????這篇文章提供的一些信息是我們以前不知道的。（那次入侵）基本上是政府主導，讓人意外。我們有過這樣的懷疑，因為那種級別的入侵不是兩三個人在自己的地下室里就能發動的。但要說我們的網絡被一個主權國家（俄羅斯）入侵了，還是會讓人一時驚呆。我們習慣了與其他商業企業競爭，但絕對想不到會有一個主權國家侵入我們的網絡。

????讓我有些驚訝的是，2010年以來我們一直與政府積極接觸，包括我自己、一些董事會成員和管理層。因此，我們顯然是被刻意隱瞞了一些東西，不管是出于什么原因。

????我的另一個反應是2010年確實出現了網絡安全問題，自那以后也時常發生。過去4年，我們在網絡安全方面取得了長足的進步。如今的商業計劃，無論是從準備狀態和意識角度，都已不同于2010年。

????過去4年，你們采取了什么措施來加強網絡安全？

????我確實要表揚一下美國政府，他們幫助我們安然度過了過去4年。我想，這4年對于他們而言也是一段良好的關系。

????我們從三個角度來加強網絡安全。首先，我們的員工結構發生了巨大變化，專職于網絡安全的員工數量顯著增多，其經驗水平也大幅提高。第二，網絡安全服務供應商們提供了眾多不同的有意思的產品，其有效性遠遠超過2010年時的產品。我們是這些產品的積極用戶。第三，從經營上說，網絡安全成為我們的一項核心流程。我們會定期清理系統。

????最主要的一點是，永遠都不能停歇。永遠都不能說：“好，現在我們高枕無憂了。”威脅因素定期且持續地發生變化，總是會有什么讓人擔心，但必須要習慣這一點，將擔心轉化為正能量。

????當您在35年前進入科技和資本市場領域時，有沒有想象到會有怎樣的變化。您從職業生涯中學到了什么？

????上研究生前，我學的是英語專業。因此，我必須要保持靈敏，因為真的不知道會發生什么。隨著職業經驗的增長，人們能更好地預測變化，但還是不能做到非常準確。最重要的一點是要學會對自己說：“好的，不管怎樣，我都會接受這個世界。我希望總能看到事實。”對于這個世界應該是什么樣子，人們總是會有成見或偏見。但我們不得不面對殘酷的現實。當現實如我們所想，它可能會讓我們欣喜，但很可能大多數時候，事實與我們所認為的不一樣，我們必須靈活應對。（財富中文網）

????譯者：早稻米

????There was information in that story that we were not aware of. The fact that [the attack] was fundamentally state-sponsored was a surprise. We always suspected that could be it because the level of attack was not something that two guys in their basement could do. But to see that we were targeted by a sovereign nation [Russia] is something that will take your breath away for a second. We’re accustomed to competing with other commercial enterprises, but to realize that you have a sovereign nation coming after your systems is an eye-opener.

????I was somewhat surprised in that we had been engaged with the government since 2010. That engagement was with myself, some board members, and members of management. So we obviously, for whatever reason, were not told the full story.

????Part of my reaction also is that it did happen in 2010, and so much has happened since then with cyber-security issues. It’s probably equivalent to dog years in terms of how we’ve progressed in the past four years. Any commercial endeavor is in a different state of preparedness and awareness than they were in 2010.

????What have you done to increase security in the four years since?

????I do want to compliment the government because they have helped us through the last four years, and it’s been, I think, a good relationship for them.

????We had to come at it in three ways. First, our staffing has changed dramatically with respect to the number of people dedicated to cyber-security, and the experience level of those people has increased dramatically. Second, the vendor community has come up with a number of different and interesting products that are remarkably more effective than [what] existed back in 2010. We’ve been an active consumer of that. Third, operationally you just have that as a core part of your procedures. You’re basically cleansing your systems on a regular basis, so we do that.

????The dominant point is that you can never rest. You can never get to a state of saying, “Okay, we are now protected.” The threat factors change on a regular and constant basis, so it’s definitely something that causes anxiety, and you’ve got to use that and funnel that anxiety in a positive way.

????You started in the business of technology and capital markets 35 years ago, and I suspect you could not have imagined how it would change. What lessons do you draw from your career?

????Plus I was an English major before I went to grad school. So you have to be agile because you really do not know what’s going to happen. As you get further along in your career, you get better at anticipating the change in the world, but you’re still not precise. The dominant skill is to say, “Okay, I’m going to take the world as it comes. I always want to see reality for reality.” People have their preexisting notions or biases in terms of what the world should look like. We always have to confront brutal reality. That could be a reality we like because it’s what we thought, but it could easily be, and most times is, a different reality than we perceived, and we have to be agile about responding to that.