Synopses & Reviews
No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment. This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.
* Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments. * Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems. * Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T.
Protect the nation's most vital assets with this unique approach to cyber security policy!
"Ed Amoroso has again given the policy community a thoughtful roadmap. Cyberthreats are becoming more sophisticated, but thankfully Ed is well abreast of the problem and leading with solutions."-John Hamre,
Deputy Secretary of Defense (1997-2000), president and CEO of the Center for Strategic and Informational Studies, Washington, DC
"Dr. Amoroso's fifth book Cyber Attacks: Protecting National Infrastructure outlines the challenges of protecting our nation's infrastructure from cyber attack using security techniques established to protect much smaller and less complex environments. He proposes a brand new type of national infrastructure protection methodology and outlines a strategy presented as a series of ten basic design and operations principles ranging from deception to response. The bulk of the text covers each of these principles in technical detail. While several of these principles would be daunting to implement and practice they provide the first clear and concise framework for discussion of this critical challenge. This text is thought-provoking and should be a ‘must read’ for anyone concerned with cybersecurity in the private or government sector."-Clayton W. Naeve, Ph.D., Senior Vice President and Chief Information Officer, Endowed Chair in Bioinformatics, St. Jude Children's Research Hospital, Memphis, TN
"Dr. Ed Amoroso reveals in plain English the threats and weaknesses of our critical infrastructure balanced against practices that reduce the exposures. This is an excellent guide to the understanding of the cyber-scape that the security professional navigates. The book takes complex concepts of security and simplifies it into coherent and simple to understand concepts."-Arnold Felberbaum, Chief IT Security & Compliance Officer, Reed Elsevier
"The national infrastructure, which is now vital to communication, commerce and entertainment in everyday life, is highly vulnerable to malicious attacks and terrorist threats. Today, it is possible for botnets to penetrate millions of computers around the world in few minutes, and to attack the valuable national infrastructure. "As the New York Times reported, the growing number of threats by botnets suggests that this cyber security issue has become a serious problem, and we are losing the war against these attacks. "While computer security technologies will be useful for network systems, the reality tells us that this conventional approach is not effective enough for the complex, large-scale national infrastructure. "Not only does the author provide comprehensive methodologies based on 25 years of experience in cyber security at AT&T, but he also suggests ‘security through obscurity,’ which attempts to use secrecy to provide security." -Byeong Gi Lee, President, IEEE Communications Society, and Commissioner of the Korea Communications Commission (KCC)
"Amoroso has laid the much needed foundation for a solid Critical Infrastructure plan. Security professionals now have the basis to apply his ideas to solve an incredibly complex problem. "-Howard Israel, Corporate Security Officer, Fidessa Corporation
"Cyber Attacks: Protecting National Infrastructure is a captivating journey through cyber security policy development for complex infrastructures by one of today’s foremost experts on large-scale network security. It is a must read technological roadmap for anyone interested in what we must do to strengthen our national network security systems."-Ken Xie, CEO, Fortinet, Inc.
"Some of his ideas are controversial and bound to incite debates about privacy and practice. For instance in his book, Cyber Attacks: Protecting National Infrastructure," Amoroso suggests using large-scale and coordinated collection of network-traffic data as well as security information from end-user desktops to pinpoint botnet-compromised computers, identify suspicious anomalies and trace attack paths."--Network World Magazine
"In his new book Cyber Attacks: Protecting National Infrastructure, Amoroso takes a hard look at common information security practices that have failed to protect individuals, organizations, and ultimately US critical infrastructure. Amoroso offers a new way of looking at information security and some "common sense" strategies to thwart cyberattackers, who are becoming more sophisticated, organized, and advanced."--Infosecurity Magazine (an Elsevier publication)
"Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology ikn their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment…. The book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction."--The Journal of Law Enforcement, Spring 2011
About the Author
Edward Amoroso is currently Senior Vice President and Chief Security Officer of AT&T, where he has worked in cyber security for the past twenty-five years. He has also held the adjunct professor position in the computer science department at the Stevens Institute of Technology for the past twenty years. Edward has written four previous books on computer security, and his writings and commentary have appeared in major national newspapers, television shows, and books. He holds a BS degree in physics from Dickinson College, and the MS/PhD degrees in computer science from Stevens Institute of Technology. He is also a graduate of the Columbia Business School.
Table of Contents
Chapter 1: Introduction Chapter 2: Deception Chapter 3: Separation Chapter 4: Diversity Chapter 5: Commonality Chapter 6: Depth
Chapter 7: Discretion Chapter 8: Collection Chapter 9: Correlation
Chapter 10: Awareness Chapter 11: Response Appendix: Sample National Infrastructure Protection Requirements