& cplSiteName &

New Security Mantra: Explode-Offload-Reload

Carol Wilson
9/7/2017
50%
50%

If you want to protect your network, you first have to blow it up. That's one piece of fresh advice from Ed Amoroso, former AT&T chief security officer and now the head of his own cybersecurity firm, TAG Cyber. He's celebrating the first anniversary of that venture with three new reference volumes for the cybersecurity crowd, all offered for free, and a new three-word mantra for better network protection: Explode-Offload-Reload.

In an interview with Light Reading, Amoroso says that basic strategy has him feeling optimistic about the battle against what has seemed like an infinitely growing cybersecurity threat. It underlines the work in three free reference volumes, available today on the TAG Cyber LLC site. (See Amoroso Shares His Security Obsession.)

"I'm very optimistic and I have been pessimistic for years," he says. "But I think, with those three technologies -- distributing your network, virtualizing and take advantage of new advances, like advanced heuristics and machine learning -- I'm optimistic now."

Ed Amoroso, speaking in 2015 at a Light Reading security event.
Ed Amoroso, speaking in 2015 at a Light Reading security event.

The three basic tenets of Amoroso's strategy involve exploding or distributing the network, offloading or virtualizing everything when possible into the cloud, and reloading or updating the security technology in use. A security strategy built on this approach will serve to not only reduce the probability of cyber attacks but also greatly lessen their consequences, he says.

"You reduce the likelihood with more reloaded cybersecurity, but you also reduce the consequences of an attack by distributing the assets and resources, changing your network and being much more elusive," he says. "That's something you rarely hear but I think architectures should be more elusive and virtualization allows you to do that. So I'm really bullish."

Amoroso believes this approach makes it much more difficult for nation-state attackers, among others, to cause much harm "and in some cases, you may have made it impossible for them to do some of the things they do today," he says.

Explode
Exploding the network means moving away from the notion that every enterprise network has a perimeter to defend -- which is simply no longer the case, Amoroso explains.

"I have been out preaching this for a while and I think 2018 is the year we have to do this; it's time now to really accept that your infrastructure should be distributed into pieces," he says. "And I use the word explode, you should explode your infrastructure into a lot of different chunks. It's harder to attack, it's easier to embed into the cloud and frankly it makes for a better architecture, given the way modern business works, we all have third parties and partners and suppliers." (See AT&T Adds Virtual Layer of Security.)

Exploding the network eliminates the big single target and creates a multitude of much smaller targets, Amoroso says. In place of a large building, vulnerable to a truck bomb, there will now be a field of bricks. Targeting the bricks singly is still possible but there will be no cascading failures of the kind that exist today, he notes.

Offload
Offloading includes the virtualization piece of Amoroso's strategy. While there may be some exceptions, when possible, security should almost always be virtualized, he says. The advantage of virtualization is the speed at which things can be set up -- point-and-click firewalls, for example -- which means security layers can be added as and where they are needed, very rapidly without long hardware acquisition and deployment cycles. (See Amoroso: Act Now on Virtualizing Security.)

And while larger organizations may create their own private clouds for hosting virtualized security, "most people are going to rely on third parties," he notes, and that's the "offload part."

"Can you provide these services better than Amazon or Microsoft or other big players?" Amoroso askes. "Chances are pretty slim that you can do a better job than they can."

Reload
Finally, the Reload advice: The rise of advanced heuristics, machine learning and artificial intelligence makes this a good time to do a security technology refresh, he says.

"Because there are way-better security tools today, using machine learning, artificial intelligence, analytics and adaptive authentication -- all these wonderful techniques," Amoroso comments. "It's time now to get rid of all the tired old stuff you've had around for ten years and reload with all the new stuff."

Virtualization actually makes that easier because enterprises can try things out -- Amoroso calls it being "a little bit more promiscuous" -- and replace software much faster if something better comes along. "You can do it over the weekend, have the changes made by Monday," he says.

Read the books
All of the work in the TAG Cyber Security Annual "is predicated on those three assumptions: That the perimeter is not the way to go, hardware is not the way to go -- with exceptions -- and then use the new stuff," he says.

