Herbert Hugh Thompson

Hugh Thompson
Born
CitizenshipAmerican
Alma materFlorida Institute of Technology
Known forsecurity
Scientific career
FieldsComputer science
InstitutionsMicrosoft
Columbia University
RSA Conference
Blue Coat Systems
Symantec

Dr. Herbert Hugh Thompson is a computer security expert, an adjunct professor in the Computer Science Department at Columbia University,[1] and the Chief Technology Officer of NortonLifeLock.[2] He is also the Chairman of RSA Conference[3] the world's largest information security conference with over 25,000 attendees annually. Thompson is the co-author of a book on human achievement titled The Plateau Effect: Getting from Stuck to Success published by Penguin in 2013[4][5] and has co-authored three books on information security including, How to Break Software Security: Effective Techniques for Security Testing published by Addison-Wesley,[6] and The Software Vulnerability Guide published by Charles River 2005.[7] He is known for his role in exposing electronic voting machine vulnerabilities as part of the HBO Documentary Hacking Democracy. He was named one of the "Top 5 Most Influential Thinkers in IT Security" by SC Magazine[8] and has been referred to by the Financial Times as "One of the world’s foremost cryptology and internet security experts."[9]

Career

[edit]

Thompson began his career as a research intern for Microsoft Corporation while working on his Ph.D. in Applied Mathematics at the Florida Institute of Technology, where he completed his degree in 2002.[10] He then went on to co-found Security Innovation Inc., an application security company and worked as their Chief Security Strategist. In 2007 he started another technology security company called People Security and also began teaching a course on "Software Security and Exploitation" at Columbia University that focused on methods to circumvent security mechanisms in software.[11] Thompson hosted a show that was sponsored by AT&T.[12] He has written several books and over 100 peer reviewed papers on Computer Security and Hacking.[13][14][15] Thompson has delivered keynotes at every RSA Conference since 2007.[16] He has been interviewed by top news organizations including BBC News,[17] Bloomberg Television,[18] CNN,[19] Fox News,[20] The New York Times[21] and the Associated Press.[22] He is also a contributor to the New York Times,[23] Scientific American[24] and IEEE Security & Privacy magazine.[25] Thompson was Senior Vice President at security infrastructure company Blue Coat Systems.,[26] and was named CTO of Symantec after the acquisition of Blue Coat in August 2016.[2]

Electronic Voting Security

[edit]

In 2006, Thompson participated in four hack tests for the nonprofit election watchdog group Black Box Voting.[27] Two of his tests involved altering election results reports on the Diebold GEMS central tally machines. Thompson also collaborated with Harri Hursti in the Black Box Voting projects in Leon County, Florida and Emery County, Utah. Thompson's GEMS central tabulator hack was achieved by inserting a Visual Basic script onto the GEMS server machine at election headquarters. Both the Visual Basic script hack by Thompson and the memory card hack by Hursti Hack can be seen in HBO's "Hacking Democracy" where Hursti and Thompson hacked into Diebold Election Systems's voting machines and central tabulator system in Leon County, Florida proving its vulnerability.[28]

Education

[edit]

Thompson completed his bachelors, masters and Ph.D. in applied mathematics at the Florida Institute of Technology.

Books

[edit]
  • Sullivan, Bob, and Hugh Thompson. Getting Unstuck: Break Free of the Plateau Effect. Penguin, 2014.(ISBN 0698183819)
  • Sullivan, Bob, and Hugh Thompson. The Plateau Effect: Getting from Stuck to Success. Penguin, 2013. (ISBN 1101624248)
  • Thompson, Herbert H., and Scott G. Chase. The Software Vulnerability Guide. Charles River Media, 2005. (ISBN 1584503580)
  • Thompson, Herbert H., and Spyros Nomikos. The Mezonic Agenda: Hacking the Presidency. Syngress Pub., 2004. (ISBN 1931836833)
  • Thompson, Herbert H., and J. A. Whittaker. How to Break Software Security. Addison Wesley, 2003. (ISBN 0321194330)
  • Thompson, Herbert H. "A Bayesian model of sequential test allocation for software reliability estimation." Ph.D. Dissertation, 2002 (ISBN 0493619062)

