Cybersecurity as Zen Exercise

A little book I wrote some years ago is The Art of War of Cybersecurity, by Thomas Reynolds.  It is not just another tips and techniques book.  Rather than just telling something about cybersecurity and hoping for the best, like most books do, it skilfully takes the reader through the essence of clear-minded cybersecurity thinking.  It is useful for individual learning and review, and also for group or organization use as a knowledge management tool, helping to establish a cybersecurity-aware culture and efficient, productive, shared common understanding.

From the Preface:

An image of the book's cover, bright red with mustard gold lettering
 and a graphic of symmetrically opposed leaping dragons

"We have to learn to think like the attackers" is
sometimes said by people concerned about
computing security.  That is an expression of people
inside a box trying to guess what outside-the-box
thinkers might do next.  Cybersecurity is a very
recent field, considered in terms of the development
time lines of more fundamental social and cultural
forms.  The field does not have even a general,
agreed-upon taxonomy.

I have taken seriously various calls for better
cybersecurity thinking, and have brought to bear
upon the task my own—perhaps unusual in this
field—background in thinking about thinking.
 

The book's Glossary section may be informative to people who are not computing experts.

More information and the book itself are available at http://bookstore.trafford.com/Products/SKU-000155732/The-Art-of-War-of-Cybersecurity.aspx. (The original URL, http://www.trafford.com/07-1219, should still work, too.)

Librarians can efficiently find the US Library of Congress classification via the book's Permalink record. In Canada's AMICUS National Library Catalog, the record is here.

A nice scholarly version of the original Sun Tzu Art of War is The Denma Group's translation, which aims to reproduce in English as directly as possible the Chinese of the earliest extant original texts. This is useful for anyone trying to work out for themself the original thinking. Information about this translation is at http://www.victoryoverwar.com. Background materials supporting the Denma translation, including Chinese content of original texts, are available at http://learn.bowdoin.edu/suntzu.


Other Projects

Software (in)security is an extremely important problem in computing. I led a session "Learning Secure Coding in College?" at BarCampAlbany in February 2011, discussing a tactic I have proposed aimed at a root of that problem. (Barcamps are low key, ad hoc events, semi-planned, self-organizing conferences for exchange of information about computing and computing-related topics.) Along with my many handouts at the conference, I included an index list of URLs associated with those handouts. That list and a brief summary of my proposal is available here in case it might save a little effort for someone wanting to learn about developing secure software.

Another presentation I gave, later in 2011, was focused on a different though related problem in cybersecurity, and again aimed at a fundamental level. It was at the 2011 Symposium on Usable Privacy and Security (SOUPS) at Carnegie-Mellon University, http://cups.cs.cmu.edu/soups/2011/. This was a Lightning Talk, a brief statement on a problem. I began by giving the audience—composed mainly of technical cybersecurity researchers and practitioners—a very quick overview of the fundamental elements of a sociological understanding of the world. I noted the importance of building a consistent broad social culture for computing and information security if we really want to achieve private and secure experiences for all users. Then I brought peoples' attention to the lack of secure https web registration for SOUPS itself, which apparently I had been the only registrant to try to avoid. My few slides make more sense with my scripted brief remarks, which are available here

A longstanding interest I am always giving some thought to is formal mathematical sociology.  A comprehensive basic introduction to this field, written a few decades ago but still valuable, is Mathematical Sociology, by Thomas J. Fararo with whom I once studied.

A different kind of longstanding project, and presently actively in the forefront, is the status of time in physics, and related questions about optimum conceptual models. This may have relevance to quantum computing, for example. I gave a couple of Physics colloquia talks about this in the USA and Europe in 2010, and presented a poster this past summer at the DICE 2014 Seventh International Workshop Spacetime - Matter - Quantum Mechanics in Castiglioncello in beautiful Tuscany in Italy. The abstract is available here.

I am also working on a few other projects, mostly related to practical computing problems or to theoretical computer science.


And I always enjoy doing a little photography:

 
 
 Northeast Autumn     A photo looking up through bright yellow, orange, and red autumn
 leaves of a sugar maple tree, to a clear blue midday sky, in the
 Northeastern United States in Autumn.
Lake George Shore

A photo looking
 out to a shining, rippled, blue lake, through tree trunks and leaves
 silhouetted by the bright sun over the lake, in Autumn in upstate New York
 in the United States.
 
 
 
Westerwald Germany Abandoned Quarry

A photo of a
 small pond in an abandoned quarry in the Westerwald of Germany, with brightly
 lit thin grasses in the foreground at the image sides, lily pads and blossoms
 behind the grasses in the image middle, and low-hanging, dark green
 tree leaves bordering the back of the pond at the image top edge.
 
 
 
Bulguksa, Gyeongju

A photo of some
 traditional tiled roofs, both near and distant, in a several hundred years
 old Buddhist temple area in Southeastern Korea, during a light, misty rain,
 the roofs' curved shapes and linear forms, and the wall colors, standing out
 visually and texturally from summer tree leaves and a high wall made of large
 stones.
 
 
 
Namsangol, Seoul

A photo of a few
 traditional structures in an old upperclass housing compound historical park
 area in Seoul, Korea; visible in the distance, through a roofed gateway in
 a low stone wall, is a school teacher photographing a group of small
 children.
 
 
 
Fujisan From Peace Park Temple, Gotemba

A photo of Fujisan (Mt. Fuji) in the far distance, on a hazy summer
 day, viewed from a relaxed position within an open, paved area of the
 grounds of a modern Peace Park Buddhist temple in Japan.
Nara Shrine

A photo of a Shinto shrine by a path in the woods at Nara in Japan,
 the red, wooden components of the temple dominating the image.
 
 
 
Sendai Train Station

A photo of a
 salaryman about to decide to enter the more upscale of two small restaurants
 side by side, with the usual displays, in the main train station in Sendai,
 Japan, an image in which no faces are quite visible.
 
 

© Page and images copyright Thomas Reynolds 2014.

Comments or questions can be sent to me at tracm2(*the_usual_"at"_symbol*)acm.org.  Please prefix the email subject line with "WEB".

URL: http://www.pair.com/cogitage/         This page is always Under Construction.