a lot of people are. I just love movies like Catch Me If You Can, and Donnie Brasco, and the Donnie Brasco example, I mean, the government’s successes against organized crime families have got some truly amazing stories in them, and those stories always seemed to feature FBI agents. So I had this sort of built in fascination with it, but I viewed it on the same par as what you said, being a professional athlete, and I know your listeners can’t see me, but you can tell them I don’t look like a professional athlete, so that wasn’t in the cards.


Well, I thought of being an FBI agent the same way, as a pipe dream, and so I didn’t do anything really to pursue it, but I liked computers also, and so I moved toward a career in information technology. And then at one point out of the blue, an FBI agent newly appointed started going to church where I did, and he could see my interest in his job, and he kind of told me, he said, “You know, we always need people with computer skills, why don’t you apply? You can always say no.”


And so I loved the idea, but it came at sort of the most awkward time possible in my dating relationship with my wife in terms of making a completely life-altering choice. I didn’t know whether asking her permission and support for this would imply a level of seriousness that she didn’t associate with the relationship, or on the other hand, if simply saying, “I’m doing this crazy life-changing thing.”, without involving her in it would … So, it was kind of awkward, but we muddled our way through it, and 17 years later we’re still here. So, I guess that conversation went okay, however awkward.


Aaron Ackerman:


So, yeah, that’s interesting. I need to ask, just on the side here, can you confirm or deny that there’s an official file open on me or anyone else in our family with the FBI?


Preston Ackerman:


Unfortunately, I cannot confirm or deny that, but it wouldn’t surprise me.


Aaron Ackerman:


Yeah. So, you mentioned this big life change you had at … you were pretty young in your career at that point, but you’d been working in the business world for several years. I think I mentioned just with your bio that you were part of a small business that operated in a few different states, and you were a network consultant serving clients, you were involved in the business side of that business as well, running the business, making decisions about hiring, and payroll, and all of that stuff. But how did your experience prior to the FBI sort of influence the way you view your work now that you’re on the law enforcement side?


Preston Ackerman:


Well, it’s really been an excellent background, not only for the work I’ve done in cyber crime, but also in other types of investigations, and in contributing to IT projects at Headquarters, but from the technical standpoint, every major investigation that we have is inundated with data from all types of different sources, and having people around who can work effectively with that data, and believe me, we have many people who are far better at that than I am that just blow my mind with their skillsets, that’s always valuable. But a different aspect, I think, to my answer to that question would be that it just gave me a very special appreciation for the business world, and especially for small businesses.


You mentioned the consulting company I work with was itself a small business, we consulted with other small businesses, and I really loved it. I saw the pressure that these businesses can be under, how that sector’s such a key part of the economy, making our economy go in this country, and the exact types of businesses that I worked with are a lot of times the same types that I see being victimized by very serious cyber crimes today.


So, that background has kept me very sensitive to the challenges faced by that sector, and it’s kind of strange that even though I’ve now been in the FBI, like you said, almost 17 years, and we joke that bureaucracy is our middle name, I still just love small businesses, the efficiency with which they operate, the ingenuity of the things that they do, the entrepreneurial spirit, I’ve always been so glad that I got a taste of that before my current career, and it’s stuck with me the whole time.


Aaron Ackerman:


Yeah, that’s really good. A lot of, probably most of our listeners are owners or work in small businesses, and so cyber security is, at least from my perspective, it’s kind of a buzzy thing, it’s gotten kind of a lot of press and attention, especially these last few years as the awareness of it has really been heightened. But the FBI is the primary law enforcement entity, I think, as far as I know, that investigates cyber crime, there’s other organizations that do as well, and that you guys partner with.


But I’ve heard you talk about this before, cyber crime criminals range from nation states, to terrorists, to just profit motivated criminals. For most businesses, so the people that we’re talking to right now that are working in a small business, own a small business, or even a large business that … what’s the most common or pervasive thread, obviously nation states may be more nation to nation, like what are business owners … Who are attacking our businesses?


Preston Ackerman:


Well, it can depend very much on the type of the business. So, you mentioned the nation state stuff, that’s certainly not always nation state to nation state. So, any businesses that hold valuable intellectual property, or conduct very large overseas transactions, have sensitive government or political information, promote information which opposes certain nation state actors and regimes, or operate any kind of industrial control systems, those kind of handful of businesses very well may be targeted by nation state actors, and that doesn’t always have to be a large business. For example, sometimes law firms have a great deal of intellectual property under their care, but are a relatively small business.


So, depending on the type of information that is held, the business could be a target of nation state actors, and the Department of Justice has made very strong statements when this type of activity violates international norms, and does target private entities. So, we’ve seen victims that have been named in FBI indictments of such attackers include names like Westinghouse, U.S. Steel, Sony, the DNC, the U.S. Anti-Doping Agency, Equifax, all of these companies have been targeted by those types of actors. But having said that, I think it is fair to say that 100% of businesses are a potential target of the financially motivate criminal actors.


Aaron Ackerman:


Right.


Preston Ackerman:


So, in that sense, to the majority of your listeners, probably that’s their biggest threat.


Aaron Ackerman:


Yeah, so let’s talk about that a second. As you know, we have a cyber security practice here at the firm, at HoganTaylor, and work with companies as they’re kind of navigating security issues. I’ve had clients that I’ve worked with directly that were victims of cyber crimes, and in several cases they were very surprised. Somebody may be listening right now going, “Hey, I run a nonprofit that’s got a $1 million annual budget, who cares about attacking me with a cyber crime scheme?”, but we’ve seen that happen. So, what would you say to somebody that thinks like, “I’m not really a target because I’m small, I don’t have some of that valuable information that you referred to, I’m not part of any industrial system, or anything like that.”? What would you say as sort of the counterpoint to, “I’m small, I don’t think any criminal’s worried about me.”?


Preston Ackerman:


Well, we’ve just seen it time and again where those people are, in fact, targets, and these criminals will sometimes identify weaknesses, they’ll find these niche businesses, or things like that, that do business very informally, and they’ll target it. But more to the point, and just there’s … it comes down to they’ll target anything, anyone, anywhere where money is being exchanged for sure. So, that involves pretty much all of us, even outside of … I know we’re mainly focused on business here, but real estate transactions are targeted heavily and interfered with, and that can be business or personal transactions.


Aaron Ackerman:


Right, yep. Yeah, I would totally agree with you, and you’ve probably seen stuff firsthand, and statistics from across the country and the world, but my guess is that anyone listening to this episode right now has either been a victim, or has been targeted and may just not realize it. One thing we like to do, and obviously kind of ahead of Cyber Security Awareness Month is really educate, help people protect themselves from never having to be a victim. What are maybe some of the most important things you would advise businesses, whether they’re large or small to do now that can increase their chances of not having a huge financial loss because of cyber crime?


Preston Ackerman:


Well, I could probably give you three or four different answers that I would agree with all of them, but since we are focusing … I mean, since we are coming up on Cyber Security Awareness Month, I think I would like to mention awareness, awareness programs. When executives are aware of these issues, they’re able to make better decisions with how to mitigate their risk, how to fund cyber security, how to spend those funds, and so on. Meanwhile, other employees being aware of this type of issue, they’ll be less likely to fall for things like business email compromise scams where a fraudster tricks an employee into making a large financial transaction to an account controlled by the attacker under the guise that it’s a direct order from their boss. Or they’ll be less likely to click that phishing link, or use the weak passwords that result in that businesses systems all being locked up by ransomware.


Fewer people, either administrators or users depending on the size of the business, will ignore those important security updates, or delay them until it’s too late. The attackers, once security holes are identified in a software package, they go after it very quickly, so getting those updates as soon as practical is important, but people have to be aware of that. There are many excellent resources out there for raising security awareness that businesses can use, and a lot of those are free. So, I think it’s just important for them to work on that aspect, and I think other good security practices will flow out of that.


