Subjects

Bruce Schneier

New York Times Bestselling Author, Data & Goliath

“One of the world’s leading experts on computer security, and arguably the most articulate.” ~ The Economist

Add to Shortlist Schneier on Security @schneierblog

Biography

Bruce Schneier is an internationally renowned authority on technology and security with a level-headed, must-hear message for any audience concerned about our security and privacy. A highly respected and prolific author, he has written on the benefits and challenges of our intensifying surveillance society, analysis and commentary on the security issues of our times, how-to advice on protecting your data and email privacy, and technical work on cryptography and security economics. Bruce Schneier is a fellow at the Berkman Klein Center for Internet & Society at Harvard University, a Lecturer in Public Policy at the Harvard Kennedy School, and holds a number of other prestigious positions.

Publications and contributions. Bruce Schneier is the author of fourteen books on general security topics, computer security, and cryptography, including the New York Times best-seller Data and Goliath. He’s been writing a monthly newsletter since 1998 (Crypto-Gram) and a blog on security issues since 2004 (Schneier on Security), reaching an audience of more than 250,000 people — plus hundreds of articles, essays, and academic papers. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press.

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

We are all under surveillance right now and the powers that surveil us use the data they collect. Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. But have we given up more than we’ve gained? In his most recent book Data and Goliath, Bruce Schneier offers a different path to security, one that would reform our government surveillance programs and shake up surveillance-based business models while providing consumers and citizens with usable tips for protecting our privacy.

Opinion. Bruce Schneier comments on the security issues of the day with pragmatic wisdom born of extensive experience in the field and a deep ethical commitment to real security and personal privacy. A critic of many of our current efforts, he coined such internet memes as “security theater” to describe many of the Transportation Security Administration’s airport security measures and the phrase “movie-plot threats” to explain the popularity of measures that appeal to the public and legislators but do not counter real-life threats. He speaks about privacy and surveillance, security and the Internet of Things, nation-state cyber conflict, and many other issues.

Credentials

Positions

  • Fellow, Berkman Center for Internet and Society, Harvard University
  • Fellow, Belfer Center, Kennedy School of Government, Harvard University
  • Chief Technology Officer, IBM Resilient, a cyber security firm recently acquired by IBM
  • Board Member, Electronic Frontier Foundation
  • Advisory Board Member, Electronic Privacy Information Center

Publications

  • Author of 14 books, including Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
  • Author of the blog (Schneier on Security) since 2004
  • Author of the security newsletter Crypto-Gram since 1998; combined audience of 250,000
  • Author of hundreds of articles, essays, op-ed pieces, and academic papers

Books

Data and Goliath

The Hidden Battles to Collect Your Data and Control Your World

Bruce Schneier

You are under surveillance right now.

Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you're unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.

Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day. You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.

W. W. Norton & Company (18 April 2015)

Praise

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge. Mr. Schneier writes clearly and simply about a complex subject.”
— Jonathan A. Knee, The New York Times

“The public conversation about surveillance in the digital age would be a good deal more intelligent if we all read Bruce Schneier first.”
— Malcolm Gladwell

“Bruce Schneier has written a hugely insightful and important book about how big data and its cousin, mass surveillance, affect our lives, and what to do about it. In characteristic fashion, Schneier takes very complex and varied information and ideas and makes them vivid, accessible, and compelling.”
— Jack Goldsmith, former head of the Office of Legal Counsel of the Department of Justice under George W. Bush

“Schneier did not need the Snowden revelations, as important as they are, to understand the growing threat to personal privacy worldwide from government and corporate surveillance — he's been raising the alarm for nearly two decades. But this important book does more than detail the threat; it tells the average low-tech citizen what steps he or she can take to limit surveillance and thus fight those who are seeking to strip privacy from all of us.”
— Seymour M. Hersh, Pulitzer Prize–winning journalist

“A pithy, pointed, and highly readable explanation of what we know in the wake of the Snowden revelations, with practical steps that ordinary people can take if they want to do something about the threats to privacy and liberty posed not only by the government but by the Big Data industry.”
— Neal Stephenson, author of Reamde

“Schneier exposes the many and surprising ways governments and corporations monitor all of us, providing a must-read User’s Guide to Life in the Data Age. His recommendations for change should be part of a much-needed public debate.”
— Richard A. Clarke, former chief counterterrorism adviser on the National Security Council under Presidents Bill Clinton and George W. Bush, and author of Cyber War

“As it becomes increasingly clear that surveillance has surpassed anything that Orwell imagined, we need a guide to how and why we’re being snooped and what we can do about it. Bruce Schneier is that guide — step by step he outlines the various ways we are being monitored, and after scaring the pants off us, he tells us how to fight back.”
— Steven Levy, editor-in-chief of Backchannel and author of Crypto and Hackers

“A judicious and incisive analysis of one of the most pressing new issues of our time, written by a true expert.”
— Steven Pinker, Johnstone Professor of Psychology, Harvard University, and author of The Better Angels of Our Nature

Data and Goliath is sorely needed. On top of the ongoing avalanche of stories of cyberwarfare, data breaches, and corporate snooping, the Snowden revelations have left many people confused and cynical about protecting their own privacy. My hope is that Bruce Schneier's new book will empower people to join the conversation in the courts and elsewhere about how to think seriously and honestly about our current digital surveillance state and more importantly, how to build a digital society run by the consent of the governed.”
— Cindy Cohn, Legal Director for the Electronic Frontier Foundation

“The internet is a surveillance state, and like any technology, surveillance has both good and bad uses. Bruce Schneier draws on his vast range of technical and historical skills to sort them out. He analyzes both the challenge of big brother and many little brothers. Anyone interested in security, liberty, privacy, and justice in this cyber age must read this book.”
— Joseph S. Nye Jr., Harvard University Distinguished Service Professor and author of The Future of Power

“Bruce Schneier is the most consistently sober, authoritative, and knowledgeable voice on security and privacy issues in our time. This book brings his experience and sharp analytical skills to important and fast-evolving technology and human rights issues. Much has been said about the way our government, financial institutions, and online entities gather data, but less is said about how that seemingly infinite ocean of data is used, or might be used. In the face of a vast spectrum of possibility, clouded in secrecy, Bruce's book is a voice of steady reason.”
— Xeni Jardin, co-editor of BoingBoing

Data and Goliath is the indispensable guide to understanding the most important current threat to freedom in democratic market societies. Whether you worry about government surveillance in the post-Snowden era, or about Facebook and Google manipulating you based on their vast data collections, Schneier, the leading, truly independent expert writing about these threats today, offers a rich overview of the technologies and practices leading us toward surveillance society and the diverse solutions we must pursue to save us from that fate.”
— Yochai Benkler, Berkman Professor of Entrepreneurial Legal Studies at Harvard Law School and author of The Wealth of Networks

“Data, algorithms, and thinking machines give our corporations and political institutions immense and far reaching powers. Bruce Schneier has done a remarkable job of breaking down their impact on our privacy, our lives, and our society. Data and Goliath should be on everyone's must read list.”
— Om Malik, founder of Gigaom

“Lucid, sophisticated… Finely constructed, free of cant, and practical in its conclusions.” — Jacob Silverman, Los Angeles Times

“Paints a picture of the big-data revolution that is dark, but compelling; one in which the conveniences of our digitized world have devalued privacy.”
— Charles Seife, Nature

Secrets and Lies

Digital Security in a Networked World

Bruce Schneier

This anniversary edition which has stood the test of time as a runaway best-seller provides a practical, straight-forward guide to achieving security throughout computer networks. No theory, no math, no fiction of what should be working but isn't, just the facts. Known as the master of cryptography, Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. A much-touted section: Schneier's tutorial on just what cryptography (a subset of computer security) can and cannot do for them, has received far-reaching praise from both the technical and business community.

John Wiley & Sons; 1 edition (23 Jan. 2004)

Praise

"This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That's why Secrets and Lies belongs in every manager's library."
Business Week

"Startlingly lively...a jewel box of little surprises you can actually use."
Fortune

"Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."
Business 2.0

"Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online-almost everyone, in other words."
The Economist

"Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible."
Los Angeles Times

Carry On

Sound Advice from Schneier on Security

Bruce Schneier

Up-to-the-minute observations from a world-famous security expert.

Bruce Schneier is known worldwide as the foremost authority and commentator on every security issue from cyber-terrorism to airport surveillance. This groundbreaking book features more than 160 commentaries on recent events including the Boston Marathon bombing, the NSA's ubiquitous surveillance programs, Chinese cyber-attacks, the privacy of cloud computing, and how to hack the Papal election. Timely as an Internet news report and always insightful, Schneier explains, debunks, and draws lessons from current events that are valuable for security experts and ordinary citizens alike.

