Dependence on computers has had a transformative effect on human society. Cybernetics is now woven into the core functions of virtually every basic institution, including our oldest ones. War is one such institution, and the digital revolution's impact on it has been profound. The American military, which has no peer, is almost completely reliant on high-tech computer systems. Given the Internet's potential for full-spectrum surveillance and information disruption, the marshaling of computer networks represents the next stage of cyberwar. Indeed, it is upon us already. The recent Stuxnet episode, in which Israel fed a malignant computer virus into Iran's nuclear facilities, is one such example. Penetration into US government computer systems by Chinese hackers-presumably sponsored by the Chinese government-is another. Together, they point to a new era in the evolution of human conflict.
In Cybersecurity: What Everyone Needs to Know, noted experts Peter W. Singer and Allan Friedman lay out how the revolution in military cybernetics occurred and explain where it is headed. They begin with an explanation of what cyberspace is before moving on to discussions of how it can be exploited and why it is so hard to defend. Throughout, they discuss the latest developments in military and security technology. Singer and Friedman close with a discussion of how people and governments can protect themselves. In sum, Cybersecurity is the definitive account on the subject for the educated layman who wants to know more about the nature of war, conflict, and security in the twenty first century.
1. Why cyberspace is wonderful… and complicated
§ What is cyberspace?
§ Why do people talk about the difference of a networked world?
§ How does the Internet actually work?
§ Who owns this thing?
§ Wait… You mean no one runs the internet?
§ What can governments do online? What are the limits of state power?
§ Just how dependent are we on cyberspace?
2. Security and Insecurity Online
§ What do we mean by a "secure " system?
§ What is the difference between an attack on a network and an attack on a system?
§ How does anti-virus software work?
§ How do you defend a network?
§ Why is anonymity a problem online? Why is it relatively easy to act without accountability?
§ How can you authenticate some one to be sure they are who they say they are?
§ How do we keep data secure in cyberspace?
3. Threats and Bad Actors
o Differentiating threats
o Value at risk
§ What are the bad guys after? What can you really do with a computer?
§ What's the worst you can do? Can a hacker really turn off the power grid?
o Different motivations of attackers
o Different types of attacks
o What is Cyber Terrorism, actually?
§ What does "cyberwarfare" mean?
§ How are countries militarizing cyberspace? Why?
§ So if we just built better systems, could we have a secure internet?
4. Case Studies / Examples of attacks
o Aurora / Google {phishing, attribution}
o Stuxnet {Critical infrastructure, intelligence}
o Wikileaks data breach & fallout {data protection, DoS}
o Israel-Syria Air Defense {Cyber-Kinetic Crossover, cyberwar}
-
5. Why securing cyberspace is hard
§ What are some mechanisms that enable us to trust systems or data?
§ What is the difference between espionage and exploitation?
§ Why not just write better software?
§ Why can't network operators detect bad behavior?
§ Why security through obscurity doesn't work
§ How do we know what has happened after a cyber incident?
§ How does the rise in "cloud computing " change the dynamics of cyber security?
§ What makes mobile computing different?
§ If everyone's systems are vulnerable, can't defenders just interrupt the attacker's systems?
§ Why is it so hard to know who the attackers are?
§ Why does attribution matter?
§ How do we measure a cyber risk?
§ Why aren't users able to protect themselves?
§ Don't vendors and service providers have enough incentives to provide good security?
§ Why aren't companies investing enough to protect themselves?
6. International Dimensions
§ What changes when cyber problems cross international borders?
§ How do countries differ in their approach to cyberspace?
§ Who has the biggest cyber armies?
§ What constitutes an act of war?
§ How does law enforcement deal with international boundaries?
§ What are existing international organizations currently doing?
§ What international treaties are in place?
§ Why don't the classic models of military deterrence work for cyberspace?
§ What are the obstacles to international cooperation to resolve cybersecurity issues?
7.The path forward to a more secure cyberspace
§ It sounds like every aspect of modern life is vulnerable. Are things really that bad?
§ Why can't we just re-built the technology to prevent bad behavior?
§ Can we impose accountability through national control of cyberspace?
§ How can private firms be incentivized to internalize their risk?
§ If a company or government agency was willing to invest in cyber security defenses, what would stand in their way?
§ Can internet service providers do more to identity and stop bad behavior?
§ How can we make it harder for bad actors to profit from successful attacks
§ What can I do to protect myself?
"In our digital age, the issues of cybersecurity are no longer just for the technology crowd; they matter to us all. Whether you work in business or politics, the military or the media — or are simply an ordinary citizen — this is an essential read." - Eric Schmidt, Executive Chairman, Google
"This is the most approachable and readable book ever written on the cyber world. The authors have distilled the key facts and policy, provided sensible recommendations, and opened the debate generally to any informed citizen: a singular achievement. A must read for practitioners and scholars alike." - Admiral James Stavridis, U.S. Navy (Ret), former Supreme Allied Commander at NATO
"In confronting the cybersecurity problem, it's important for all of us to become knowledgeable and involved. This book makes that possible — and also fascinating. It's everything you need to know about cybersecurity, wonderfully presented in a clear and smart way." - Walter Isaacson, author of Steve Jobs
"Singer and Friedman do a highly credible job of documenting the present and likely future risky state of cyber-affairs. This is a clarion call." - Vint Cerf, "Father of the Internet," Presidential Medal of Freedom winner
"Singer and Friedman blend a wonderfully easy to follow FAQ format with engaging prose, weaving explanations of the elements of cybersecurity with revealing anecdotes. From the fundamentals of Internet architecture to the topical intrigue of recent security leaks, this book provides an accessible and enjoyable analysis of the current cybersecurity landscape and what it could look like in the future." - Jonathan Zittrain, Professor of Law and Computer Science at Harvard University, author of The Future of the Internet - And How to Stop It
"The easy-to-read style, sprinkled with colloquial language, humor, and anecdotes, will make the book particularly engagingPerhaps most importantly, this book will be a significant contribution to building a deeper understanding and a common base of knowledge around cybersecurity issues. This, in turn, may serve as a foundation for enabling policymakers, scholars, and citizens to begin building a crucial dialogue and much-needed conversation around how to approach, understand, and deal with the important policy implications of cybersecurity and cyberwar." - E-International Relations
"In writing Cybersecurity and Cyberwar: What Everyone Needs To Know, authors Peter W. Singer and Allan Friedman do what few cybersecurity and war scholars do: They tie together the history of the generative Internet, and its foundations in curiosity and experimentation, with the politico-military cyber security community housed in government. They connect the dots between technological traits and their insecurities. And they tell the stories of the people, not just the machines. In the book, Singer and Friedman break down to building blocks what Internet and the World Wide Web are made of, then use those to build back up to sophisticated concepts and information ... At its core, Cybersecurity and Cyberwar makes the point that cybersecurity risk is human risk." - ThinkProgress
"The pace of global digitization, and the widespread lack of understanding of related security risks, is a ticking time bomb ... If you don't know your asymmetric cryptography from your spear phishing, this is a thoughtful introduction." - Nature
ISBN : 9780199918119
まだレビューはありません
Email