Cyber Attacks

Protecting National Infrastructure, STUDENT EDITION


  • Edward Amoroso, Senior Vice President and Chief Security Officer of AT&T

This textbook offers a technical, architectural, and management approach to solving the problems of protecting national infrastructure and includes practical and empirically-based guidance for students wishing to become security engineers, network operators, software designers, technology managers, application developers, Chief Security Officers, etc.. This approach includes controversial themes such as the deliberate use of deception to trap intruders. In short, it serves as an attractive framework for a new national strategy for cyber security. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows students to understand how any organization, such as a government agency, integrates the principles into their local environment.

The STUDENT EDITION features several case studies illustrating actual implementation scenarios of the principals and requirements discussed in the text. It also includes helpful pedagogical elements such as chapter outlines, chapter summaries, learning checklists, and a 2-color interior. And it boasts a new and complete instructor ancillary package including test bank, IM, Ppt slides, case study questions, and more.
View full description


Security practitioners, military personnel


Book information

  • Published: February 2012
  • ISBN: 978-0-12-391855-0


"Dr. Amoroso must be commended for his effort in trying to build a national strategy document...The material is worthy of being debated in public policy circles…"--Security Management, June 2013

"The book puts forward a good set of high-level principles for protecting enterprise scale assets against cyber-attack, which provide the necessary formal, rigorous approach for anyone holding ultimate responsibility in this area. The treatment of these topics is conceptual rather than technical with minimal discussion of implementation, although this is understandable enough as there will be considerable variation between different enterprises and systems in practice...[T]his is an excellent introduction or high-level guide for anyone involved in the management of infrastructure security or learning the basic principles of enterprise information security."

"Cyber Attacks Protecting National Infrastructure is a very readable and engaging book on one of the most important topics the US is currently facing. While Amoroso lays out the technical issues, he also notes that the only way to remediate them is via a commitment to infrastructure protection; based on a top-down approach from management. If management is supportive of information security, and understands its significant, the security teams ability to secure the infrastructure will be inordinately easier. For those looking for a reference that provides both the breadth and depth on the topic, Cyber Attacks Protecting National Infrastructure is an invaluable resource written by one of the smartest minds in the industry"--RSA Conference’s Security Reading Room

Table of Contents

Chapter One: Introduction

Chapter Two: Deception

Chapter Three: Separation

Chapter Four: Diversity

Chapter Five: Commonality

Chapter Six: Depth

Chapter Seven: Discretion

Chapter Eight: Collection

Chapter Nine: Correlation

Chapter Ten: Awareness

Chapter Eleven: Response

Appendix A: Case Studies

Appendix B: National Requirements