  • Bruce Schneier's worldwide reputation as a security guru has earned him more than 250,000 loyal blog and newsletter readers
  • This anthology offers Schneier's observations on some of the most timely security issues of our day, including the Boston Marathon bombing, the NSA's Internet surveillance, ongoing aviation security issues, and Chinese cyber-attacks
  • It features the author's unique take on issues involving crime, terrorism, spying, privacy, voting, security policy and law, travel security, the psychology and economics of security, and much more
  • Previous Schneier books have sold over 500,000 copies.

Carry On: Sound Advice from Schneier on Security is packed with information and ideas that are of interest to anyone living in today's insecure world.

John Wiley & Sons; 1 edition (31 Jan. 2014)

Liars and Outliers

Enabling the Trust that Society Needs to Thrive

Bruce Schneier

In today's hyper-connected society, understanding the mechanisms of trust is crucial. Issues of trust are critical to solving problems as diverse as corporate responsibility, global warming, and the political system. In this insightful and entertaining book, Schneier weaves together ideas from across the social and biological sciences to explain how society induces trust. He shows the unique role of trust in facilitating and stabilizing human society. He discusses why and how trust has evolved, why it works the way it does, and the ways the information society is changing everything.

Wiley; 1 edition (February 14, 2012)

Schneier on Security

Bruce Schneier

Presenting invaluable advice from the world's most famous computer security expert, this intensely readable collection features some of the most insightful and informative coverage of the strengths and weaknesses of computer security and the price people pay — figuratively and literally — when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level — business, technical, or personal.

John Wiley & Sons; 1 edition (26 Sept. 2008)

Beyond Fear

Thinking Sensibly About Security in an Uncertain World

Bruce Schneier

Many of us, especially since 9/11, have become personally concerned about issues of security, and this is no surprise. Security is near the top of government and corporate agendas around the globe. Security-related stories appear on the front page everyday. How well though, do any of us truly understand what achieving real security involves?

In Beyond Fear, Bruce Schneier invites us to take a critical look at not just the threats to our security, but the ways in which we're encouraged to think about security by law enforcement agencies, businesses of all shapes and sizes, and our national governments and militaries. Schneier believes we all can and should be better security consumers, and that the trade-offs we make in the name of security — in terms of cash outlays, taxes, inconvenience, and diminished freedoms - should be part of an ongoing negotiation in our personal, professional, and civic lives, and the subject of an open and informed national discussion.

With a well-deserved reputation for original and sometimes iconoclastic thought, Schneier has a lot to say that is provocative, counter-intuitive, and just plain good sense. He explains in detail, for example, why we need to design security systems that don't just work well, but fail well, and why secrecy on the part of government often undermines security. He also believes, for instance, that national ID cards are an exceptionally bad idea: technically unsound, and even destructive of security. And, contrary to a lot of current nay-sayers, he thinks online shopping is fundamentally safe, and that many of the new airline security measure (though by no means all) are actually quite effective. A skeptic of much that's promised by highly touted technologies like biometrics, Schneier is also a refreshingly positive, problem-solving force in the often self-dramatizing and fear-mongering world of security pundits.

Schneier helps the reader to understand the issues at stake, and how to best come to one's own conclusions, including the vast infrastructure we already have in place, and the vaster systems — some useful, others useless or worse — that we're being asked to submit to and pay for.

Copernicus; 1st ed. 2003. Corr. 2nd printing 2006 edition (4 May 2006)

Topics

Bruce tailors each presentation to the needs of his audience and is not limited to the topics we have listed below. These are subjects that have proven valuable to customers in the past and are meant only to suggest his range and interests. Please ask us about any subject that interests you; we are sure that we can accommodate you.

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

You are under surveillance right now. Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices were offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches. Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? Security expert Bruce Schneier offers another path, one that values both security and privacy.

The Politics of Cyberconflict: Lessons from Sony

Government policies regarding cybersecurity and cyberattacks are complicated, and the attacks on Sony last December illustrate this. The inability to attribute attacks, or even to tell the difference between a couple of lone hackers and a government with a $10 billion military budget, means it's impossible to know how to respond. Do the FBI's rules apply, or the DoDs? And if the US government decides to respond, how does it convince the public that the action is justified if the attribution evidence comes from secret NSA surveillance programs? New organizations like the Cyber Threat Intelligence Integration Center might help, or might just add another layer of bureaucracy. The lines have blurred between cyberespionage and cyberattack, and between civilian and military. In an age where Anonymous can credibly threaten both NATO and ISIS, and the NSA can attack Belgacom, everything we know about government cybersecurity policy is being shaken up.

