by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : October 2014
GCN OCTOBER 2014 • GCN.COM 13 Tony Cole has been immersed in cybersecurity since before it was an industry. In 2002, he retired after a 20-year career in the Army, where his last assignment was as technical operations manager for network security services at the Pentagon, responsible for overseeing secu- rity teams for the Pentagon backbone. Cole spent the next 11 years in a number of cybersecurity firms, including Syman- tec and McAfee, where he began to see a troubling pattern: Many organizations were spending a lot of money on cybersecurity, but they still were being compromised. He joined FireEye in 2013 as vice president and global government CTO, where he acts as a liaison with governments, educating them about the new realities he’s observed on the cyber threat landscape and the need to move defenses beyond static detection. “It was a pretty easy jump for me to come to FireEye,” Cole said. “ There were changes taking place in cybersecurity, and I wanted to be part of it.” The biggest change on the horizon was developing responses to a new generation of motivated hackers and sophisticated cyber attacks. The old-style broadcast Internet attacks targeting widespread vulnerabilities were being supplemented by more targeted assaults using multi-vector attacks, against which the old defenses did not work. But Cole was optimistic about defenses being developed against the new breed of attacks. “ FireEye was doing something different,” Cole said. The new reality for high-value targets is that you will be com- promised, and FireEye’s job is to detect the compromise as quickly as possible, isolate and remediate it, then minimize the impact. Adversaries still use the old attacks, deploying the level of technology necessary to achieve a network compromise. The old attacks harvest low-hanging fruit, while more sophisticated attacks breach tougher targets. The result is that the average time to discovery for a compromise is 224 days. “ We need to shrink that window,” Cole said. “ We don’t advocate replacing signa- ture-based tools. We integrate with that technology.” But different tools also are needed. Some governments already are aware of the new world order and have responded, while others still are being brought up to speed, Cole said. Among the accomplishments he points to since joining FireEye are the company’s contributions to the Framework for Improv- ing Critical Infrastructure Cybersecurity, released by the National Institute of Stan- dards and Technology in February, the recent update of government cybersecurity controls in NIST’s Special Publication 800-53 and the State Department’s emerging strategy for cyber deterrence. Because they are high-profile, high-value targets, governments often are aware of the threats they face and are early adopters of security technology. But at the same time they often are hampered by tight budgets and lengthy acquisition cycles that can keep them from adopting the tools they need as quickly as possible. Governments need more agile policies that will let them adapt to rapidly evolving threats, Cole said. According to Cole, a good leader needs to understand not only what he knows, but also what he doesn’t know, so he has been filling the gaps, enabling him to have a greater impact with governments around the world. Cybersecurity is a 24-hour-a -day job, he said, which can encroach on personal and family time. But it also is an exciting job that keeps practitioners motivated. “ We wouldn’t have it any other way.” — William Jackson As FireEye’s global government liaison, Tony Cole brings governments the technology and insights to thwart a new generation of motivated attackers. COLE GUIDES AGENCIES IN NEXT- GEN CYBER WARFARE
November and December 2014