Related Links

Related Stories

  • Bruce Schneier Leaves BT
    Bruce Schneier, BT's security futurologist, is leaving the company after eight years. In June 2013 he joined the board of digital rights firm Electronic Frontier Foundation, and has – since the Snowden revelations began – been a fierce critic of NSA/GCHQ mass surveillance. With BT increasingly implicated in GCHQ collaboration, it has become clear that the two positions are incompatible.
  • Bruce Schneier joins EFF; stays with BT
    Schneier, author of Applied Cryptography, Secrets and Lies and other books, founder of Counterpane (now BT Managed Security Solutions), and designer of the Blowfish and Twofish encryption algorithms, has joined the board of EFF.
  • Interview: BT's Bruce Schneier
    BT’s Bruce Schneier has made a reputation for himself by exploring the unconventional sides of security. Drew Amorosi sat down with this industry luminary to gain a greater understanding of the man and, briefly, dive into the mind and life that is Bruce Schneier…
  • RSA Europe: Bruce Schneier says profit-making motives are killing personal privacy
    Privacy is in danger of being destroyed by the profit-making motives of firms which hold our data, security expert Bruce Schneier warned his audience at the RSA Europe conference in London, 12th October 2010.
  • BT Counterpane’s Bruce Schneier talks to Eleanor Dallaway about why he hasn’t been fired yet
    Bruce Schneier has increased BT’s press mentions in the North American press by 21% since the UK telecom giant’s acquisition of his firm Counterpane one year ago. BT insists that the acquisition ran smoothly and that the two companies are working well together, and Bruce tells us that the Counterpane people are happy. But it seems there are a few creases in the BT Counterpane story that still need to be ironed out – Bruce’s job title being the first.

Top 5 Stories


Bruce Schneier Joins Co3 Start-up Firm

07 January 2014

When Bruce Schneier suddenly left BT in December, he hinted that he would explain his future plans in the new year. On what was for most people the first working day of 2014 he did just that – Schneier is the new CTO of start-up firm Co3. He has reunited with John Bruce, formerly CMO at Counterpane (the company Schneier sold to BT) and now CEO at Co3.

Schneier describes good security as a combination of 'protection, detection, and response,' but believes that the last element is poorly served by the security industry.  "While there are many companies that offer services to aid in incident response – mitigation, forensics, recovery, compliance – there are no comprehensive products in this area," he announced yesterday. "Well, almost none. Co3 Systems provides a coordination system for incident response..."

Incident response is of growing importance on both sides of the Atlantic. It is founded on two currently increasing premises: firstly that there is an inevitability about security incidents; and secondly that regulatory and legislative requirements on incident handling are becoming both more intrusive and more punitive. One aspect of the EU's planned General Data Protection Regulation (GDPR), for example, is a 24-hour breach notification regime (already required for communications providers) backed up by sanctions based on worldwide turnover for breaches of the regulation. 

The result of poorly handled incident response is consequently a combination of lost brand reputation, high clean-up costs, and regulatory fines. "The problem with any emergency response plan is that you only need it in an emergency," says Schneier. "Emergencies are both complicated and stressful, and it's easy for things to fall through the cracks. It's critical to have something – a system, a checklist, even a person – that tracks everything and makes sure that everything that has to get done is." So he sees incident response as something like an insurance policy – something you need but hope you don't; but could prove the difference between coping and disaster.

Although both Schneier and BT claimed that his recent criticism of NSA surveillance programs had nothing to do with them parting company, it could not have been an easy relationship for either. In August the Guardian reported, "Some of the world's leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain's spy agency GCHQ, and are passing on details of their customers' phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show."

So far Schneier has avoided any direct criticism of either GCHQ or BT, telling Infosecurity that he tried to avoid politics outside of the US. Whether he will now feel more able to do so remains to be seen. One thing, however, remains clear: he will not stop criticizing the NSA. Threat Post reports on an email conversation, "The work that he has done on the Snowden documents will continue, Schneier said, because he views it as more important than any given job. He will be working on the documents with Glenn Greenwald at his new media venture.

“None of that stops. That’s a rule with any company. Given the choice, the job loses,” he said. “I mean, what’s more important?”

This article is featured in:
Industry News  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×