UPDATEBruce Schneier, the famed cryptographer and author who recently left his longtime post at BT, has taken a new position as CTO of Co3 Systems, a startup that provides incident response systems. Schneier, a central figure in the security industry for more than two decades, said he is excited about the new challenge ahead.

Schneier left BT last month after spending nearly 15 years at Counterpane, which he helped found, and BT, which acquired the company in 2006. Counterpane was part of the first wave of managed security services providers in the late 1990s and provided monitoring and detection services for its customers. He said that the incident response system that C03 now provides may have been something that Counterpane could have put together had the company not been acquired. In joining Co3, Schneier rejoins one of the other members of Counterpane’s original executive team, John Bruce, who is CEO of Co3.

Schneier said that he sees a lot of need for the service that Co3 provides, especially in today’s environment where breaches are a daily occurrence and every organization is a target.

“Years ago, attacks were both less frequent and less serious, and compliance requirements were more modest. But today, companies get breached all the time, and regulatory requirements are complicated — and getting more so all the time. Ad hoc incident response isn’t enough anymore. There are lots of things you need to do when you’re attacked, both to secure your network from the attackers and to secure your company from litigation,” Schneier said on his blog.

“The problem with any emergency response plan is that you only need it in an emergency. Emergencies are both complicated and stressful, and it’s easy for things to fall through the cracks. It’s critical to have something — a system, a checklist, even a person — that tracks everything and makes sure that everything that has to get done is.”

Schneier said that he had been getting a little restless in the last year and was looking around for something interesting to do. He had enjoyed working in a startup environment at Counterpane and had been on the advisory board at Co3 Systems for a while, so the pieces fit together easily.

“I was getting a little antsy bored but then I thought, do I want to work for a company? But I know the people here and I like the product and it fits with my philosophy,” he said in an interview. “It’s peripheral enough to what I do that it doesn’t raise any questions. If I went to work for a hard-disk encryption company then immediately the NSA question comes up. I’m not going to stop doing what I’m doing. This is a company where there’s no quandaries.”

In recent months, Schneier, who is best-known for his cryptography work and his books on information and physical security, has been working with journalists at The Guardian to help analyze some of the NSA documents leaked by Edward Snowden. He also is currently serving as a fellow at The Berkman Center at Harvard University.

“I’m pretty excited about this.  It’s good to be back at a startup. Plus, John Bruce and I worked together at Counterpane…so we both know exactly what we’re getting ourselves into,” Schneier said by email.

The work that he has done on the Snowden documents will continue, Schneier said, because he views it as more important than any given job. He will be working on the documents with Glenn Greenwald at his new media venture.

“None of that stops. That’s a rule with any company. Given the choice, the job loses,” he said. “I mean, what’s more important?”

*Image via Stiftelsen‘s Flickr photostream, Creative Commons

Categories: Cryptography, Web Security