Private sector official condemns mandatory cybersecurity information sharing

Tools

Regulatory reform that would require the private sector to share more cybersecurity information amongst itself will not result in more secure networks, said Ed Amoroso, chief security officer for AT&T (NYSE: T).

"When people say we should be sharing information, that sounds great. That's like saying you should love your mom and eat apple pie," Amoroso said May 4 while speaking at a Potomac Institute for Policy Studies symposium in Washington, D.C.

But, AT&T views the network security measures it takes as comparative advantage over competitors. Amoroso cited a team he manages that blocks attack signatures against iPhones. "Should I share that information with Verizon (NYSE: VZ)? The answer is 'Curse word, no, period,'" he said. "Let them go figure it out on their own. Is that what Gen. Alexander wants to hear? No," he added, referring to Keith Alexander, head of the Defense Department's Cyber Command and the National Security Agency.

AT&T would not invest to the degree it has on blocking those attack signatures, Amoroso said, if it knew from the onset that it would have to share that information with competitors. "That's how capitalism works!" he said.

"If you compel me to do it, if you say there is a regulation that you must do it, then, yeah, I'll do it, but how enthusiastically am I going to be doing it, really? Like, you're going to have a bunch of lawyers and everybody is going to do the minimum possible," he added.

Amoroso also criticized service level agreements that he said have prevented carriers from delivering as much network-based cybersecurity as they could. Carriers are obligated to deliver packets even when they're for ports that "you would never allow into your enterprise, like remote logging telnet."

"The money that's saved by buying cheap fiber is lost immediately by building big IT and security groups in every agency. I don't see where the big savings are," Amoroso said.

He also said that a federal effort to reduce the number of agency Internet pathways called Trusted Internet Connection, or TIC, has made federal agencies more susceptible to distributed denial of service attacks, since there are fewer connections to overwhelm with malicious traffic.

For more:           
- go to the Potomac Institute webpage (webcast of the event available)

Related Articles:
Private sector officials decry lack of cybersecurity info sharing 
Cyber war threat inflated, says paper 
Napolitano: Cybersecurity policy should set goals without being prescriptive