Q&A with Bill Crowell
Bill is the former Deputy Director of the National Security Agency and a former Silicon Valley CEO, as well as a member of KippsDeSanto’s Cyber and Intelligence Advisory Council. Click here to read his full bio.
KippsDeSanto: How do you define “cyber”?
Bill: All of my friends in the IT security business have a problem with the word “cyber.” It was originally used as a science fiction term, for example “Cybernetics.” Somehow the term came to be used in IT and information systems. “Cyber” is a short-hand term for all of us to describe the plethora of computational and information sciences that support and define everyday life.
KippsDeSanto: What are the significant cyber requirements in the near-term?
Bill: First, the most important and least deployed security technologies are authentication authorization and identity management. Without these we don’t know who is in our networks, allowing our enemies easy access to our systems. Second, the technologies surrounding the network to inform what is happening, namely intrusion detection, monitoring, anti -virus, anti-malware and auditing are growing in importance. Most of these, while not very effective by themselves, are nevertheless essential parts of the security architecture. Third, encryption is the most advanced and widely deployed technology, albeit with one important weakness, key management. The effective generation and management of the keys is the Achilles Heel, hence a significant requirement. Next would be more secure, better performing firewalls and other gateway devices. Currently, the more secure these gateways are, the less functional the networks become. This is especially important given the growth of mobility. Improving security while diminishing performance is counterproductive. Finally, as we are learning from the so-called “advanced persistent threat,” or APT, the most important vulnerability is people. APT’s massive threat results from the marriage of social engineering and cyber attack technology. For example, zero day attacks would not be nearly as effective if phishing were not so effective. So these systems can only be managed by effective training of users to resist phishing probes.
KippsDeSanto: Please provide your thoughts on the following words and phrases: Pattern recognition.
Bill: Another word for the correlation of network events, an essential part of studying the behavior of network elements, namely people, endpoints, switches, routers, etc.
Bill: Another word like “cyber” which allows us to describe a concept, not a real thing. Essentially, cloud is a large collection of computers, connections and storage that can be made to operate as a single computing device through virtualization.
KippsDeSanto: Virtual Machines.
Bill: An essential ingredient of the cloud that allows one to virtualize the computational engine and storage in a server or other large computing platform. Virtual machines can be formed and torn down at will and as needed for applications.
KippsDeSanto: Thank you for your time.