????這篇文章提供的一些信息是我們以前不知道的。（那次入侵）基本上是政府主導(dǎo)，讓人意外。我們有過這樣的懷疑，因?yàn)槟欠N級(jí)別的入侵不是兩三個(gè)人在自己的地下室里就能發(fā)動(dòng)的。但要說我們的網(wǎng)絡(luò)被一個(gè)主權(quán)國(guó)家（俄羅斯）入侵了，還是會(huì)讓人一時(shí)驚呆。我們習(xí)慣了與其他商業(yè)企業(yè)競(jìng)爭(zhēng)，但絕對(duì)想不到會(huì)有一個(gè)主權(quán)國(guó)家侵入我們的網(wǎng)絡(luò)。

????讓我有些驚訝的是，2010年以來我們一直與政府積極接觸，包括我自己、一些董事會(huì)成員和管理層。因此，我們顯然是被刻意隱瞞了一些東西，不管是出于什么原因。

????我的另一個(gè)反應(yīng)是2010年確實(shí)出現(xiàn)了網(wǎng)絡(luò)安全問題，自那以后也時(shí)常發(fā)生。過去4年，我們?cè)诰W(wǎng)絡(luò)安全方面取得了長(zhǎng)足的進(jìn)步。如今的商業(yè)計(jì)劃，無論是從準(zhǔn)備狀態(tài)和意識(shí)角度，都已不同于2010年。

????過去4年，你們采取了什么措施來加強(qiáng)網(wǎng)絡(luò)安全？

????我確實(shí)要表揚(yáng)一下美國(guó)政府，他們幫助我們安然度過了過去4年。我想，這4年對(duì)于他們而言也是一段良好的關(guān)系。

????我們從三個(gè)角度來加強(qiáng)網(wǎng)絡(luò)安全。首先，我們的員工結(jié)構(gòu)發(fā)生了巨大變化，專職于網(wǎng)絡(luò)安全的員工數(shù)量顯著增多，其經(jīng)驗(yàn)水平也大幅提高。第二，網(wǎng)絡(luò)安全服務(wù)供應(yīng)商們提供了眾多不同的有意思的產(chǎn)品，其有效性遠(yuǎn)遠(yuǎn)超過2010年時(shí)的產(chǎn)品。我們是這些產(chǎn)品的積極用戶。第三，從經(jīng)營(yíng)上說，網(wǎng)絡(luò)安全成為我們的一項(xiàng)核心流程。我們會(huì)定期清理系統(tǒng)。

????最主要的一點(diǎn)是，永遠(yuǎn)都不能停歇。永遠(yuǎn)都不能說：“好，現(xiàn)在我們高枕無憂了。”威脅因素定期且持續(xù)地發(fā)生變化，總是會(huì)有什么讓人擔(dān)心，但必須要習(xí)慣這一點(diǎn)，將擔(dān)心轉(zhuǎn)化為正能量。

????當(dāng)您在35年前進(jìn)入科技和資本市場(chǎng)領(lǐng)域時(shí)，有沒有想象到會(huì)有怎樣的變化。您從職業(yè)生涯中學(xué)到了什么？

????上研究生前，我學(xué)的是英語專業(yè)。因此，我必須要保持靈敏，因?yàn)檎娴牟恢罆?huì)發(fā)生什么。隨著職業(yè)經(jīng)驗(yàn)的增長(zhǎng)，人們能更好地預(yù)測(cè)變化，但還是不能做到非常準(zhǔn)確。最重要的一點(diǎn)是要學(xué)會(huì)對(duì)自己說：“好的，不管怎樣，我都會(huì)接受這個(gè)世界。我希望總能看到事實(shí)?！睂?duì)于這個(gè)世界應(yīng)該是什么樣子，人們總是會(huì)有成見或偏見。但我們不得不面對(duì)殘酷的現(xiàn)實(shí)。當(dāng)現(xiàn)實(shí)如我們所想，它可能會(huì)讓我們欣喜，但很可能大多數(shù)時(shí)候，事實(shí)與我們所認(rèn)為的不一樣，我們必須靈活應(yīng)對(duì)。（財(cái)富中文網(wǎng)）

????譯者：早稻米

????There was information in that story that we were not aware of. The fact that [the attack] was fundamentally state-sponsored was a surprise. We always suspected that could be it because the level of attack was not something that two guys in their basement could do. But to see that we were targeted by a sovereign nation [Russia] is something that will take your breath away for a second. We’re accustomed to competing with other commercial enterprises, but to realize that you have a sovereign nation coming after your systems is an eye-opener.

????I was somewhat surprised in that we had been engaged with the government since 2010. That engagement was with myself, some board members, and members of management. So we obviously, for whatever reason, were not told the full story.

????Part of my reaction also is that it did happen in 2010, and so much has happened since then with cyber-security issues. It’s probably equivalent to dog years in terms of how we’ve progressed in the past four years. Any commercial endeavor is in a different state of preparedness and awareness than they were in 2010.

????What have you done to increase security in the four years since?

????I do want to compliment the government because they have helped us through the last four years, and it’s been, I think, a good relationship for them.

????We had to come at it in three ways. First, our staffing has changed dramatically with respect to the number of people dedicated to cyber-security, and the experience level of those people has increased dramatically. Second, the vendor community has come up with a number of different and interesting products that are remarkably more effective than [what] existed back in 2010. We’ve been an active consumer of that. Third, operationally you just have that as a core part of your procedures. You’re basically cleansing your systems on a regular basis, so we do that.

????The dominant point is that you can never rest. You can never get to a state of saying, “Okay, we are now protected.” The threat factors change on a regular and constant basis, so it’s definitely something that causes anxiety, and you’ve got to use that and funnel that anxiety in a positive way.

????You started in the business of technology and capital markets 35 years ago, and I suspect you could not have imagined how it would change. What lessons do you draw from your career?

????Plus I was an English major before I went to grad school. So you have to be agile because you really do not know what’s going to happen. As you get further along in your career, you get better at anticipating the change in the world, but you’re still not precise. The dominant skill is to say, “Okay, I’m going to take the world as it comes. I always want to see reality for reality.” People have their preexisting notions or biases in terms of what the world should look like. We always have to confront brutal reality. That could be a reality we like because it’s what we thought, but it could easily be, and most times is, a different reality than we perceived, and we have to be agile about responding to that.