& cplSiteName &

New Security Mantra: Explode-Offload-Reload

Carol Wilson
9/7/2017
50%
50%

If you want to protect your network, you first have to blow it up. That's one piece of fresh advice from Ed Amoroso, former AT&T chief security officer and now the head of his own cybersecurity firm, TAG Cyber. He's celebrating the first anniversary of that venture with three new reference volumes for the cybersecurity crowd, all offered for free, and a new three-word mantra for better network protection: Explode-Offload-Reload.

In an interview with Light Reading, Amoroso says that basic strategy has him feeling optimistic about the battle against what has seemed like an infinitely growing cybersecurity threat. It underlines the work in three free reference volumes, available today on the TAG Cyber LLC site. (See Amoroso Shares His Security Obsession.)

"I'm very optimistic and I have been pessimistic for years," he says. "But I think, with those three technologies -- distributing your network, virtualizing and take advantage of new advances, like advanced heuristics and machine learning -- I'm optimistic now."

Ed Amoroso, speaking in 2015 at a Light Reading security event.
Ed Amoroso, speaking in 2015 at a Light Reading security event.

The three basic tenets of Amoroso's strategy involve exploding or distributing the network, offloading or virtualizing everything when possible into the cloud, and reloading or updating the security technology in use. A security strategy built on this approach will serve to not only reduce the probability of cyber attacks but also greatly lessen their consequences, he says.

"You reduce the likelihood with more reloaded cybersecurity, but you also reduce the consequences of an attack by distributing the assets and resources, changing your network and being much more elusive," he says. "That's something you rarely hear but I think architectures should be more elusive and virtualization allows you to do that. So I'm really bullish."

Amoroso believes this approach makes it much more difficult for nation-state attackers, among others, to cause much harm "and in some cases, you may have made it impossible for them to do some of the things they do today," he says.

Explode
Exploding the network means moving away from the notion that every enterprise network has a perimeter to defend -- which is simply no longer the case, Amoroso explains.

"I have been out preaching this for a while and I think 2018 is the year we have to do this; it's time now to really accept that your infrastructure should be distributed into pieces," he says. "And I use the word explode, you should explode your infrastructure into a lot of different chunks. It's harder to attack, it's easier to embed into the cloud and frankly it makes for a better architecture, given the way modern business works, we all have third parties and partners and suppliers." (See AT&T Adds Virtual Layer of Security.)

Exploding the network eliminates the big single target and creates a multitude of much smaller targets, Amoroso says. In place of a large building, vulnerable to a truck bomb, there will now be a field of bricks. Targeting the bricks singly is still possible but there will be no cascading failures of the kind that exist today, he notes.

Offload
Offloading includes the virtualization piece of Amoroso's strategy. While there may be some exceptions, when possible, security should almost always be virtualized, he says. The advantage of virtualization is the speed at which things can be set up -- point-and-click firewalls, for example -- which means security layers can be added as and where they are needed, very rapidly without long hardware acquisition and deployment cycles. (See Amoroso: Act Now on Virtualizing Security.)

And while larger organizations may create their own private clouds for hosting virtualized security, "most people are going to rely on third parties," he notes, and that's the "offload part."

"Can you provide these services better than Amazon or Microsoft or other big players?" Amoroso askes. "Chances are pretty slim that you can do a better job than they can."

Reload
Finally, the Reload advice: The rise of advanced heuristics, machine learning and artificial intelligence makes this a good time to do a security technology refresh, he says.

"Because there are way-better security tools today, using machine learning, artificial intelligence, analytics and adaptive authentication -- all these wonderful techniques," Amoroso comments. "It's time now to get rid of all the tired old stuff you've had around for ten years and reload with all the new stuff."

Virtualization actually makes that easier because enterprises can try things out -- Amoroso calls it being "a little bit more promiscuous" -- and replace software much faster if something better comes along. "You can do it over the weekend, have the changes made by Monday," he says.

Read the books
All of the work in the TAG Cyber Security Annual "is predicated on those three assumptions: That the perimeter is not the way to go, hardware is not the way to go -- with exceptions -- and then use the new stuff," he says.

