& cplSiteName &

AT&T's Amoroso: To Battle New Threats, Mobilize Your People

Dan Jones
9/5/2014
50%
50%

Your biggest online concern these days might be those embarrassing nude selfies suddenly appearing on the web, but AT&T Chief Security Officer (CSO) Ed Amoroso is here to tell you that there are far worse things lurking in cyberspace.

Amoroso highlighted one of the key security areas that CSOs should be concerned about as a new wave of advanced persistent threats (APT) loom, and they're aiming to do more than just swipe thousands (or millions) of credit card numbers.

"The next step is probably terrorists trying to destroy critical infrastructure," he told Light Reading over breakfast Wednesday morning, "with the emphasis on destructive," he added, as he demolished a "broken yolk sandwich" (which looked a lot better than the name suggests).

Amoroso doesn't seem like a man given to idle fear-mongering, despite his job title. In fact, he's one of the more informative and jovial speakers you're likely to see on the often sawdust-dry tech conference circuit. (See AT&T's Ed Amoroso on Mobile Security for proof of how entertaining he can be.)

An advanced persistent threat is one organized by a specific group, sometimes using multiple methods, to break into a particular target. Recent examples would include data breaches at Home Depot and Target.

Amoroso says the APT pattern started with nation states and the military, moved on to criminal gangs, and is shifting to terrorist groups. "The one thing you won't be able to rationalize is the destructive stuff," he suggested in his keynote at the AT&T Cyber Security conference in New York City Thursday.

This is not, of course, an unknown concept. Former US Defense Secretary Leon Panetta has long warned of a "cyber Pearl Harbor." Even if the idea of what constitutes cyber terrorism is still somewhat cloudy, the broad idea is that groups could attack critical communications, energy and water networks and cause damage and wide-scale disruption.


Need to know more about mobile network security? Then check out the agenda for Mobile Network Security Strategies 2014, December 3 at the Westin Times Square, New York City.


Where Amoroso may differ is that he isn't suggesting that there is a pure technological solution to widespread security problems. The basic thrust of his keynote Thursday was: Be safer by training your employees not to do dumb stuff.

Advanced firewalls and network appliances are useful tools but people are the weakest link in the chain, he suggested. "All the times I've been hacked in my career, it was because of something that was off my radar," he said at the keynote, adding that systems are just too complicated to be 100% secure.

The focus cannot just be on technology, he suggested: People also have to be involved. Which, in the corporate environment, means pumping up the security awareness team.

"We've kind of punted on that before," he told Light Reading Wednesday. "A typical awareness document will put you to sleep."

In AT&T's case, the new approach meant using video to show employees what not to do. The funny, cutesy videos that Amoroso showed at the Thursday keynote targeted phishing attacks. They emphasized that people should not open attachments from suspicious senders, that they should run their mouse over URL links to see where they actually lead, and be very careful about information shared on social media.

AT&T has been working on this during the past six months. The amount of employees now not clicking on the faux phishing email tests that the security office sends out suggests that awareness about phishing attacks is up by 54%.

"Making the video doesn't have to be expensive," Amoroso said. The animated AT&T videos were made in-house: Firms could even use interns from film school for great results, he suggested.

"They'll love it," he said.

For more insights from Amoroso, see:

— Dan Jones, Mobile Editor, Light Reading

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Atlantis-dude
50%
50%
Atlantis-dude,
User Rank: Light Sabre
9/8/2014 | 1:08:35 PM
Ent or SP
Is he referring to AT&T the enterprise or the service-provider?
DanJones
50%
50%
DanJones,
User Rank: Blogger
9/5/2014 | 2:44:51 PM
Breakfast
I had sliced grapefruit BTW
From The Founder
Download our complete guide to de-risking NFV deployment in 2016, including:
  • An eight-step strategy to deploying NFV safely, based on input from the companies that have already started virtualizing their production networks.
  • Interviews with leading executives at Colt, AT&T, Deutsche Telekom, Cisco, Nokia, ZTE, Ericsson and Heavy Reading.
  • Flash Poll
    Live Streaming Video
    Prepping for the Future: Upskill U Explained
    During this short kick-off video, Doug Webster, Vice President of Service Provider Marketing, Cisco, and Light Reading’s CEO & Founder Steve Saunders give an overview of Upskill U.
    LRTV Interviews
    AT&T Expert on the Key Pillars of UC

    4|29|16   |   03:58   |   (0) comments


    Vishy Gopalakrishnan, AVP of product marketing at AT&T, talks about the three developments that are making unified communications and collaboration secure and reliable for enterprise users.
    LRTV Documentaries
    LRTV Report: Mobile Core Innovation

    4|28|16   |   25:32   |   (0) comments


    Hear from multiple industry experts from Deutsche Telekom, SK Telecom, Heavy Reading, Huawei, Cisco, Ericsson, Nokia, NEC and many more about developments in the mobile core as operators virtualize their IMS and evolved packet core systems and prepare for a 5G world.
    LRTV Huawei Video Resource Center
    NFV World Congress Highlight

    4|26|16   |     |   (0) comments


    The highlight of the NFV World Congress contains exciting telecom news. Join us for an inside look at Huawei's ICT 2020 plan and its latest collaboration with industry leaders.
    LRTV Interviews
    Unified Comms Finds Its Voice

    4|25|16   |   03:44   |   (0) comments


    Peter Quinlan, VP of UCC Product Management at Tata Communications, talks about the evolution of the unified communications and collaboration services sector and how voice is now a big part of current developments.
    LRTV Documentaries
    So... What Do We Do Now?

    4|25|16   |   03:24   |   (0) comments


    After a long hiatus, Max Dingman, the CEO of a GeeGhiz, returns for a motivational board room pep talk.
    LRTV Documentaries
    NAB 2016 Highlights

    4|21|16   |     |   (0) comments


    Light Reading's Cable/Video Practice Leader Alan Breznick climbs down from the slots to tell us about the latest news in broadcast technology at NAB 2016 in Las Vegas.
    Between the CEOs
    CEO Chat: Deepfield's Craig Labovitz

    4|21|16   |     |   (0) comments


    In this latest installment of the CEO Chat series, Craig Labovitz, co-founder and CEO of Deepfield, sits down with Light Reading's Steve Saunders in Light Reading's New York City office to discuss how Deepfield fits in with the big data trend and more.
    Shades of Ray
    Leading Lights 2016: Shortlists Announced

    4|20|16   |   0:53   |   (0) comments


    The judging is over and the Leading Lights 2016 shortlists have been published -- you can see who made the cut by clicking on this link.
    LRTV Custom TV
    Introducing MulteFire – Qualcomm at MWC 2016

    4|18|16   |   3.29   |   (0) comments


    MulteFire is the latest option for using LTE in unlicensed spectrum. As oppose to its close 'siblings', LAA and LTE-U, MulteFire operates solely in unlicensed spectrum, which enables it to offer the best of two worlds – LTE-like performance with WiFi-like deployment simplicity. In this interview, Sanjeev Athalye, Sr. Director, Product Management at Qualcomm ...
    Between the CEOs
    CEO Chat: Grant Van Rooyen of Cologix

    4|18|16   |     |   (0) comments


    Grant van Rooyen, president and CEO of Cologix, sits down with Steve Saunders, founder and CEO of Light Reading, in the vendor's New Jersey facility to offer an inside look at the company's success story and discuss the importance of security in the telecom industry.
    LRTV Huawei Video Resource Center
    ONS 2016 – Demonstration of Huawei's NetMatrix Multi-Vendor SDN Orchestrator

    4|15|16   |     |   (0) comments


    This demonstration shows how Huawei's NetMatrix SDN Orchestrator (SDN-O) addresses an operator's core service agility needs for services spanning multi-domain, multivendor networks: it includes a demonstration of:
    - Rapid New Service Design: using YANG to model a complex example of multi-domain, multivendor L3VPN network connectivity service that ...
    LRTV Custom TV
    AT&T Wants to Own North Carolina

    4|15|16   |     |   (1) comment


    Venessa Harrison, president of North Carolina for AT&T, tells how the company will expand its GigaPower service beyond the seven N.C. cities it already serves.

  • This blog, sponsored by AT&T, is the second part of a ten-part series examining next-generation broadband technologies titled "Behind the Speeds."
  • Upcoming Live Events
    May 23, 2016, Austin, TX
    May 23, 2016, Austin Convention Center
    May 24-25, 2016, Austin Convention Center, Austin, TX
    September 13-14, 2016, The Curtis Hotel, Denver, CO
    December 6-8, 2016,
    June 16-18, 2017, Austin Convention Center, Austin, TX
    All Upcoming Live Events
    Infographics
    A new survey conducted by Heavy Reading and TM Forum shows that CSPs around the world see the move to digital operations as a necessary part of their overall virtualization strategies.
    Hot Topics
    Ultra-Broadband Summit, Hong Kong
    Iain Morris, News Editor, 4/27/2016
    WiCipedia: Woman Cards & Bitch Switches
    Sarah Thomas, Director, Women in Comms, 4/29/2016
    FCC Poised to Re-Regulate Wholesale Access
    Carol Wilson, Editor-at-large, 4/28/2016
    Mitel Asks: What Time of Day Do You Shower?
    Mitch Wagner, West Coast Bureau Chief, Light Reading, 4/25/2016
    GoT Fans Curse HBO (Not Right) Now
    Mari Silbey, Senior Editor, Cable/Video, 4/25/2016
    Like Us on Facebook
    Twitter Feed
    BETWEEN THE CEOs - Executive Interviews
    In this latest installment of the CEO Chat series, Craig Labovitz, co-founder and CEO of Deepfield, sits down with Light Reading's Steve Saunders in Light Reading's New York City office to discuss how Deepfield fits in with the big data trend and more.
    Grant van Rooyen, president and CEO of Cologix, sits down with Steve Saunders, founder and CEO of Light Reading, in the vendor's New Jersey facility to offer an inside look at the company's success story and discuss the importance of security in the telecom industry.
    Animals with Phones
    Live Digital Audio

    Of all the tech companies in the Valley, Intel has made the most aggressive commitment to building a diverse and inclusive workplace culture. It's doing so by taking concrete, measurable steps, making a large financial investment and through a commitment to complete transparency about its progress. In this radio show, WiC Director Sarah Thomas will be joined by Shlomit Weiss, Intel's Vice President, Data Center Group, and General Manager of Networking Engineering, who will share with us why Intel is tackling this huge challenge, how and to what effect. She will also discuss her unique experiences leading development of Client SOC development in the past and today leading development of all of the chipmaker's silicon hardware for networking IPs and discrete devices and managing a team of 600 engineers across Israel, Europe and the US.