The former director of the U.S. Army's Global Network Operations and Security Center and now CSO of Firehost explains what is needed for security to work.
If the modern landscape for information security can be described as a battleground, then it makes sense that the right people to lead technology security efforts have military backgrounds. To that end, cloud hosting vendor Firehost
last week announced that retired U.S. Army Col. Jeff Schilling is now the company's new chief security officer (CSO).
Schilling is well-known in military circles as the former director of the U.S. Army's Global Network Operations and Security Center, which falls under the U.S. Army's Cyber Command.
"I was the guy that on a daily basis was working with people who were doing hands-on security both for the Department of Defense and the U.S. Army," Schilling told eWEEK
. "What I bring to Firehost is the great attributes that any experienced military officer would bring to a company, which is an understanding for how to conduct operations and to apply technology and people to operations to achieve objectives."
Firehost has positioned itself as a secure cloud hosting vendor and raised $25 million of new venture capital funding in April to help grow the business. One of Firehost's most notable customers is infamous former hacker Kevin Mitnick
So what does a military background add to the process of a securing a cloud vendor?
"I saw a guy riding his bike the other day with a bike helmet on, but he didn't have the helmet strap connected," Schilling said. "I'd say that's a great analogy for what I see as the way a lot of vendors run their security programs."
Schilling added that while many organizations' security programs appear safe to the world, they really aren't.
"A lot of people spend a lot of money on technology, but fail to really understand the people and processes to effectively deploy technology," he said.
From an operational perspective, when it comes to cloud security, Schilling emphasized that it's important to understand the signal flow. Schilling said that while in the military he was able to describe the signal flow from a user desktop from a deployed soldier all the way through the Internet access point and know the security controls in place at each level in between. He added that the first step in securing an organization is to first understand what it is that needs to be defended.
One of the biggest issues that any cloud vendor needs to deal with is the issue of rogue insiders. On a cloud platform, any user could potentially be a malicious user who is using the technology to attack other users.
"If you are tuning your environment to look for an advanced persistent threat inside your network, a lot of the time you will also be able to detect the rogue insider threat problem," Schilling said.
Cloud hosting vendors like Firehost also have a responsibility to ensure that their own infrastructure is not being used to attack others, he added.
Firehost must be able "to detect when our customers are compromised and then be able to notify and mitigate that outbound activity," Schilling said. "So we need to protect our customers from compromise, and we need to protect our infrastructure from being used by the threat actors to go after other folks."
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist.