Interview of Richard Stiennon

Richard_StiennonRichard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He is the author of Surviving Cyberwar (Government Institutes, 2010) and the soon to be published Cyber Defense: Countering Targeted Attacks.

Prior to founding IT-Harvest, Richard Stiennon was Chief Marketing Officer for Fortinet, Inc., the leading UTM vendor. Before Fortinet, he was VP Threat Research at Webroot Software.

Before Webroot, Mr. Stiennon was VP Research at Gartner Inc. where he covered security topics including firewalls, intrusion detection, intrusion prevention, security consulting, and managed security services for the Security and Privacy group. He is a holder of Gartner’s Thought Leadership award and was named “One of the 50 most powerful people in Networking” by NetworkWorld Magazine. He was also named “Security Superstar” by CRN magazine and named “Security Industry Pioneer” by SC Magazine. Most recently, Richard was named one of the “Top 25 Most Powerful Voices in Security” by Sys-Con Media.

Richard Stiennon is the most followed security expert on Twitter and manages the 5000+ members of the Security Leaders Group on LinkedIn. He is widely quoted in the press including The Wall Street Journal, Financial Times, San Jose Mercury News, and USA Today among many other trade publications.

Richard consults with major corporations and government agencies on security architectures and cyber threats.
Mr. Stiennon has presented in 28 countries on six continents. His speaking engagements have included:

  • University Rey Juan Carlos & BBVA Bank Summer Course in IS, Spain, 2011
  • Australian Defense Magazine Cyber security Summit, 2011
  • The CAST Security Summit, Washington DC, 2011
  • AusCert 2010
  • RSA Conference 2009, 2010, 2011
  • FDIC 4th Annual Technology Conference
  • Gartner symposia in Orlando, Denver, San Diego, San Francisco, Washington DC, Cannes, Tokyo, Mexico City and Sao Palo
  • Lectures at University of Wisconsin, University of Colorado, and Purdue University
  • CIO Seminars in Mexico City, Bogota, China, Singapore, Australia, New York, Boston, Las Vegas, The Pentagon, Anchorage, Honolulu, UK, Germany, Spain, Italy, Turkey, France, and Sweden
  • Recent Advances in IDS, Case Western University Stiennon writes the Cyber Domain blog at Forbes. He has written for Network World (IDG) and CIO Update (Jupiter Media) along with editing the Cyber Defense Weekly newsletter.

Stiennon earn a B.S. in Aerospace Engineering from the University of Michigan. He holds two patents. He is working toward his MA in War in the Modern World at King’s College, London.

Info of Richard Stiennon ?By http://cert-me.com

Can you discuss about your book ‘Surviving Cyberwar’ ? Just an overview!
Surviving Cyberwar is a book about state sponsored hacking. It begins in 2001 with some of the first “hacker wars” that had a national aspect. The book covers the story of Shawn Carpenter, the IDS admin at Sandia Labs who uncovered Titan Rain. He back hacked into servers in China and discovered data dumps from many US research labs and military bases. It investigates the Chinese Revolution in Military Affairs, some of the first writing on information warfare from the mid-90’s. It also covers crowd sourced DDoS, targeted attacks against gaming sites, and the story of Barrett Lyon. The book then goes into the ramping up of interest in cyber on the part of the US military and eventually most governments around the world.

Government’s security intelligence framework are capable to defense massive cyber attacks ? does government lacks an understanding of security defensive technologies compared to Major IT companies ?
Modern governments are huge bureaucracies. They have pockets of expertise in cyber defense (and offense) that are unmatched in the commercial world. But most government agencies the world over are not even close to the commercial world in the basics of cyber defense: patch management, vulnerability scanning, Intrusion Prevention, beaconing detection, etc. The biggest programme within the US government is to deploy IDS sensors at each of its 2,000+ Internet gateways. IDS mind you, not IPS. They are about ten years behind the commercial world.

SCADA control systems are vulnerable to remote control/0day ?cyber attack on SCADA systems can cause a major threat alarm ?
Only two years ago the US regulatory body that covers oil, gas, and electricity distribution, FERC, asked its member companies to identity critical assets. A huge number reported zero critical assets. SCADA systems are completely vulnerable and rely on segmentation from public networks for security. Obviously that is not a good defense. Zeroday vulns are not needed to compromise these systems.

Security operations and services are the core to provide effective security services to clients ?
Security operations have to be re-organized to counter targeted attacks (the subject of my next book: “Cyber Defense: Countering Targeted Attacks”) There is a difference between combating worms, viruses and random hacks and combating targeted attacks. New tools and a dedicated cyber defense team are required.

Can you discuss about the recent saga of “symantec source code exposed” and “the following claims that Indian intelligence infiltrated US government networks” ? whats your opinion, as India denies hacking into US emails.
Of course the spy vs. spy world has its own history of misdirection and subterfuge. At the surface it appears that India is engaging in cyber espionage targeting the United States. But our source is a hacking group that claims to have broken into Indian military servers. Is the hacking group truly motivated by a desire to change India and expose secrets? Or are they backed by a third party with their own agenda?

Would you like to address any message for the upcoming ‘The SCADA & Smart Grid Cyber Security Summit 2012’ at the LONDON on April 26th & 27th, 2012
Something has to be done to shake utilities and oil and gas transportation companies out of their lethargy. The common refrain is “if you want us to protect out networks you have to pay us to do so”. This is short sighted on their part. I suggest that governments could get immediate improvements in SCADA and smart grid security if they acted to remove the limits on liability the utilities have. Today if an ice storm causes a power outage, the utility cannot be sued for loss of business or even loss of life in a hospital. If they were made liable for losses due to outages caused by cyber attacks their insurance rates would go up, their bond ratings would go down, and they would immediately invest in beeging up their security. Of course, this is simplistic, because the natural reaction would actually be to cover up evidence of successful cyber attacks and blame outages on weather, earthquakes and coronal mass ejections from the sun. So regulatory agencies would have to monitor the networks of SCADA system operators.

Do you think many countries lack in cyber capabalities ? especially india ?
The only way I could say that countries do not lack in cyber capabilities would be if there were no cases of successful attacks. Obviously that is not the case in India or elsewhere.

Why china always considered as cyber threat to many nations ?
China is a fast growing economy that needs to pull ahead of the rest of the world technologically while maintaining a supply of earth resources to fuel its growth. It has the greatest need for information derived from industrial and military espionage. It is no surprise that it engages in such espionage on an organized and massive scale. It is most like Japan during its own rise to industrial might. Back then the “spying” was done with visiting delegations to the “West” armed with cameras.

Would you like to give any suggestion or advice for security
industrys to survive in cyber attacks ? considering the major recent cyber attacks

Every industry has to take a new look at their security posture in light of recent attacks. The security industry forgets that they too have critical assets like source code, design documents, product plans, and of course their email communications. They should lock down all of their systems right away.

Would you like to say something to your fans on Facebook, Twitter?
I have fans? To my followers I would say: keep the information flowing. There is so much to pay attention to and we all help filter the important information by Tweeting, blogging, and engaging in forums.