This post is based on an interview with Tony Cole. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the great people that make our continued research and reporting possible. For the full series see: OODA Expert Network Bio Series.

Career Progression:

Tony Cole was always the kind of guy liked to take things apart to see how they worked.   Shortly after High School, Tony was faced with a family tragedy that left him searching for options.  His step-Dad suggested that he join the Army – and pick the field with the longest initial training school.   That happened to be Cryptography.   In the 1980’s, the equipment needed to provide secure communications would fill an entire room, and he spent the next twenty years in this growing field.  In his final assignments, he helped build the Army and Pentagon Computer Emergency Response Teams.   From this, he knew he wanted to work in the fast-paced field of Cyber Security when he transitioned to the Civilian World.

Tony started with Recourse Technologies, which provided network intrusion detection capabilities using the world’s first commercial Honeypots.  He loved the work.  Indicative of the field, the landscape changed around him.  After Recourse was bought by Symantec, Tony found himself working more and more on Data Storage after they acquired Veritas.  He missed the excitement of hunting and defeating cyber adversaries.  His move to McAfee allowed him to work directly on threats cyber threats by running a consulting business line.  Tony later moved from McAfee to FireEye as their global goverenment CTO.  Today, Tony serves as the CTO for Attivo Networks and is on the NASA Advisory Council as a Member-At-Large.

Surprises:

One thing that constantly surprises and frustrates him is how the world, in general, dismisses the cyber threat.  He remembers recently briefing the CIO/CISO of a large company, explaining how they had been breached and data was “going out the door”.  Their response: “Wow, that’s unfortunate.”  “Can you imagine their reaction if a team of armed burglars came into their data center and started to remove their equipment?  Why does the world think Digital Theft is less important than Physical Theft?” Tony asked. “Everything a company owns is digitized.  Losing control of that data can have catastrophic results.  Many executives don’t understand that the digital realm consists of many tentacles.  One compromised tentacle is a path to their critical assets.”

Advice for Political or Executive Decision-Makers:

Asked what the Political Decision Makers should do to improve the situation, he replied “They need to cooperate with each other and industry.  This is a problem that is eroding the bedrock of our country.  We MUST have a comprehensive agreement on cyber-attacks, and we need to build cooperative rules around it.”

How about executive decision makers?  They should all be aware that everyone is a target, including their own organization.

Security Improvements:

When asked about his views of the greatest security improvements of the last few years, Tony pointed to the growing level of experts moving into this field. This is a positive step for sure. He also pointed out how important our defensive tools are and the benefits of positive change there in the past few years. Tools and human experts are both accelerating and they need to do that together.

Risks in The Near Future: 

When asked how he looks at the near future, Tony said it was “potentially terrifying” without noticeable changes.  He sees three factors that will have a significant impact:  1.  The Advent of sensors everywhere (IoT).  2. Connecting these sensors through a robust 5G network that will have fewer and fewer perimeters and seams.  3. Adversarial Artificial Intelligence.

Tony also sees risk in the massive convergence of moving data to the cloud.  “It’s both a risk and a potential solution” Tony says.  “So many companies are moving into this space and trying to grab as much market share as they can – as fast as possible.  They are learning as they go.  While they have the ability to pool their expertise across this distributed domain (through managed services for security, etc.) it can expose the user to more risk until processes and tools mature.”

But Tony isn’t all gloom and doom.  He is very encouraged by the growing cadre of cyber experts moving into the field.  He has seen a significant up-tick in cyber expertise, led by numerous initiatives and enhanced by a collaborative social media environment to share best of breed ideas.

The Federal Market:

Tony encourages companies seeking business in the Federal Space to learn about the organization first by looking at their S&T divisions.  Armed with an understanding of the organization and their research efforts, a good company will provide a pitch that shows something new and different, and relevant to the organization.

Technology of Interest: 

Today, Tony is excited about Attivo’s Deception Technology.  www.attivonetworks.com By placing breadcrumbs, lures, and decoy documents and network decoys (like dummy active directories) within a network, IF (and really, it’s almost WHEN, considering the sophisticated phishing efforts seen today) an adversary breaks through, they will set off alerts as they attempt to take the bait.  That gives the cyber team time to shut down the attack before anything is compromised.

Views on Thought Leaders: 

I asked Tony who were the best thought leaders of today.  He replied Mat Devost and Bob Gourley, oodaloop.com .  “These two guys are always focused on solving problems; not on the financial benefit.”  He uses the OODA research and reports and appreciates their thoughtful analysis.  Additionally, he follows Brian Krebs and enjoys the way he is “focused on putting bad things into the spotlight”.  www.krebsonsecurity.com

The thing that is exciting him most these days is the work he does on the NASA Advisory Council.  “I’m a huge space buff!  We are changing the world with space-based tourism, commercialized low earth orbits and the technologies that are coming out of them, such as space based laser communications.”  Tony looks forward to the day in the near future when you will see regular people taking selfies on the way to the Moon, or streaming video from MARS in Hi Definition. “Most people think that NASA has been replaced by the commercial world.  But NASA is DRIVING the commercial space race through initiatives and partnerships with them, and because of this NASA should be able to lower costs for everyone in a path to the stars.” Tony says.

Tony concluded by saying “This is an exciting business.  We are never bored!  We have a long way to go to educate the world on the problem set.  But I remain optimistic that we will have an impact.”

Quick Hits:

• Book Recommendation: The Perfect Weapon by David Sanger
• Favorite piece of content on OODAloop: Tony loves the research and reports and analysis across the board, and did not have a favorite piece to single out for us.
• LinkedIn: https://www.linkedin.com/in/wmtonycole/
• Twitter: https://twitter.com/NoHackn