Cyber security has been on the minds of many who fear an attack could cause major problems. AT&T Chief Security Officer Edward Amoroso told NJ Today Senior Correspondent Desirée Taylor that in today’s world, much more is dependent on the internet than in the past so a cyber attack would have a great impact. He also said the risk of a cyber attack will never be eliminated, but it can be reduced to a level officials are comfortable with.
Amoroso said cyber security is more critical now than in the past. “As our nation and as the globe becomes more and more dependent on computers and networks, I think the cyber security risk grows naturally,” he said. “I think if you go back 10 years or 20 years, we were way less dependent on things like the internet. Now it’s so woven into everything that we do that cyber attacks really have a much greater potential consequence.”
Those who work in cyber security try to reduce the risk of attacks. “The whole idea is to try to reduce the risk, to try to get the point where we can be comfortable that whatever risks that we are dealing with are acceptable,” Amoroso said. “You’ll never get to the point where you’ll have zero risk but you like to have some corresponding benefit. Right now I think the cyber security equation is a little out of balance. There’s a little too much risk and that’s why there’s so many people talking about the topic. How do we make ourselves safer and how do we reduce the potential consequence of an attack?”
While strong passwords, firewalls and antivirus software may work for personal computers, Amoroso said large companies, governments and nations need greater protections. “I think computer scientists are starting to learn that we need something more comprehensive, some things that are a little bit more tactical in the way that we would stop cyber attacks,” he said. “Just passwords and firewalls are not going to be enough.”
Amoroso said he’s often asked what parts of the world are most concerning when it comes to cyber attacks, but said geography doesn’t always matter. “Cyber is one of those weird asymmetric threats where a couple of kids in a basement could potentially cause or wreak as much havoc as a large nation-state. It’s very different than say conventional warfare,” he said. “You and I would have a hard time going and getting a bunch of tanks and attacking someone. But if we decided we wanted to do it in the cyber realm, we probably could have a lot of success.”
Since it’s often difficult or impossible to pinpoint where a cyber attack originates, Amoroso said it’s moot to debate where in the world attacks are coming from. “We have to do a better job, not just in our country but around the world at just preventing them from happening,” he said.
Amoroso said there are three categories of cyber attacks that computer security experts worry about. The first is personal privacy, where an attack could result in money or private information being stolen. The second category deals with unwanted changes being made through malware or viruses, for example. The third category is making items unavailable, also called denial of service.
There is much being done to prevent a major breach in cyber security, according to Amoroso. He said at the international level, there are many discussions about internet service providers, or ISPs, all the way down to the personal computer level where people can help ensure their PCs have less of a risk to cyber attacks.
“I think there’s a plethora of different things people are doing and should continue to do to make us a little bit more secure,” he said.