Cybersecurity Legend Dr. Edward Amoroso Talks Malware

Cylance recently spoke with Dr. Edward Amoroso, Founder and CEO of TAG Cyber. Amoroso recently retired from AT&T after 31 years of service, beginning in Unix security R&D at Bell Labs and culminating as Senior Vice President and Chief Security Officer of AT&T from 2004 to 2016.

Amoroso offered his thoughts on malware, bad architecture, and how distributed hybrid cloud architectures may prove to be our cybersecurity salvation.

When Security Architecture Fails

Amoroso began by explaining how most companies are satisfied with securing their perimeters, and relying on an implicit trust across the network. As long as the hard outer shell is secure, they believe, the soft inner core is safe. Thus, once the perimeter is breached, an attacker can move laterally throughout a network with relative ease. “This is how Edward Snowden got into the NSA, and how most of the big retail hacks happen,” Amoroso explains. “The idea that a third party can get through a portal and see credit card machines on a network points to bad architecture.”

It is Amoroso’s observation that most of the malware we’ve seen over the last 10 to 15 years was designed to take advantage of terrible architectures. He went on to add that if you set out to write malware, you would first seek to understand the intended victim’s set-up – their architecture.

According to Amoroso, security often fails because it is architected with minimal emphasis on internal controls. Two things need to happen to fix this. First, adoption of security measures offered by companies like Cylance that have proven to be effective by using advanced analytic techniques to understand how malware behaves, and blocking it. These products offer a good way to deal with malware attacks on infrastructure.

Second: companies should embrace virtualized, distributed architectures. Over time, (Read more...)

This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog