Cybersecurity Canon Book Report: There Will Be Cyberwar

Given that it’s national cybersecurity awareness month, I hope that all cybersecurity professionals are familiar with the Cybersecurity Canon. For those that are not, the goal of the cybersecurity canon is as follows:

To identify a list of must-read books for all cybersecurity practitioners – be they from industry, government or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.               

Topics: Cybersecurity cyberwar cybersecurity canon Richard Stiennon network-centric warfare

Federal Cybersecurity Duplicity

As part of a whistle-stop tour of Northern California, President Obama held a White House Summit on Cybersecurity and Consumer Protection at Stanford University last Friday. Much to the delight of the Silicon Valley crowd, the President signed an executive order (right there on stage at Stanford) to promote data sharing about digital threats. The summit also highlighted industry leaders like Apple CEO Tim Cook, and large critical infrastructure organizations like Bank of America and Pacific Gas & Electric Co.

Topics: Cybersecurity Kaspersky Lab TAXII STIX president obama cyberwar

Book Report: Countdown to Zero Day

When you work in the cybersecurity domain you face some daunting challenges.  For one thing, cybersecurity is always changing – there are new offensive and defensive tactics, techniques, and procedures (TTPs) constantly that you try to keep up with.  Alternatively, cybersecurity is an extremely broad topic, spanning technology, regulations, law enforcement, geo-political conflict, critical infrastructure, etc. 

When people ask me how to learn about disparate cybersecurity topics, I reply with a single word – “read.”  More specifically, I recommend that they go to their public library and take out one of the many fantastic books written in the past few years on malware (Worm, by Mark Bowden), cybercrime (Kingpin,  by Kevin Poulsen), hackers (We Are Anonymous, Parmy Olson), Cyberwar (Cyberwar, Richard Clarke), etc.  There are loads of other good books available by authors like James Bamford, Steven Levy, John Markoff, Kevin Mitnick, Bruce Schneier, and Cliff Stoll as well. 

Topics: malware cyberwar