Fred Cohen is best known as the person who defined the term “computer virus” and the inventor of most of the widely used computer virus defense techniques, the principal investigator whose team defined the information assurance problem as it relates to critical infrastructure protection, as a seminal researcher in the use of deception for information protection, as a leader in advancing the science of digital forensic evidence examination, and as a top flight information protection consultant and industry analyst. But his work on information protection extends far beyond these areas.
In the 1970s he designed network protocols for secure digital networks carrying voice, video, and data; and he helped develop and prototype the electronic cashwatch for implementing personal digital money systems. In the 1980s, he developed integrity mechanisms for secure operating systems, consulted for many major corporations, taught short courses in information protection to over 10,000 students worldwide, and in 1989, he won the prestigious international Information Technology Award for his work on integrity protection. In the 1990s, he developed protection testing and audit techniques and systems, secure Internet servers and systems, defensive information warfare techniques and systems, early systems using deception for information protection, and bootable CDs designed for forensics and secure server applications. All told, the protection techniques he pioneered now help to defend more than three quarters of all the computers in the world.
Fred has authored more than 200 invited, refereed, and other scientific and management research articles, wrote a monthly column for Network Security magazine on managing network security for 6 years, and has written several widely read books on information protection. His series of “Infosec Baseline” studies have been widely used by the research community as stepping off points for further research, his “50 Ways” series is very popular among practitioners looking for issues to be addressed, and his “Protection for Deception” series of papers is widely cited. His recent “Chief Information Security Officers ToolKit” series of books and booklets are used by leading security practitioners around the globe, while his “Frauds Spies and Lies and How to Defeat Them” book has been the subject of radio talk shows, and his “World War 3 … Information Warfare Basics” is rapidly becoming standard among the thinkers in this arena. His most recent books have focused on “Enterprise Information Protection Architecture”, “Challenges to Digital Forensic Evidence”, and “Digital Forensic Evidence Examination”.
As a corporate consultant and industry analyst Fred has helped advise hundreds of the world’s largest enterprises on security and risk management strategy and their information protection programs. As a consultant to and researcher for the U.S. government he was the principal investigator on seminal studies in defensive information operations, he was the principal investigator on the national information security technical baseline series of reports, founded the College Cyber Defenders program at Sandia National Laboratories that ultimately led to the formation of the CyberCorps program, and led projects ranging from ‘Resilience’ to ‘The Invisible Router’. He has also worked in critical infrastructure protection, with law enforcement, and with the intelligence community to help improve their ability to deal with computer related crime and emerging threats to national security. He has worked on issues of digital forensics, including work for many large corporations, testimony in federal and state criminal and civil matters, and pro bono and state-funded work for indigent defendants, and in 2002, he won the “Techno-Security Industry Professional of the Year” Award. In 2009, he was named the “most famous hacker” of all time by ABC news, although they associated his work with some of the more infamous computer attackers, and failed to notice the difference between security expertise and people who get arrested for computer crimes.
Fred has participated in and created numerous strategic scenario games. He devised and ran the first Internet-based strategic information warfare wargame and held several initial trial Internet-based games involving national defense and corporate personnel. In 1998, he introduced the Internet Game for information security policy development, training, and awareness in corporate, educational, and government environments, and followed this up with the Sexual Harassment Game which helps train employees on sexual harassment policies and processes. His recent introduction of several security games and simulations to the Internet are excellent examples of the work he has done in this area.
He has also developed several strategic scenarios for government and private use.
Over the past 30 years, Fred has managed organizations and projects with as many as 250 employees. Several projects he led have resulted in new business in excess of $10 million, and one project led to a 5-year government contract with a ceiling of over $1.7 billion. He led a 35-person research team at Sandia National Laboratories for almost 5 years and produced several patents, copyrighted software programs, and publications in the process.
Today, Dr. Cohen is the President of California Sciences Institute, a graduate non-profit educational institution focused on national security and advanced investigations, and continues to be CEO of Fred Cohen & Associates where he works with government, industry, and non-profits to improve iunformation protection.
His combination of management, technical, and communication skills, allows him to effectively bridge the gap between decision makers and implementers. His involvement in and understanding of corporate, national, and global issues, provides a context that allows him to meet challenges of unlimited size and scope. With almost 30 years of experience and a global reputation for integrity, accuracy, and innovation, Fred Cohen is widely considered one of the world’s leading authorities in information protection.