What's available on the TAG Cyber site starting today is three new volumes, all updates to what Amoroso launched a year ago, aimed as references for anyone engaged in the cybersecurity space. They include an updated first volume, which looks at 50 different cybersecurity controls, a second volume with hundreds of interviews of professionals in the field, and a third volume, Cyber Security Handbook and Reference Guide, updating the original list of players in the industry. Amoroso likens it to a "Barron's Guide" for the security field.


Learn more about security in the virtualization era with Light Reading at the NFV & Carrier SDN event in Denver. There's still time to register for this exclusive opportunity to learn from and network with industry experts – communications service providers get in free!


For the first volume, Amoroso looks at the 50 controls from three perspectives: historically, going back to the 90s; in their current state; and as they are expected to look ten to 15 years from now.

He concedes that not everyone will adopt or like his strategy -- those who fear the cloud or worry about virtualization are not likely to embrace Explode-Offload-Reload. Some of those companies, particularly those who keep trying to build taller, stronger perimeters, may become the low-hanging fruit for cyber criminals in the future.

— Carol Wilson, Editor-at-Large, Light Reading

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Carol Wilson
100%
0%
Carol Wilson,
User Rank: Blogger
9/7/2017 | 3:46:53 PM
Re: AI matches the cyber-security problem
I think will always be loading and reloading on both sides of the cyber wars. One side adjusts to gain an advantage and then the other side adjusts to that adjustment and so on. The fact that Ed thinks there will be an advantage-defense if these changes are made is just the first bit of optimism I've heard in a while. 

 
bosco_pcs
50%
50%
bosco_pcs,
User Rank: Light Sabre
9/7/2017 | 1:42:08 PM
Re: AI matches the cyber-security problem
Interesting article, Carol, thanks.

But here is the rub: while we can throw every latest buzz at the problem, many can become a target themselves.

So far, most of the infestations are APT by becoming a privleged entity within the system, but the recent botnet and IoT hijacking can be a glimpse of things to come. What if the AI modules are corrupted. And how about decentralizing the command & control server of the attackers. 

To be clear, I am not that technical so I don't know how that could work but since Ed is proposing a new paradigm, surely the attackers will adept to that paradigm. And the reload phase seems to be a porus border.

The fact that Docker is facing some of the OO issues right now. 

O, Brave New World!
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
9/7/2017 | 10:40:25 AM
AI matches the cyber-security problem
One additional point that Ed makes very clearly: Artificial intelligence and the use of massively parallel computing to break complex problems into a series of small decisions or observations all being done at the same time, is a good match for cyber security problems. Or as he put it:

"In cyber-security, how do we decide if are we under attack? Look over here, has this changed, has that changed, are their problems over here, is there evidence of this, do I see congestion over here? You look for little bits of evidence, changes - all massively in parallel and you put all of that together and come to a determination that is much better than a human being sitting at a computer terminal can ever do."

So the same kind of AI that lets Watson answer questions on jeopardy can be used to detect and disarm cyber-security attacks and that's the kind of technology "reload" Ed is advising companies to make. 
Featured Video
From The Founder
The 'gleaming city on a hill,' Steve Saunders calls it. But who is going to take us from today's NFV componentry to the grand future of a self-driving network? Here's a look at the vendors hoping to make it happen.
Flash Poll
Upcoming Live Events
September 28, 2017, Denver, CO
October 18, 2017, Colorado Convention Center - Denver, CO
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 10, 2017, The Westin Times Square, New York, NY
November 30, 2017, The Westin Times Square
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Could the Connected Car Help Prevent Terrorism?
Dan Jones, Mobile Editor, 9/15/2017
AT&T Wants to Ditch the Dish
Mari Silbey, Senior Editor, Cable/Video, 9/13/2017
Cities Slam FCC on Broadband Proceedings
Mari Silbey, Senior Editor, Cable/Video, 9/15/2017
Apple's New iPhones: No Gigabit LTE for You!
Dan Jones, Mobile Editor, 9/14/2017
Animals with Phones
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed