AT&T Chief Security Officer, Dr. Edward G. Amoroso tells the story behind his latest book, Cyber Attacks: Protecting National Infrastructure
Dr. Edward G. Amoroso serves as Senior Vice President and Chief Security Officer for AT&T Services, Inc. His responsibilities include real-time security protection of AT&T's network and computing infrastructure – including mobility services; security policy, planning, and architecture for AT&T's enterprise; security support for AT&T's IPTV and entertainment initiatives; and lead design, development, and operations support for AT&T's managed and network-based security services.
Dr. Amoroso’s twenty-five-year career at AT&T began at Bell Laboratories, where he worked on securing the Unix operating system, as well as numerous federal government security initiatives. More recently, he has championed AT&T's network-based security strategy, centered around emerging in-the-cloud protection services such as Network-Based Firewall and DDoS Defense.
Dr. Amoroso has authored numerous research papers, articles, and books on information security including: Cyber Attacks: Protecting National Infrastructure (Butterworth-Heinemann, 2010); Cyber Security (Silicon Press, 2006); Intrusion Detection (Intrusion.Net Books, 1999); Fundamentals of Computer Security Technology (Prentice Hall, 1994); and PCWEEK Intranet and Internet Firewall Strategies (Ziff-Davis Press, 1996).
He is the 1999 winner of the AT&T Labs Technology Medal for his contributions to large-scale intrusion detection.
Dr. Amoroso holds M.S. and Ph.D. degrees in computer science from the Stevens Institute of Technology and is a graduate of the Senior Executive Program at the Columbia Business School. He has served as an Adjunct Professor in the Computer Science Department at Stevens for the past twenty years, and his work has been featured by the Wall Street Journal, CNBC, Network World and the New York Times.
No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well.
Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment.
This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.
- Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments.
- Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems.
- Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T.