Cloud provider FireHost's security chief brings lessons from the front lines
Chief Security Officer Jeff Schilling ran security at the U.S. Army and the Defense Department
IDG News Service - Jeff Schilling, who joined cloud hosting startup FireHost this week as chief security officer, knows a thing or two about cybersecurity.
As director of the U.S. Army's Global Network Operations and Security Center, he oversaw security operations and incident response for more than 1 million computers on 350 wide-area networks in 2,500-plus locations around the world. He went on to direct the global security operations center for the entire U.S. Department of Defense. During his 24-year military career, he was deployed to Saudi Arabia, Kuwait, Haiti and Afghanistan to work on communications and information security.
Schilling retired from the Army in 2012 to run the Global Incident Response practice for Dell SecureWorks. His new company, Dallas-based FireHost, operates a managed cloud IaaS (infrastructure as a service) to securely host enterprise data, including regulated data such as payment and health-care information.
The IDG News Service talked to Schilling about his experiences securing military operations and what they taught him about enterprise security. This is an edited transcript of that conversation.
IDG News Service: What kinds of cybersecurity threats did you face?
Schilling: There are three categories of threat: criminal actors, nation-state actors and insider threats. Categories of threat will tell you what capability they have.
When you start to look at motives, there are three main motives. One is hacktivism, or destructive activity. That could be a nation-state actor, that could be a criminal actor, or that could be an insider who's trying to disrupt, deny, or destroy inside your network. The other category is strictly criminal, trying to take intellectual property; putting malware on your system that locks up your system and then making you pay ransom; and credit-card and other breaches.
The other type of motive I see out there is national-level espionage. I think there are over 190 countries that have active cybercollection programs ... to try to gain advantage in national policy. That's how you would best characterize the type of operations that the U.S. government does: basically, foreign intelligence gathering to help inform national policy decision-making.
The other type of nation-state activity that we're seeing, although it's hard to give attribution to, is what would probably be termed as cyberwarfare: Deny, disrupt, destroy, and keeping people from getting access to their infrastructure.
IDGNS: Who's winning?
Schilling: Clearly, threat actors have the advantage. When I was in the Army about three years ago, I was doing a public speaking event, and someone asked me, 'What is the game-changer that would bring the initiative back to the defense?' Our legacy networks are not defendable the way we have them set up now. If we created a cloud infrastructure with a blank sheet of paper that was defendable, then we could get the initiative back. That's one of the things that drew me to FireHost.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!