Cybersecurity and the FCC’s
CSRIC Recommendations

Posted by: Bob Quinn on March 22, 2012 at 11:56 am

Today, the FCC’s Communications Security, Reliability and Interoperability Council (CSRIC) issued their recommendations to the FCC on several issues related to cybersecurity including:  DNSSEC implementation practices for ISPs; secure Border Gateway Protocol (BGP) deployment; and botnet remediation.  As we noted a few weeks ago, keeping the Internet safe for consumers to browse, transact business and communicate is an important objective not only for AT&T but any other business that operates online. 

As the Chairman noted in his statement, finding solutions is going to take participation from more than just ISPs and needs to include entities from across the entire Internet ecosystem.  For example, DNSSEC is predicated upon a chain of trust across the Internet.  While the DNSSEC report recommends that ISPs make their DNS recursive nameservers DNSSEC-aware, it also recommends that key industry segments such as banking, healthcare and others sign their respective domains and that software developers, such as web-browser developers, study how and when to incorporate DNSSEC validation functions into their software.  Also, the botnet report anticipates a significant role for other Internet ecosystem participants, including but not limited to security software vendors, operating system developers, end user-focused organizations and providers of Internet content, applications and services.

Read More

AT&T on Cybersecurity Legislation

Posted by: AT&T Blog Team on March 1, 2012 at 1:29 pm

The following may be attributed to Tim McKone, AT&T Executive Vice President of Federal Relations:

“We commend the Senators for introducing the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act, and for their leadership in addressing a critically important issue for the U.S. economy.

“Successfully combating cyber threats ensures businesses can operate on the Internet and consumers can do their business online safely and securely.

“Cybersecurity is a complex challenge, requiring a collective and collaborative effort from everyone in the Internet industry and government. As the legislative process moves forward, we will continue to work with the Congress and others to keep consumers and businesses safe from cyber threats.”

Read More

Keeping the Internet Safe

Posted by: AT&T Blog Team on February 22, 2012 at 2:01 pm

The following statement may be attributed to Bob Quinn, Senior Vice President of Federal Regulatory and Chief Privacy Officer:

“Keeping the Internet safe for consumers to browse, transact business and communicate is an important objective not only for AT&T but any other business that operates online. 

“AT&T has a long history of working with the Department of Homeland Security and other agencies of federal and state government, and importantly other network providers to keep the Internet secure.  We have also supported prior Communications Security, Reliability and Interoperability Council (CSRIC) recommendations designed to further Internet security, and we are actively participating in the current CSRIC working groups.  Once the recommendations have been completely reviewed by the working groups and approved by the full CSRIC, we will evaluate those recommendations for implementation into our network. 

“By FCC design, the CSRIC is narrowly focused on the role of ISPs and network companies. But, as with all issues concerning Internet security, a collective effort is required from a variety of stakeholders that includes not only ISPs and network providers, but also application developers, equipment providers, software companies and other businesses operating in the online community.  We look forward to participating in a broader eco-system discussion, such as what has been proposed by the Commerce Department and NTIA.”

Read More

Sharing Responsibility for Cybersecurity

Posted by: Chris Boyer on October 7, 2011 at 1:25 pm

In October, when most people are thinking of pumpkins and changing leaves, we’re thinking of cybersecurity and we’re not alone.  Joining with other members of the industry, government and non-profit organizations, we’re celebrating National Cybersecurity Awareness Month

Earlier today, I participated in the official kickoff event for the month, the 2011 Michigan Cyber Summit, which AT&T sponsored.  The event was hosted by Governor Rick Snyder and included speakers such as Secretary Janet Napolitano, White House Cybersecurity Coordinator Howard Schmidt, and Congressmen John Dingell, Mike Rogers, and Hansen Clarke. 

The theme for this year, which was echoed throughout the event, is “shared responsibility” – everyone can play a role in helping our cyberspace stay secure.  We agree and that’s why we not only work hard to keep our networks safe, but we make sure consumers have the information and tools they need as well to help themselves stay safe online.

Read More

Raising Our Game in Cyberspace

Posted by: AT&T Blog Team on January 28, 2011 at 2:48 pm

Last week, AT&T’s Senior Vice President and Chief Security Officer Ed Amoroso delivered a lively keynote on cybersecurity at the State of the Net Conference in Washington, D.C.  If you weren’t able to attend in person, check out these video clips from his speech.

Are we all a security risk? Here’s Ed addressing how we all play a role in cybersecurity and why we need to raise our game as we battle cyber attacks.

Here, Ed addresses the importance of data collection in identifying what’s dangerous and why this space should constantly be evolving.

Are we too interconnected? Perhaps. Hear what Ed has to say on the benefits of intentionally designing networks that are NOT interoperable.

Are patches really effective? Hear why Ed says we have to raise the level beyond just security patching to throw off attackers.

It’s not about evolution but revolution.  Ed calls on all stakeholders to adopt a mindset of vast, dramatic and rapid change.

Read More