- Print ISBN 9780123849175
- Electronic ISBN 9780123849182
No nation – especially the United States – has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well
Amoroso offers a technical, architectural, and management solution to the problem of protecting national infrastructure. This includes practical and empirically-based guidance for security engineers, network operators, software designers, technology managers, application developers, and even those who simply use computing technology in their work or home. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment.
This book takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction.
* Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments.
* Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems.
* Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T.
Security professionals tasked with protection of critical infrastructure and with cyber security. CSOs and other top managers. Government and military security specialists and policymakers. Security managers. Students in cybersecurity and international security programs.
Chapter 1. Introduction
Chapter 2. Deception
Chapter 3. Separation
Chapter 4. Diversity
Chapter 5. Commonality
Chapter 6. Depth
Chapter 7. Discretion
Chapter 8. Collection
Chapter 9. Correlation
Chapter 10. Awareness
Chapter 11. Response
Appendix: Sample National Infrastructure Protection Requirements
"Amoroso’s advice takes the art out of the debate onwhether security is art or science. He brings a high level goal oriented approach to practical situations in order for the ‘right’ security decisions to appear obvious to the reader. However, no book is a single solution, and this one is no exception. Some readers may be disappointed not to find comprehensive references for further reading. It is apparent that the book surveys a great deal of literature, but there is no bibliography. Readers may also be disappointed that there is no step-by-step guaranteed path to cyber security solutions. The book provides no procedures or checklists. Nevertheless, those who allow Amoroso to influence their view of the security problem at the level he chooses to present it should more easily be able to recognize cyber security solutions."--Computers and Security
"Ed Amoroso has again given the policy community a thoughtful roadmap. Cyberthreats are becoming more sophisticated, but thankfully Ed is well abreast of the problem and leading with solutions."—John Hamre, Deputy Secretary of Defense (1997–2000), president and CEO of the Center for Strategic and Informational Studies, Washington, DC
"Dr. Amoroso's fifth book Cyber Attacks: Protecting National Infrastructure outlines the challenges of protecting our nation's infrastructure from cyber attack using security techniques established to protect much smaller and less complex environments. He proposes a brand new type of national infrastructure protection methodology and outlines a strategy presented as a series of ten basic design and operations principles ranging from deception to response. The bulk of the text covers each of these principles in technical detail. While several of these principles would be daunting to implement and practice they provide the first clear and concise framework for discussion of this critical challenge. This text is thought-provoking and shou