Protecting National InfrastructureBy
- Edward Amoroso, Senior Vice President and Chief Security Officer of AT&T
No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well
Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment.
This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.
Security professionals tasked with protection of critical infrastructure and with cyber security. CSOs and other top managers. Government and military security specialists and policymakers. Security managers. Students in cybersecurity and international security programs.
Hardbound, 248 Pages
Published: December 2010
Imprint: Butterworth Heinemann
"Amorosos advice takes the art out of the debate onwhether security is art or science. He brings a high level goal oriented approach to practical situations in order for the right security decisions to appear obvious to the reader. However, no book is a single solution, and this one is no exception. Some readers may be disappointed not to find comprehensive references for further reading. It is apparent that the book surveys a great deal of literature, but there is no bibliography. Readers may also be disappointed that there is no step-by-step guaranteed path to cyber security solutions. The book provides no procedures or checklists. Nevertheless, those who allow Amoroso to influence their view of the security problem at the level he chooses to present it should more easily be able to recognize cyber security solutions."--Computers and Security"Ed Amoroso has again given the policy community a thoughtful roadmap. Cyberthreats are becoming more sophisticated, but thankfully Ed is well abreast of the problem and leading with solutions."-John Hamre, Deputy Secretary of Defense (1997-2000), president and CEO of the Center for Strategic and Informational Studies, Washington, DC"Dr. Amoroso's fifth book Cyber Attacks: Protecting National Infrastructure outlines the challenges of protecting our nation's infrastructure from cyber attack using security techniques established to protect much smaller and less complex environments. He proposes a brand new type of national infrastructure protection methodology and outlines a strategy presented as a series of ten basic design and operations principles ranging from deception to response. The bulk of the text covers each of these principles in technical detail. While several of these principles would be daunting to implement and practice they provide the first clear and concise framework for discussion of this critical challenge. This text is thought-provoking and should be a must read for anyone concerned with cybersecurity in the private or government sector."-Clayton W. Naeve, Ph.D., Senior Vice President and Chief Information Officer, Endowed Chair in Bioinformatics, St. Jude Children's Research Hospital, Memphis, TN"Dr. Ed Amoroso reveals in plain English the threats and weaknesses of our critical infrastructure balanced against practices that reduce the exposures. This is an excellent guide to the understanding of the cyber-scape that the security professional navigates. The book takes complex concepts of security and simplifies it into coherent and simple to understand concepts."-Arnold Felberbaum, Chief IT Security & Compliance Officer, Reed Elsevier"The national infrastructure, which is now vital to communication, commerce and entertainment in everyday life, is highly vulnerable to malicious attacks and terrorist threats. Today, it is possible for botnets to penetrate millions of computers around the world in few minutes, and to attack the valuable national infrastructure.
"As the New York Times reported, the growing number of threats by botnets suggests that this cyber security issue has become a serious problem, and we are losing the war against these attacks.
"While computer security technologies will be useful for network systems, the reality tells us that this conventional approach is not effective enough for the complex, large-scale national infrastructure.
"Not only does the author provide comprehensive methodologies based on 25 years of experience in cyber security at AT&T, but he also suggests security through obscurity, which attempts to use secrecy to provide security." -Byeong Gi Lee, President, IEEE Communications Society, and Commissioner of the Korea Communications Commission (KCC)"Amoroso has laid the much needed foundation for a solid Critical Infrastructure plan. Security professionals now have the basis to apply his ideas to solve an incredibly complex problem. "-Howard Israel, Corporate Security Officer, Fidessa Corporation "Cyber Attacks: Protecting National Infrastructure is a captivating journey through cyber security policy development for complex infrastructures by one of todays foremost experts on large-scale network security. It is a must read technological roadmap for anyone interested in what we must do to strengthen our national network security systems."-Ken Xie, CEO, Fortinet, Inc. "Some of his ideas are controversial and bound to incite debates about privacy and practice. For instance in his book, Cyber Attacks: Protecting National Infrastructure," Amoroso suggests using large-scale and coordinated collection of network-traffic data as well as security information from end-user desktops to pinpoint botnet-compromised computers, identify suspicious anomalies and trace attack paths."--Network World Magazine"In his new book Cyber Attacks: Protecting National Infrastructure, Amoroso takes a hard look at common information security practices that have failed to protect individuals, organizations, and ultimately US critical infrastructure. Amoroso offers a new way of looking at information security and some "common sense" strategies to thwart cyberattackers, who are becoming more sophisticated, organized, and advanced."--Infosecurity Magazine (an Elsevier publication)"Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology ikn their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment . The book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction."--
The Journal of Law Enforcement, Spring 2011"What sets this effort apart is that it offers a comprehensive list of local enterprise-level suggestion and remedies as well as a plan that is scalable to protect national level infrastructure. What's more, the material is well-written and concisely presented. The author sets out his plan in sufficient detail but without miring the reader in technical details I highly recommend this book for all intermediate-level and above security practitioners in IT and non-IT positions."--Security Management Magazine, September 2011, p. 168
Chapter 1. Introduction
Chapter 2. Deception
Chapter 3. Separation
Chapter 4. Diversity
Chapter 5. Commonality
Chapter 6. Depth
Chapter 7. Discretion
Chapter 8. Collection
Chapter 9. Correlation
Chapter 10. Awareness
Chapter 11. Response
Appendix: Sample National Infrastructure Protection Requirements