What's available on the TAG Cyber site starting today is three new volumes, all updates to what Amoroso launched a year ago, aimed as references for anyone engaged in the cybersecurity space. They include an updated first volume, which looks at 50 different cybersecurity controls, a second volume with hundreds of interviews of professionals in the field, and a third volume, Cyber Security Handbook and Reference Guide, updating the original list of players in the industry. Amoroso likens it to a "Barron's Guide" for the security field.


Learn more about security in the virtualization era with Light Reading at the NFV & Carrier SDN event in Denver. There's still time to register for this exclusive opportunity to learn from and network with industry experts – communications service providers get in free!


For the first volume, Amoroso looks at the 50 controls from three perspectives: historically, going back to the 90s; in their current state; and as they are expected to look ten to 15 years from now.

He concedes that not everyone will adopt or like his strategy -- those who fear the cloud or worry about virtualization are not likely to embrace Explode-Offload-Reload. Some of those companies, particularly those who keep trying to build taller, stronger perimeters, may become the low-hanging fruit for cyber criminals in the future.

— Carol Wilson, Editor-at-Large, Light Reading

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Carol Wilson
100%
0%
Carol Wilson,
User Rank: Blogger
9/7/2017 | 3:46:53 PM
Re: AI matches the cyber-security problem
I think will always be loading and reloading on both sides of the cyber wars. One side adjusts to gain an advantage and then the other side adjusts to that adjustment and so on. The fact that Ed thinks there will be an advantage-defense if these changes are made is just the first bit of optimism I've heard in a while. 

 
bosco_pcs
50%
50%
bosco_pcs,
User Rank: Light Sabre
9/7/2017 | 1:42:08 PM
Re: AI matches the cyber-security problem
Interesting article, Carol, thanks.

But here is the rub: while we can throw every latest buzz at the problem, many can become a target themselves.

So far, most of the infestations are APT by becoming a privleged entity within the system, but the recent botnet and IoT hijacking can be a glimpse of things to come. What if the AI modules are corrupted. And how about decentralizing the command & control server of the attackers. 

To be clear, I am not that technical so I don't know how that could work but since Ed is proposing a new paradigm, surely the attackers will adept to that paradigm. And the reload phase seems to be a porus border.

The fact that Docker is facing some of the OO issues right now. 

O, Brave New World!
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
9/7/2017 | 10:40:25 AM
AI matches the cyber-security problem
One additional point that Ed makes very clearly: Artificial intelligence and the use of massively parallel computing to break complex problems into a series of small decisions or observations all being done at the same time, is a good match for cyber security problems. Or as he put it:

"In cyber-security, how do we decide if are we under attack? Look over here, has this changed, has that changed, are their problems over here, is there evidence of this, do I see congestion over here? You look for little bits of evidence, changes - all massively in parallel and you put all of that together and come to a determination that is much better than a human being sitting at a computer terminal can ever do."

So the same kind of AI that lets Watson answer questions on jeopardy can be used to detect and disarm cyber-security attacks and that's the kind of technology "reload" Ed is advising companies to make. 
Featured Video
From The Founder
Light Reading founder Steve Saunders grills Cisco's Roland Acra on how he's bringing automation to life inside the data center.
Flash Poll
Upcoming Live Events
March 20-22, 2018, Denver Marriott Tech Center
March 22, 2018, Denver, Colorado | Denver Marriott Tech Center
March 28, 2018, Kansas City Convention Center
April 4, 2018, The Westin Dallas Downtown, Dallas
April 9, 2018, Las Vegas Convention Center
May 14-16, 2018, Austin Convention Center
September 25-27, 2018, Denver, Colorado
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Net Neutrality Moves Are as Futile as Trump's Comb-Over
Iain Morris, News Editor, 1/18/2018
Samsung Plots New 5G Modem – Report
Dan Jones, Mobile Editor, 1/18/2018
Europe Urges US to Block Trump on Net Neutrality
Iain Morris, News Editor, 1/22/2018
Last Look – CES 2018 Spectacular, in Photos
Mari Silbey, Senior Editor, Cable/Video, 1/22/2018
Has the 5G Upturn Begun?
Iain Morris, News Editor, 1/19/2018
Animals with Phones
I May Have an Appointment Available Later Today... Click Here
Let me check my schedule.
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed