When Ed Amoroso retired as AT&T's chief security officer last March, he actually became more obsessed with cybersecurity.
In fact, Amoroso spent much of the past six months personally writing a three-volume set of cybersecurity guides aimed at chief information security officers and their teams, laying out what he believes enterprises must do to avoid the next round of attacks -- attacks he believes will be highly destructive hits against critical infrastructure.
Today, Amoroso's new security advisory firm, TAG Cyber LLC , is making those three volumes available for download here at no cost. The 48 security firms with whom the former AT&T exec worked, and which are sponsoring his work, are also releasing the report this morning.
In an exclusive interview with Light Reading, Amoroso says making this information available for free is "an operating principle" for him, in light of his concern that enterprises aren't getting security right today and are vulnerable to future attacks that will go beyond theft of data and intellectual property to become more destructive in nature.
"Any rational, competent observer of cybersecurity would say we are past the point where we have to do something meaningful and significant immediately," Amoroso tells Light Reading. "And that is why I have been working 18-hour days to get this out. I feel like I have something to say and this is the best framework to say it."
He also is conducting an online course -- starting this week with 200 pilot students -- in which he'll go into greater depth on what enterprises need to be doing. Amoroso is hardly new to the teaching aspect of this, having been an Adjunct Professor of Computer Science at the Stevens Institute of Technology, an affiliated instructor at NYU and a senior advisor at Johns Hopkins University, all during his tenure at AT&T.
Explode, offload, reload
At the heart of Amoroso's approach is a three-step strategy he dubs "explode, offload and reload."
"I have been thinking about a methodology that I think is the right one for teams to follow and it underpins all three of the volumes," he says. "First, it means breaking up your infrastructure and distributing it; second, virtualizing the pieces of the infrastructure; and third, upgrading the security around those pieces."
That last piece can be accomplished working with any number of high-quality security vendors on the 50 separate cybersecurity controls that need to be addressed, Amoroso says. These controls include traditional tools such as firewalls and anti-malware tools but also newer things including security analytics, network monitoring and deception.
Next page: No more perimeters