Cybersecurity as Zen Exercise

A little book I wrote a few years ago is The Art of War of Cybersecurity, by Thomas Reynolds.  Not just another tips and techniques book, it leads you through clear-minded cybersecurity thinking, rather than just telling about it and hoping for the best like most books.  It is useful for individual review, and also for organizational or group use as a knowledge management tool helping to establish efficient, productive, shared common understanding and a cybersecurity-aware culture.

From the Preface:

An image of the book's cover, bright red with mustard gold lettering
 and graphic of symmetrically opposed leaping dragons

"We have to learn to think like the attackers" is
sometimes said by people concerned about
computing security.  That is an expression of people
inside a box trying to guess what outside-the-box
thinkers might do next.  Cybersecurity is a very
recent field, considered in terms of the development
time lines of more fundamental social and cultural
forms.  The field does not have even a general,
agreed-upon taxonomy.

       I have taken seriously various calls for better
cybersecurity thinking, and have brought to bear
upon the task my own—perhaps unusual in this
field—background in thinking about thinking.
 

The book's Glossary section may be informative to people who are not computing experts.

More information and the book itself are available at http://www.trafford.com/Bookstore/BookDetail.aspx?Book=186866. (The old URL, "www.trafford.com/07-1219", should still work, too.)

Librarians can efficiently find the US Library of Congress classification via the book's Permalink record. In Canada's AMICUS National Library Catalog, the record is here.

A nice scholarly version of the original Sun Tzu Art of War is The Denma Group's translation, which aims to reproduce in English as directly as possible the Chinese of the earliest extant original texts. This is useful for anyone trying to work out for themself the original thinking. Information about this translation is at http://www.victoryoverwar.com. Background materials supporting the Denma translation, including Chinese content of original texts, are available at http://learn.bowdoin.edu/suntzu.


Other Projects

Software (in)security is an extremely important problem in computing. I led a session "Learning Secure Coding in College?" at BarCampAlbany 2011 in March, discussing a tactic I have proposed aimed at that problem. (Barcamps are low key, ad hoc events, semi-planned, self-organizing conferences for exchange of information about computing and computing-related topics.) Along with my many handouts at the conference, I included an index list of URLs associated with those handouts. That list and a brief summary of my proposal is available here in case it might save a little effort for someone wanting to learn about developing secure software.

Another presentation I gave recently was focused on a different though related problem in cybersecurity, and again aimed at a fundamental level. It was at the 2011 Symposium on Usable Privacy and Security (SOUPS) at Carnegie-Mellon University, http://cups.cs.cmu.edu/soups/2011/. This was a Lightning Talk, a brief statement on a problem. I began by giving the audience—composed mainly of technical cybersecurity researchers and practitioners—a very quick overview of the fundamental elements of a sociological understanding of the world. I noted the importance of building a consistent broad social culture for computing and information security if we really want to achieve private and secure experiences for all users. Then I brought peoples' attention to the lack of secure https web registration for SOUPS itself, which apparently I had been the only registrant to try to avoid. My few slides make more sense with my scripted brief remarks, which are available here

A longstanding interest I am always giving some thought to is formal mathematical sociology.  A thorough basic introduction to this field, written a few decades ago but still valuable, is Mathematical Sociology, by Thomas J. Fararo.

A different kind of longstanding project, and presently actively in the forefront, is the status of time in physics, which may have relevance to quantum computing, for example. I gave a couple of Physics colloquia talks about this in the USA and Europe in 2010.

I am also working on a few other projects, mostly related to practical computing problems or theoretical computer science.


And I always enjoy doing a little photography:

 
 
 Northeast Autumn     A photo looking up through bright yellow, orange, and red autumn
 leaves of a sugar maple tree, to a clear blue midday sky, in the
 Northeastern United States in Autumn.
Lake George Shore

A photo looking
 out to a shining, rippled, blue lake, through tree trunks and leaves
 silhouetted by the bright sun over the lake, in Autumn in upstate New York
 in the United States.
 
 
 
Westerwald Germany Abandoned Quarry

A photo of a
 small pond in an abandoned quarry in the Westerwald, Germany, with brightly
 lit thin grasses in the foreground at the image sides, lily pads and blossoms
 behind the grasses in the image middle, and low-hanging dark green
 tree leaves bordering the back of the pond at the image top edge.
 
 
 
Bulguksa, Gyeongju

A photo of some
 traditional tiled roofs, both near and distant, in a several hundred years
 old Buddhist temple area in Korea, during a light, misty rain, the curved
 shapes and linear forms standing out visually and texturally from summer
 tree leaves and a high wall made of large stones.
 
 
 
Namsangol, Seoul

A photo of a few
 traditional structures in an old upperclass housing compound historical park
 area in Seoul, Korea; visible in the distance, through a roofed gateway in
 a low stone wall, is a teacher photographing a small group of young children.
 
 
 
Fujisan From Peace Park Temple, Gotemba

A photo of Fujisan (Mt. Fuji) in the far distance, on a hazy summer
 day, viewed from a relaxed position within an open, paved area of the
 grounds of a modern Peace Park Buddhist temple in Japan.
Nara Shrine

A photo of a Shinto shrine by a path in the woods at Nara in Japan,
 the red, wooden components of the temple dominating the image.
 
 
 
Sendai Train Station

A photo of a
 Salaryman about to decide to enter the more upscale of two small restaurants
 side by side, with the usual displays, in the main train station in Sendai,
 Japan, an image in which no faces are quite visible.
 
 

© Page and images copyright Thomas Reynolds 2012.

Comments about this website can be sent to tracm2(*the_usual_"at"_symbol*)acm.org.  Please prefix the email subject line with "WEB".

URL: http://www.pair.com/cogitage/         This page is always Under Construction.