Edward G. Amoroso

Early Life and Education

Edward G. Amoroso was born in Neptune Township, New Jersey, and attended Christian Brothers Academy before earning an undergraduate degree in physics from Dickinson College in 1983. He then shifted his focus to computer science, completing an M.S. in 1986 and a Ph.D. in 1991, both from Stevens Institute of Technology. He later completed the Columbia Senior Executive Program (CSEP) at Columbia Business School.

One of his earliest technical contributions came in 1984, when he wrote inertial measurement software for the Space Shuttle while employed at Singer-Kearfott (now Kearfott Guidance & Navigation). The following year, he joined Bell Labs, now part of AT&T, marking the beginning of his career in computer security.

Career at Bell Labs and AT&T

Amoroso spent thirty-one years at AT&T, holding a wide range of research, development, engineering, management, and leadership roles. Among his first significant projects at Bell Labs was developing a secure version of Unix System V to meet the B1 Criteria outlined in the Trusted Computer System Evaluation Criteria (TCSEC), the U.S. Department of Defense standard also known as the Orange Book. He also used Unix System V as the basis for a denial-of-service model that was referenced as the Amoroso Model in the 1992 Canadian Trusted Computer Product Evaluation Criteria.

Early in his career, Amoroso was involved in designing security protections for the Unix operating system in support of the U.S. Government Orange Book evaluation criteria. This work extended to real-time security design and trusted software protections for the United States Ballistic Missile Defense Program. He also pioneered concepts related to microsegmentation, a design strategy enabling the creation of secure zones in data centers and cloud deployments.

In 2005, Amoroso became AT&T's first Chief Information Security Officer (CISO), a position he held until his retirement from the company in 2016.

Notable Work and Publications

Amoroso introduced the concept of threat trees — conceptual diagrams illustrating how an asset or target might be attacked — in his 1994 textbook Fundamentals of Computer Security Technology. Essentially identical to what is now called the attack tree strategy, threat trees have become an important tool in risk quantification. He has authored six books in total, addressing topics including internet and intranet firewall strategies, intrusion detection, and the protection of large-scale national critical infrastructure. He holds 10 patents for inventions related to cybersecurity.

Academic Roles

Amoroso has maintained a sustained presence in academia throughout his career. He served as an adjunct professor in computer science at Stevens Institute of Technology for nearly three decades, introducing more than 3,000 graduate students to information security. A computing security course he taught at Monmouth University in the 1990s was documented in a paper presented at an ACM conference in 1993.

In 2017, he accepted the position of Distinguished Research Professor in the Center for Cybersecurity (CCS) at the NYU Tandon School of Engineering in Brooklyn, New York. In that role, he leads the research team for the Index of Cybersecurity, a monthly survey measuring sentiment estimates regarding cyber threats among practicing security experts worldwide. He also serves as a senior advisor to the Asymmetric Operations Group at the Johns Hopkins University Applied Physics Laboratory in Laurel, Maryland.

Advisory and Board Roles

As a member of the National Security Agency Advisory Board (NSAAB), Amoroso worked directly with four presidential administrations on issues related to national security, critical infrastructure protection, and cyber policy. His board appointments include one year as an independent director for M&T Bank in Buffalo, New York (2016–2017) and several years as a Board Trustee at Stevens Institute of Technology.

TAG Cyber and Recognition

Following his retirement from AT&T in 2016, Amoroso founded TAG Cyber LLC with the stated goal of democratizing cybersecurity analysis. The firm's primary publication, the Security Annual, is available as a free download for enterprise security professionals. As of 2025, Amoroso serves as CEO of TAG Cyber LLC. In 2020, Business Insider named him one of fifty leaders who helped guide the cybersecurity industry through a particularly challenging year.