{"id":95562,"date":"2018-12-07T13:00:27","date_gmt":"2018-12-07T21:00:27","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=95562"},"modified":"2019-01-31T15:45:56","modified_gmt":"2019-01-31T23:45:56","slug":"cybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2018\/12\/cybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat\/","title":{"rendered":"Cybersecurity Canon Candidate Book Review: Cyber-War: Anatomy of the Global Security Threat"},"content":{"rendered":"

\"\"<\/span><\/div><\/p>\n

We modeled the\u00a0Cybersecurity Canon<\/a>\u00a0after the Baseball Hall of Fame and the Rock & Roll Hall of Fame, except it\u2019s a canon for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number.\u00a0Please write a review and nominate your favorite.\u00a0<\/em><\/p>\n

The Cybersecurity Canon is a real thing for our community. We have designed it so that you can\u00a0directly participate in the process<\/a>. Please do so! <\/em><\/p>\n

 <\/p>\n

Executive Summary<\/span><\/p>\n

Cyber-War<\/em> attempts to demystify technical concepts surrounding the study of cyber threats and, in particular, the likelihood and possibility of a cyber war. It does so by focusing on certain key debates within government and academic circles and bringing a plain-language approach to them. He does this through examinations of the hyperbole and generalizations that often accompany such debates. In doing so, the author, Julian Richards, largely accomplishes his goal, which is not one of resolving debate but rather encouraging a standard framework for that debate.<\/p>\n

While the approach Richards uses in Cyber-War<\/em> is a valid one, his examples and conclusions suffer a bit from the passage of time and the accompanying increased understanding and visibility of the strategic cyber threats facing the U.S.\u00a0 For this reason, I am not recommending it for inclusion in the Cyber Canon.<\/p>\n


\nReview<\/span><\/p>\n

Cyber-War<\/em>\u2019s author, Julian Richards is the Co-Director of the Centre for Security and Intelligence Studies at the University of Buckingham, U.K. He spent 17 years working in security and intelligence for the U.K. government. But despite being written by a U.K. security expert, Cyber-War<\/em> is remarkably U.S.-centric in its analysis, perhaps owing to the relative wealth of cyber incidents affecting, or publicized in, the U.S.<\/p>\n

Richards begins with the premise that we can\u2019t really have an honest discussion about the real risk posed by cyber attacks and whether those attacks rise to the level of cyber war because of two impediments to analysis: 1) Cyber is an inherently technical realm, which in essence makes it difficult for non-techies to understand and assess; and 2) Discussion of the potential for cyber war is framed more in terms of science fiction rather than fact. Cyber-War<\/em> sets out to \u201ccut through some of the myth and hyperbole surrounding the cyber debate.\u201d Richards doesn\u2019t really seek to resolve or settle any debate (although he admits to having his own views), but instead to lay out a clearer playing field for those debates. To that extent, Cyber-War<\/em> is relatively successful.<\/p>\n

Richards begins his book by bringing up some of the major cyber events from preceding years. He highlights the fact that often, the initial knee-jerk response to these events was to assign blame to actors in accordance with developing norms of the time, e.g., to assign blame to Russia for a SCADA attack when in fact it was a simple error by an employee.\u00a0 Having lived through the response to that \u201cattack,\u201d and witnessing firsthand the speed with which a conclusion was reached, I recognize and appreciate his point. However, Richards does have a clear \u201cthe cyber Pearl Harbor attack isn\u2019t likely\u201d bias (one to which he admits) that may lean too far in the other direction.<\/p>\n

Through its six chapters, Cyber-War<\/em> brings out some issues surrounding the overall debate about the likelihood, and indeed the very definition, of cyber war. For example:<\/p>\n