Billington CyberSecurity recently interviewed Tony Cole, VP and Global Government CTO, FireEye. Tony recently traveled to the G20 and Davos and shares his views in our first of an occasional series of interviews with public and private sector cybersecurity thought leaders.
BILLINGTON: Of all the many cyber threats out there, which concerns you the most?
COLE: Probably right now it’s not a cyber threat as much as a new problem that increases our exposure. We’re completely moving to a mobile world and decimating the old perimeter. With that issue is the fast-moving prevalence of Internet of Things (IoT) devices which are being connected by the billions today around the globe with not much in the way of security baked into them.
Tied to that is the quick movement of ubiquitous connectivity via LTE from carriers which will likely by replaced by 5G soon. Once 5G is in place, that will likely replace most consumer home systems and many devices will connect directly to telcos. This means it’s all about protecting the data in the Cloud. We need to prepare now or suffer soon. And I’m an optimist.
BILLINGTON: Since new cyber threats seem to emerge at the speed of light, how do governments and private organizations defend against these new threats?
No Static Solutions
COLE: First and foremost, they need to understand that we have an adversary problem, not a malware problem. This means that someone is sitting at a keyboard and crafting a strategy to break into your environment. To counter that threat, you must accept the fact that there isn’t a single solution to the problem and focus on building an ever-evolving strategy that incorporates new tools, processes, policies, and expertise to be successful in ensuring your data isn’t stolen, modified, or destroyed.
There is no static solution. All we can do is ensure we understand the adversaries thoroughly to hopefully stop a cyber intrusion. If we can’t stop it, then ensure we mitigate the impact by not allowing the adversary to accomplish their objective.
International Law and CyberSecurity
BILLINGTON: What steps are needed globally for coordinated sharing of information and coordination response to international cyber incidents.
COLE: We need to better understand what current international laws apply to cyber security today. The Tallinn Manual 2.0 is a great place to start thanks to some great efforts by a lot of experts around the globe. Government’s need to understand those laws, review their applicability within their own country and possibly adjust via new laws.
Without a massive effort globally within each country to put the right laws in place, we’ll still have a long way to go before a cyber attack launched in one country that traverses many others can allow for evidence collection in each country and prosecution of perpetrators takes place regardless of where they sit. We’re making progress and some countries are cooperating while others aren’t at a point where they want to play nice.
Cybersecurity Concerns in Europe
BILLINGTON: You were recently in Davos and the G-20 meetings. What did you find were the largest cyber concerns? First from the business leaders at Davos, and second from government officials at the G-20 meeting? And what surprised you most?
COLE: The discussions varied widely depending on who you were talking to and where they were from around the globe. Several EU business leaders outside financial services at were somewhat comfortable that they were not a target of cyber-attacks. A misperception that surprised me the most given the size of some of these companies. I think the new GDPR and NIS-D regulations taking effect next year will cause companies in the EU, and companies doing business with EU citizens, to look more carefully within their enterprises and we’ll see an uptick and cyber breach reports in the press across the EU.
At the G20 there were a lot of side discussions on the financial market infrastructure and the potential risks of cyber-attacks since we’ve seen escalations in that area over the last four or five years. This aligns with part of the theme of this G20 event ‘Digitising Finance’. I interviewed the German Minister of the Interior after his speech on the main stage and was happy to see how deeply knowledgeable he was in cyber security and how forthright he was in his answers to my questions. The interview was live-streamed publicly and is available here.
Many of the G-20 attendees are also worried about their upcoming elections and possible attempts to compromise it via cyber-attacks.
Tony Cole will moderate a session on Latest Global and Emerging Threats in Cybersecurity at the 2nd Annual Billington International Cybersecurity Summit March 30, 2017, Washington, D.C.
Speakers on Mr Cole’s panel:
- Rear Adm. Timothy J. White, Commander, Cyber National Mission Force, U.S. Cyber Command
- Neal Ziring, Technical Director, Capabilities Directorate, National Security Agency
- James Trainor, Senior Vice President, Cyber Solutions Group, Aon (Former Assistant Director, Cyber Division, FBI)
- Thomas Donahue, Research Director, Cyber Threat Intelligence Integration Center (CTIIC)
Find out more about the Billington International Cybersecurity Summit here.
Tony Cole assists government agencies, corporations, and system integrators around the globe in understanding today’s advanced threats and their potential impact. Prior to joining FireEye, he was an executive at McAfee and Symantec Corporation in Consulting and Program Management. Cole is retired from the U.S. Army and has over thirty years of experience in a variety of IT and security environments including communications, intelligence, and cryptography.