Fred Cohen is best known as the inventor of computer virus defense techniques, the principal investigator whose team defined the information assurance problem as it relates to critical infrastructure protection today, as a seminal researcher in the use of deception for information protection, and as a top flight information protection consultant and industry analyst, and as a leader of an ecosystem to support startup, emerging, and growth companies. But his work on information protection, risk management, and decision support extends far beyond these areas.
In the 1970s he designed network protocols for secure digital networks carrying voice, video, and data; and he helped develop and prototype the electronic cashwatch for implementing personal digital money systems. In the 1980s, he developed integrity mechanisms for secure operating systems, consulted for many major corporations, taught short courses in information protection to over 10,000 students worldwide, and in 1989, he won the prestigious international Information Technology Award for his work on integrity protection. In the 1990s, he developed protection testing and audit techniques and systems, secure Internet servers and systems, defensive information warfare techniques and systems, early systems using deception for information protection, and bootable CDs designed for forensics and secure server applicaitons. All told, the protection techniques he pioneered now help to defend more than three quarters of all the computers in the world.
Fred has authored almost 200 invited, refereed, and other scientific and management research articles, wrote a monthly column for Network Security magazine on managing network security, continued to write a monthly series of artcles published over the Ineternet for more than 25 years, and has written several widely read books on information protection. His series of "Infosec Baseline" studies have been widely used by the research community as stepping off points for further research, his "50 Ways" series is very popular among practitioners looking for issues to be addressed, and his most recent "Protection for Deception" series of papers and patents are now widely cited.
As a corporate consultant Fred has helped secure some of the world's largest companies in the fields of information technology, microelectronics, pharmaceuticals, manufacturing, transportation, telecommunications, and the financial and information industries. As a consultant to and researcher for the U.S. government he was the principal investigator on seminal studies in defensive information operations , he was the principal investigator on the national information security technical baseline series of reports, founded the College Cyber Defenders program at Sandia National Laboratories that ultimately led to the formation of the CyberCorps program, and led projects ranging from 'Resiliance' to 'The Invisible Router'. He has also worked in critical infrastructure protection, with law enforcement, and with the intelligence community to help improve their ability to deal with computer related crime and emerging threats to national security. He has worked on issues of digital forensics, including work for many large corporations and pro bono and state-funded work for indigent defendants, and in 2002, won the "Techno-Security Industry Professional of the Year" Award.
Fred has participated in and created numerous strategic scenario games. He devised and ran the first Internet-based strategic information warfare wargame and held several initial trial Internet-based games involving national defense and corporate personnel. In 1998, he introduced the Internet Game for information security policy development, training, and awareness in corporate, educational, and government environments, and followed this up with the Sexual Harassment Game which helps train employees on sexual harassment policies and processes. His recent introduction of several security games and simulations to the Internet are excellent examples of the work he has done in this area. He has also developed several strategic scenarios for government and private use.
As an angel investor and leader of an early stage company growth ecosystem, he was a member and chapter president of Keirestsu Forum, the most active private equity investment group in the world with 3,000+ members in 53 chapter on 4 continents; he founded Angel to Exit, which helps grow companies, created technologies and methodologies used to advise dozens of companies and perform metrics for due diligence, co-founded USG to help early stage companies get non-dilutive funding, and worked with companies and investors around the world to support growth, and has written monthly articles on issues related to growing companies since 2015.
Over the past 30 years, Fred has managed organizations and projects with as many as 250 employees. Several projects he led have resulted in new business in excess of $10 million, and one project led to a 5-year government contract with a ceiling of over $1.7 billion. He led a 35-person research team at Sandia National Laboratories for almost 5 years and produced several patents, copyrighted software programs, and publications in the process.
His combination of management, technical, and communication skills, allows him to effectively bridge the gap between decision makers and implementers. His involvement in and understanding of corporate, national, and global issues, provides a context that allows him to meet challenges of unlimited size and scope. With more than 30 years of experience and a global reputation for integrity, accuracy, and innovation, Fred Cohen is widely considered one of the world's leading authorities in information protection and operational risk management