If I could give one more though, the ransomware problems are really big right now, and it’s just super critical that businesses are getting good backups and have that data backed up offline where they can restore in the event that they get hit by a ransomware attack.


Aaron Ackerman:


Yeah, so that’s a great segue, I did want to ask about ransomware. Clearly, kind of the proactive piece of that is going to be the best defense, having those good backups and everything, but when somebody does find themselves in that situation where their systems have been locked up and shut down, and they’ve got that message, “Pay us …” whatever, I don’t know what, I guess it ranges all over the board but, “Pay us some amount of money if you want your information back.” If somebody doesn’t have a good backup, or for whatever reason is really kind of held hostage at that point, from the FBI perspective, what’s the best way to handle that?


I’ve talked to some people that were like, “Hey, it’s $5,000, nobody knows where these people are, you couldn’t find them. It’s not a big number for me, or for our business, so I just paid it, as opposed to trying to fight it.” I’m sure that’s probably not your advice, but I mean, there’s a range of ways to response to that, like how do you guys at the FBI think about companies that are stuck in that bad situation where they’re a victim of ransomware and they don’t have access to their data or a good backup?


Preston Ackerman:


Well, the very clear thing that I can say is that the FBI never recommends paying the ransom, that’s just not something that’s … it furthers that scheme. You’re funding the next victim by paying that organized crime group committing that scheme. So, that’s why we really, really urge the importance of those backups, and if possible, to just even rebuild, recover, whatever they can do without having that happen.


Another thing that I would point out is I’m starting to see some different angles with the ransomware scheme where they’re also threatening to release that information publicly. So, businesses that just plan to essentially wave the white flag and just pay it, that that’s their plan, that’s not really a very good plan. Much better to really put in protections to avoid that type of crime happening.


Aaron Ackerman:


So, when and how does the FBI get involved when these cyber crimes occur to a business? What’s the process, or what should the process be of how and when the FBI gets involved?


Preston Ackerman:


Well, there are several ways that that can happen. One of them is through filing a complaint online with the FBI’s Internet Crime Complaint Center, or IC3, that’s at www.ic3.gov. Another is through contacting the local FBI field office directly when a company experiences a crime, such as a large financial loss in a fraudulent transaction or a ransomware event.


One thing that I would like to highlight though for your listeners is regarding the reporting of these large transactions sent to a fraudsters account, it’s really critical that they contact the FBI and their financial institution as quickly as they possibly can when something like that happens. Chances of recovering those funds can be quite high in the 24 to 48 hour range, but if a business has not thought this through and planned for this kind of thing, and they spend that long trying to determine whether they should involve law enforcement, well, then we might not be able to recover those funds. So, I think that’s an important thing for your listeners to consider.


But back to your question on how the FBI gets involved, one other way that’s more common probably than people realize is that the FBI will find out about a company being compromised or targeted before the company even knows it about it themselves. So, in those instances, the FBI will contact that company and notify them of the incident and what’s going on. That type of thing is probably, I would say, a little more common with the nation state sponsored type of attackers. The reason for that is because the FBI has long-running investigations into those enterprises, and those types of attackers tend to maybe be on someone’s network, what we call the dwell time on their network, much longer, many months often times, whereas with a ransomware event, they’re going to compromise it, get that ransomware deployed, and cash out as quickly as they can.


Aaron Ackerman:


Right.


Preston Ackerman:


An overarching point though that I think’s important for businesses to keep in mind when considering involving law enforcement in a large event is that they’re usually not the first to experience what they’re going through. So, both with the for profit criminal enterprises, and the state sponsored actors, they’re typically committing these crimes at scale, and the FBI very well may have some information which could help that business with their mitigation efforts, and that’s at a minimum. By no means are we always able to deliver a satisfactory outcome, but I mean, which is that’s one of the few disappointing things about my job is you just cannot right all of these wrongs that’s just so prevalent.


Aaron Ackerman:


Yeah.


Preston Ackerman:


But a lot of times we can help with that mitigation at least, or maybe, recover money, identify who’s responsible, and prosecute them.


Aaron Ackerman:


So, you mentioned IC3, the Internet Crime Complaint Center, just looking at that website there’s a lot of great information. I was interested in some of the statistics that you guys have prevalent on that website, and according to the FBI, in 2015 there were roughly 288,000 complaints filed with about $1 billion of losses attached to those complaints. So, just a few short years later in 2019 there were 467,000 complaints, and $3.5 billion in losses. So, in just four years the complaints, if I did my math right, increased by a little over 60%, but the losses increased over 300%. So, I’m kind of interested just to get your take on this, obviously volume of crime has been going up, probably for many of us our first exposure to cyber crime was the old email from the Nigerian prince that just needs to park-


Preston Ackerman:


Classic.


Aaron Ackerman:


… $10 million in my account. I’d probably be surprised, I think like hardly anyone ever fell for that, you’d probably tell me, “More people than you would imagine.”


Preston Ackerman:


Certainly.


Aaron Ackerman:


That was pretty rudimentary, pretty easy for anyone who was even just a little bit diligent to sniff that out and say, “This is a scheme. They’re trying to scam me.” Talk a little bit maybe about just the increase in volume, and the increase of the amount of losses, and is that related to, or also just the increase in the sophistication from five, seven, 10 years ago, to the way the criminals are carrying out their schemes today?


Preston Ackerman:


Sure. Before I answer that, I would like to offer some quick praise of my colleagues at the Internet Crime Complaint Center where you got all of that data. Their dedication and expertise has really benefited all of us whether or not we even know it. They actually celebrated their 20th year of operation just in May, but their dataset can really illuminate for businesses the types of things that should be on their radar.


That dramatic increase in the number of complaints the last couple of years honestly surprised me a little because that number had plateaued for several years at around 300,000 give or take. I think that simply just speaks to the prevalence of the frauds that we face online. I mean, sometimes I think when you post something for sale online it would be more shocking if you were not contacted at least once by a scammer than when you are. I mean, so we probably, like you said, have all experienced that a little bit, and these actors are just endlessly creative in the schemes that they will come up with.


The increase in value though really makes sense, and as you said, the increase profits, I’m sure, drive the number of complaints, but that value really makes sense based on what I’ve seen, because they’ve gotten better at monetizing these schemes. A couple of examples, business email compromise, which we’ve mentioned already, is very effective in terms of going for the home run. I mean, a single U.S. business lost $46.7 million that way, and so you see some very large losses with that crime. And then ransomware which we mentioned as well, when we first started seeing ransomware attacks it was completely opportunistic, just any system that they compromised, and it was one-size-fits-all. It was a $300 ransom typically, but now we’ve seen those actors evolve to it being much more targeted, specifically at businesses, and the ransoms are oftentimes hundreds of thousands of dollars now. So, they’ve realized that they can make more on what they’re doing.


But to bring it back to your sort of classic Nigerian prince example, Nigeria-based fraud groups have also continued to very much evolve their tactics. Romance scams are one thing that they’ve developed quite effectively into what I would characterize as a long con. These usually target slightly older citizens, sometimes perhaps widowed, and they trick that target into thinking that they’re in a romantic relationship when the reality is, is that person is just fraudster developing many of those relationships at one time. In some instances though, they’ve successfully convinced their target that they are a financial investor, and that the place that they have their retirement account with is not good, or is under investigation or something like that, and they literally convince someone to transfer their entire retirement to them. It’s absolutely a-


Aaron Ackerman:


Wow.


Preston Ackerman:


… heartbreaking thing, and a lot of times victims feel a huge amount of shame when that happens, but I’d like to point out here that these victims are not dumb, they’re not gullible, they’re targets of a very sophisticated scheme. So, if any of your listeners, or loved ones, or anybody do happen to fall victim to that, please do not hesitate to report it. Some local co-workers of mine, in fact, just recently, in late 2019, worked a very successful case on that, targeting a Nigerian fraud ring that resulted in 10 arrests, scattered around a little bit. Five of those were actually in Norman, Oklahoma, just south of where we are right now.


Aaron Ackerman:


So yeah, that’s really interesting. One thing you kind of alluded to that I want to ask about … So, as you know, my kids play a lot of soccer, and so I’ve thought about cyber security a little bit like soccer. So, for an offensive player, they get a lot of praise for shooting whether they make the goal or not, like, “Oh, so close. Good job. Good try. Keep trying. Keep shooting.” On the defensive side, you make one mistake, and the other team scores a goal. It seems like we’ve got wherever these people are sitting, and wherever they are all around the world just constantly, that’s their full-time job all day every day is just doing these attacks of different kinds. They don’t have to be right every time. We, the businesses, and law … we just have to be wrong once to get attacked.


So, is there kind of that aspect to it where the margin of error is almost unlimited for the attackers, it’s pretty small for the FBI and other people that are sort of on the defensive side, that’s kind of part A. Part B would be, how good is the FBI working with businesses at catching the bad guys, at recovering lost funds, and kind of let you brag a little bit about how good you guys are at what you do.


Preston Ackerman:


Well, I think to part A, there certainly is an asymmetry there, I think, especially to small businesses. I mean, they are being targeted by extremely sophisticated actors with good funding because of the previous successes that we’ve already mentioned, and a small business may not have a very developed information security program. It depends on the size of the business, and what they have, and are able to spend on that. So, there’s certainly an asymmetry there. I think not all of the advantages really are on the part of the attacker though. There do tend to be on these intrusions several ways, several places that their activities could have been detected or stopped.


So, in information security it’s called red team and blue team, kind of deal with … Well, those are all good guys, but that’s sort of how it works with the people who provide offensive tests of a business versus defensive. Red team does not have all of the advantages, blue team does have some advantages, and to that end, the FBI, as I mentioned earlier, we certainly cannot rundown all of these, but we are able to solve very many of them, and very complex ones as well. I mentioned sort of all of those indictments, Equifax, things like that, that nearly all of your listeners were probably a victim of. Well, the FBI did figure out who did that in China without the cooperation even of that government helping to solve that intrusion.


So, the challenge with these crimes though is truly that they are all worldwide, and so sometimes that makes solving them more difficult, although it can still be done, and then it also makes potentially bringing people to justice ultimately more difficult. For example, kind of one of the masterminds behind the ransomware scheme that we all loathe so much, he had developed CryptoLocker, he has been indicted by the FBI, there’s a $3 million reward out for that individual, but they’re kind of living openly in Russia, that regime is just not going to cooperate with U.S. law enforcement on that unfortunately.


Aaron Ackerman:


Yeah. So, as we kind of start wrapping up, if we were to have a couple of takeaways, let me see if I can summarize a couple things, and feel free to add to or correct. For businesses, one, I think if you feel safe or immune to this because of the kind of business you’re in, or the size of business, that’s probably … you’re probably misguided on that. I mean, I think, one, is we should all assume that somebody’s trying to get our information all the time.


Preston Ackerman:


Right.


Aaron Ackerman:


Two, that there are resources whether it’s a consultant, someone’s IT company that may be an outsourced solution, reach out to professionals that do this for a living to help you to do an assessment to find out where your vulnerabilities are. I mean, there’s attack and penetration studies, which HoganTaylor does a lot, that can be really informative to find out where the weak spots are. And three, law enforcement, you mentioned www.ic3 is a good place to go. If somebody thinks they’ve been a victim, besides IC3, can they call their local field office?


Preston Ackerman:


Sure can. Yes.


Aaron Ackerman:


Okay, so what’s the best for somebody to like in Oklahoma City or Tulsa to get ahold of the FBI if they feel like-


Preston Ackerman:


Both of those methods are absolutely fine. You can go to fbi.gov and figure out the phone number for the office nearest you. I would say definitely in the event of a large and recently discovered financial loss, absolutely call. For smaller loss frauds, you can feel free to call certainly, but you might be directed to IC3. Putting the large stuff in IC3 is fine, too, but I would try to talk to somebody if it’s really recent, and see if those funds can’t be recovered.


Aaron Ackerman:


Well, thank you for all of that information, for sharing some of your experiences and advice. We see with our clients this doesn’t seem to be getting smaller, it’s getting bigger, so as businesses, our job of protecting our information, our assets, is just getting more important, and I don’t think there’s any danger of you being out of a job anytime soon from a law enforcement side.


Preston Ackerman:


Right. Unfortunately.


Aaron Ackerman:


Yeah.


Preston Ackerman:


Aaron, one thing I might add in there, it’s certainly not a summary of what we said, because I didn’t mention this yet, but I think people sometimes have the mistaken notion that these problems are just someone else’s problem, that big financial loss will be covered by the bank, or cyber insurance, and sometimes that is the case, but it’s a huge mistake to assume that. These problems affect real people, there are companies that have gone out of business after a ransomware attack, and so people are suddenly without a job that they liked, or at least needed, one day before that happened. I’ve talked to small business owners who had a multi hundred thousand dollar loss from a business email compromise event that they wound up being liable for, and these are people that have told me, “Hey, I was about to retire and now I can’t because of that loss.” So, do take these things seriously, they’re not someone else’s responsibility, they’re all of our responsibility.


Aaron Ackerman:


Yeah, it’s good stuff. Well, again, thanks for just sharing everything you did, and thank you, I know you and your colleagues are pretty committed to giving time just to help with education awareness. I know you speak quite a bit, and you probably have other colleagues across the country that do the same thing. So, thank you for that-


Preston Ackerman:


Sure.


Aaron Ackerman:


… and for trying to help keep us all safe. So, I’ve got … we ask all of our guests five questions, and I think this is the first time we’ve ever asked a family member, so it’s going to be interesting. You ready for our five wrap up questions?


Preston Ackerman:


Sure, let’s do it.


Aaron Ackerman:


So, what is the first way you ever remember making money?


Preston Ackerman:


I’m pretty sure you know the answer to this one since we did it together, but we had a thriving little lawn business, didn’t we?


Aaron Ackerman:


Yep.


Preston Ackerman:


So, I can remember at one point we had both gotten digital watches, which we synced up to beep on the hour every hour at exactly the same time, and that was fun and neat for a little bit, but then you started getting annoyed when you realized how much time you were spending with your little brother. And then the other thing I would say on that is I sure wish we could have some of the money back that we blew at the baseball card store across from the street.


Aaron Ackerman:


Yeah, that is so funny. So, in our very first episode over a year ago now, my partner and my co-host, Robert Wagner, and I asked each other these questions, and yeah, so very similar I said that we mowed lawns, I mowed lawns with my brother, and I told him we would … at the end of the day or maybe a couple times a week, or whatever, but we would get all the checks that our customers had written us and go to the bank to cash them, and just like you said, we’d go to through that drive-through and from the drive-through looking through the windshield of the car we’re just staring at a baseball card shop directly across the street. So, we’d get our pockets full of cash, and head straight over to the baseball card store. So, we made a lot of money. You’re a better saver than I am, I don’t know that we … at least I didn’t keep a lot of that money, but-


Preston Ackerman:


That baseball card store owner was probably excited when they saw your car in the bank drive-through.


Aaron Ackerman:


As I recall, not long after we stopped mowing lawns I think they went out of business. I’m not sure if those two events are related or not. But yeah, very good. Yeah, we were business partners long ago. So, we kind of joked a little bit about being a Major League Baseball player, or dreaming about things like that, what would you be doing if you weren’t a special agent with the FBI right now?


Preston Ackerman:


I honestly think that I would be working for the same computer networking company that I was with before. I mentioned how much I liked it. The company is headquartered in Nashville, and a few years ago I had the opportunity to go and visit them, I was in the area for something else, and it was really interesting to me to see their wall of 20 plus year employees, and I remember thinking, “Man, I would probably be on that wall.” It was kind of eyeopening to me that while I’ve never regretted my career choice to join the FBI for a second, it’s been great, but it was just kind of nice to think about how in this alternate scenario I would’ve been perfectly happy. So, there’s never, I think, just one way for things to work out for you.


Aaron Ackerman:


Yeah, sure. So, what would you like to go back and tell your 20-year-old self?


Preston Ackerman:


Well, my first thought is, “Hey, that online bookstore that you’ve been getting books from, I think it’s Amazon or something, don’t buy anymore books just buy stock. You don’t need to read another word.” But no, if you need a more serious answer, and this is kind of an odd one, I think, even for me to say, just to think about, but it’s you only have one body, take as good of care of it as you can. You just cannot realize when you’re 20 the way that you will kind of accumulate little ailments, aches and pains as you go through life that can kind of stick with you.


Preston Ackerman:


I mean, I’m in decent health, but yet still I’m sensitive to that aspect of things, and I know that probably most of your listeners make their living more so with their brain than physically, although could be either way, but all of us, no matter how we make our living, we perform better when we feel good, and I just totally did not appreciate that when I was in my 20s.


Aaron Ackerman:


Yeah. Well, that’s great advice. So, if your life to this point, all of your experiences, and the places you’ve gone, and people you’ve known, if all of that was the content for a book, basically a biography of Preston, and you got to name the book, what would you name your book?


Preston Ackerman:


I had heard you ask this to other listeners and I’ve always thought I have no idea how I would answer that if I got asked it, but I thought of maybe The Best Is Yet To Come, and the reason I choose that is because I had some things happen very early in my career that, to me, were very fulfilling, and I thought, “Man, that’s kind of sad, it just may not get any better than that.” But since then, I’ve had three or four more things, real highlights of things I’ve gotten to work on that each time I thought, “It’s probably all downhill from there.”, and so now I’m just not going to say that anymore. I mean, there just always could be something better ahead, and in hindsight I’m very glad that I was wrong about that so many times. But sooner or later I guess things will wind up, or go downhill or whatever, but I’m going to keep trying to have that exciting project to be a part of until I’m done.


Aaron Ackerman:


Yeah, I love that, that is so good. I think even just the other day you and I were talking on the phone, and we were talking about a couple of people that we know and have known our whole lives that into their 90s are just living life to the fullest, and we were kind of talking about how inspiring that is, and we never want to lose that kind of, I guess, zest for adventure, and just staying active, and traveling if you’re able, but just keeping your mind engaged in something cool, you know?


Preston Ackerman:


Definitely.


Aaron Ackerman:


Yeah, that’s awesome. Wrapping it up here, last question, what is the best advice that you’ve ever received?


Preston Ackerman:


Well, there’s a lot of good advice I’ve received, certainly, but for some reason I just thought of our grandpa. We got several good pearls of wisdom out of him. Little gems like, “It’s only worth what someone will give you for it.”, which tying it back to our baseball card discussion, we were always like, “No, Grandpa, this is a great idea, these are … look what the price guide says it’s worth.”, and he’d say, “No, it’s only worth what someone will it for you.”, and we both have stuff we spent real money on sitting around in attic or closet somewhere.


Aaron Ackerman:


Well, listen, don’t lose track of your thought here, but I want to just interrupt real quick, because it’s so funny you mention that our grandpa said that, and we haven’t talked about this, I use that in business a lot because I work with people who get to a point in their career where they want to sell the business that they’ve built, and they come to me and say, “I think my business is worth … I’m not going to take less than, whatever, X million dollars. And what do you think it’s worth?”, and I said, “Well, we’ll do evaluation, but at the end of the day, just like my grandpa told me about baseball cards, it’s only worth what someone else will give you for it.” So, sometimes we have that conversation where there’s a gap between what a buyer and a seller think something is worth, and it’s so funny you brought that up, but yeah.


Preston Ackerman:


Yep.


Aaron Ackerman:


So, go ahead.


Preston Ackerman:


Well. Some of his other ones, on a slightly less serious note I always enjoyed his sort of greatest generation style advice of, “Marry someone older than you so that they will start collection social security sooner.” Yeah, that was one of his little gems, I won’t say whether either of us did that.


Aaron Ackerman:


I will say one of us did, I won’t say which one.


Preston Ackerman:


Another one that has kind of made an impact on me from him though is he taught us to take care of things and make them last. I mean, on the man’s 50th wedding anniversary he literally still had and used a vacuum cleaner that he had gotten for a wedding present. And that thing was awesome, it had like the aesthetic of like a ’50s car, that kind of transferred, I guess, to vacuums.


Aaron Ackerman:


Yeah, it was retro now.


Preston Ackerman:


Yeah.


Aaron Ackerman:


Retro cool.


Preston Ackerman:


It was really cool, but I always regret it when I have to trash something because I didn’t take good enough care of it, and that was sort of another thing that he passed on.


Aaron Ackerman:


Yeah, very good. Well, we’ve been fortunate to have a lot of people in our life that kind of spoke wisdom to us, and yeah, I would say our grandpa was right at the top of that list.


Preston Ackerman:


For sure.


Aaron Ackerman:


Well, bro, this was fun for me. Thank you so much for taking the time. Congrats on all of your success, your career. Nobody ever responds to, “Oh, that’s so cool.”, when I tell them I’m a CPA, but when they ask me like, “What’s Preston doing?”, and I say, “Well, he’s a special agent in the FBI.”, that’s very interesting to them. So, thank you for sharing some of your experience, and helping us just think through how to protect our valuable assets in the business community, and just enjoyed the time. Thanks, man.


Preston Ackerman:


Same here, thank you very much.


Aaron Ackerman:


That’s all for this episode How That Happened. Thank you for listening. Be sure to visit howthathappened.com for show notes and additional episodes. You can also subscribe to our show on iTunes, Google Play, or Stitcher. This content is for informational purposes only, and does not constitute professional advice. Copyright 2020 HoganTaylor, LLP. All rights reserved. To view the HoganTaylor general terms and conditions, visit www.hogantaylor.com.


Preston Ackerman is a Supervisory Special Agent for the Federal Bureau of Investigation. He was assigned to FBI Headquarters on two separate occasions, supporting IT projects now in use throughout the FBI. He is currently assigned to the FBI’s Oklahoma City Division Cyber Squad and is the program coordinator for computer intrusion matters covering Oklahoma’s state. Prior to joining the FBI, he worked as a computer networking consultant.

His background in cybercrime and IT projects only helps with his investigative career. Now, Preston has a special appreciation for the business world and small businesses. He loves working with small business owners because they are under immense pressure, and they happen to be a crucial part of our economy.

In this episode, Preston reveals the inspiration behind his career with the FBI, the most significant cyber threats to your business, and the importance of awareness programs in a corporate setting.

Episode Resources:

This episode is now on Apple Podcasts, Google Play, Spotify, Stitcher, or wherever you listen to podcasts. You can also listen via the podcast player embedded above.

Make sure to subscribe to “How That Happened” to receive our latest episodes, learn more about our guests, and collect resources on how to better run your business.

Subscribe