• HOME
• NEWS & EVENTS
• THE GRID

THE GRID

Amoroso Proposes Changes to Secure Computer Systems
By Tracy Sharpe, DISA Corporate Communications

In his plenary presentation, Dr. Edward Amoroso, senior vice president and chief security officer of AT&T, proposed changes for the protection of computing systems to reduce users' vulnerabilities to viruses, worms, and botnets.

"Security systems are fine, but it's all about system and network management," said Amoroso.

Amoroso said that in the 1980s, reliability was overlaid on the networks — a process that does not work today. Individual users' computers are vulnerable to attacks because protection is located at the micro level — the computer itself, not the data center through which the information travels before it reaches the home computer. According to Amoroso, approximately 10 million personal computers host botnets that can wage a war and shut down important Web sites and data centers.

"The software is broken," he said. "We will not be able to stop [the attack] if you wait for the attack to coalesce at the end point. You can't stop a tsunami with an umbrella on the beach."

Amoroso advised moving protections upstream to the data centers by building reliability into the core of the system.

Instead of checking each and every computer for viruses, it is more efficient for system and network management to scan for vulnerabilities from the infrastructure of the server rather than at the endpoints, he said.

However, this change would radically affect the infrastructure of Internet security and significantly affect interpretations of privacy. Amoroso said that the current methods need to be abandoned for a more comprehensive approach to security.

"Little course corrections will give you little changes. You need a big, fundamental change in the way you think," he concluded.

Return to The Grid Homepage