The Future of Incident Response

Protection and detection can only take you so far, and breaches are inevitable. As a result, response incident response has stepped into the spotlight. This session will examine the economic and psychological forces within the computer security field and describe the future of incident response (IR) and thus, the industry. It will discuss how response technology, unlike detective and preventative controls, must augment people rather than replace them. Understanding the implications of this reality requires a systems theory approach to IR. This session borrows one from the US Air Force: OODA loops. By leveraging the cycle of observe, orient, decide, and act, this session demonstrates how we can optimize IR efforts, and deliver valuable insight into what is arguably the most crucial discipline to maintaining IT security in the coming decade.

Surveillance and Power

Whenever we interact with a computer, it produces data about us. With little or no oversight or regulation, our lives are being recorded to an unprecedented degree. Surveillance is the business model of the Internet, and that data is being collected, saved, and correlated for personalized marketing and control. Governments around the world are also collecting and saving this data, for law enforcement and control. We need to think not only of the benefits of a surveillance-driven society, but also the harms. We need to design policies that limit both corporate and government intrusions into our privacy, while at the same time reimagining our society in ways that can reap the benefits of our collective surveillance data.

NSA Surveillance and What To Do About It

Edward Snowden has given us an unprecedented window into the NSA's surveillance activities.  Drawing from both the Snowden documents and revelations from previous whistleblowers, this talk describes the sorts of surveillance the NSA conducts and how it conducts it.  The emphasis will be on the technical capabilities of the NSA, and not the politics or legality of their actions.  I will then discuss what sorts of countermeasures are likely to frustrate any nation-state adversary with these sorts of capabilities.  These will be techniques to raise the cost of wholesale surveillance in favor of targeted surveillance: ubiquitous encryption, target dispersal, anonymity tools, and so on.

Trust, Security, and Society

Human society runs on trust. We all trust millions of people, organizations, and systems every day -- and we do it so easily that we barely notice. But in any system of trust, there is an alternative, parasitic, strategy that involves abusing that trust. Making sure those defectors don’t destroy the cooperative systems they’re abusing is an age-old problem, one that we’ve solved through morals and ethics, laws, and all sort of security technologies. Understanding how these all work — and fail — is essential to understanding the problems we face in today’s increasingly technological and interconnected world.

Cyberwar and the Future of Cyber Conflict

Whether it’s political rhetoric from the world’s major powers, or actual attack and defense capabilities from those countries’ militaries, the world is gearing up for cyberwar. But we don’t really have good definitions of what cyberwar actually is. Is it war with a cyberspace component, or any political cyber-conflict? There’s a lot of money and power in the new cyberwar arms race, and it’s important to understand the players and the motivations. We need to stop pandering to cyberwar fears, and better understand cyberwar policy. This affects more than militaries — it affects us as individuals and as businesses as well.

Videos

Keynote: Can Blockchain Technology Solve The Social Problem | Blockchain Workshops

Before the US House Committee of Energy and Commerce

Keynote: Security and Privacy in a Hyper-connected World

The Hidden Battles to Collect Your Data | Commonwealth Club of California

The security mirage | TED

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World | Talks at Google

Feedback

A business strategy/risk management consulting company:
Bruce was a pleasure to work with during the planning phase — working with our marketing team to craft an agenda and topics that addressed both our audience's interests and our company's marketing goals — while maintaining professional integrity. Bruce did a great job during the event as well, balancing his own presentation with a robust, interactive discussion with our team and clients in attendance.

Articles

— Linux.com
— IT Pro
— Schneier on Security
— NetworkedWorld
— Slate
— New York Magazine
— CNN
— Schneier on Security
— NPR
— The National
— CSO
— Journalist's Resource
— MIT Technology Review
— Schneier on Security
— CSO
— Motherboard
— Tripwire
— Consumer Reports
— The Huffington Post
— Wired
— Forbes
— The Guardian
— LawFare Blog
— MIT Technology Review
— CNN
— CNN
— CSO
— Fortune
— CNN
— Software Engineering Daily
— LawFare
— CNN
— Business Insider
— Slate
— Computer Weekly
— MPR News
— Wired
— New Statesman
— The Washington Post
— ABC Lateline Australia
— Forbes
— The Atlantic
— TIME