References

[edit]
  1. ^ Columbia University course page for COMS E6998-9 Software Security and Exploitation
  2. ^ a b Symantec Management Team
  3. ^ RSA Conference Appoints Dr. Herbert H. Thompson as Program Committee Chair and Advisory Board Member
  4. ^ Schawbel, Dan. "Bob Sullivan: How Plateaus Prevent You From Career Success". Forbes.
  5. ^ Coffey, Laura (2 May 2013). "Hey, high-achieving women! Here's how perfectionism holds you back". Today.
  6. ^ Whittaker, James (2003). How to Break Software Security. Addison Wesley. ISBN 0321194330.
  7. ^ Thompson, Herbert (2005). The Software Vulnerability Guide. Charles River Media. ISBN 1584503580.
  8. ^ "IT security reboot 2006: Top 5 influential security thinkers". SC Magazine.
  9. ^ Jones, Sam. "Encryption expert offers support to UK's GCHQ chief". Financial Times.
  10. ^ Thompson, Herbert (2002). A Bayesian model of sequential test allocation for software reliability estimation. Florida Institute of Technology. ISBN 0493619062.
  11. ^ Columbia University: COMS E6998-9: Software Security and Exploitation
  12. ^ "AT&T Can't Pay An Audience To Agree With Internet Filtering". Wired.
  13. ^ Thompson, Herbert H. "Why security testing is hard." IEEE Security & Privacy 1.4 (2003): 83-86.
  14. ^ Whittaker, James A., and Herbert H. Thompson. "Black Box Debugging." Queue 1.9 (2003): 68.
  15. ^ Thompson, Herbert H., and James A. Whittaker. "Rethinking software security." DOCTOR DOBBS JOURNAL 29.2 (2004): 73-75.
  16. ^ RSA Conference USA 2010: The Hugh Thompson Show 4/5, retrieved 2023-05-26
  17. ^ "How safe is the 'internet of things'?". BBC News. Retrieved 2023-03-07.
  18. ^ Bloomberg Television, First Up with Susan Li, "Cyber Security Threat Dynamic, Dangerous". https://www.bloomberg.com/video/cyber-security-threat-dynamic-dangerous-thompson-VBG2kLSxRb6aBvXmoqUvvQ.html
  19. ^ CNN transcripts Archived May 22, 2011, at the Wayback Machine
  20. ^ Snyder, Christopher (2015-03-24). "Increase in 'One-Day Wonder' websites helps disguise malware". Fox News. Retrieved 2023-03-07.
  21. ^ Perlroth, Nicole (2014-06-11). "Security Needs Evolve as Computing Leaves the Office". Bits Blog. Retrieved 2023-03-07.
  22. ^ R. Satter, "RESEARCHERS STYMIED BY HACKERS WHO DROP FAKE CLUES", AP, 10 December 2014. http://hosted.ap.org/dynamic/stories/E/EU_HACKER_WHODUNIT
  23. ^ Sullivan, Bob, and Hugh Thompson. "Brain, Interrupted," New York Times, May 5, 2013, pg. SR12.
  24. ^ Thompson, H. "How I Stole Someone’s Identity." Scientific American, online feature posted August 18 (2008).
  25. ^ Hugh Thompson, "The Human Element of Information Security", IEEE Security & Privacy, vol.11, no. 1, pp. 32-35, Jan.-Feb. 2013, doi:10.1109/MSP.2012.161
  26. ^ "Blue Coat Names Security Market Visionary Dr. Hugh Thompson as Senior Vice President and Chief Security Strategist".
  27. ^ Black Box Voting site containing Thompson and Hursti projects Archived July 16, 2007, at the Wayback Machine
  28. ^ HBO's documentary "Hacking Democracy" Archived January 7, 2010, at the Wayback Machine