Recommended Reading

Top billing! Sam Liles – Manhattan project for cyber security

Mr. Lewis Shepherd of Microsoft came to Purdue to give a talk for CERIAS awhile back and he talked about how equating the Manhattan Project to the world of cyber security is completely wrong. I liked his talk quite a bit, and it aligned closely with something I’ve been talking to people about for awhile. Talking to people is important. I know my impact on the world is going to be negligible but I’ve dedicated my life to infecting the youth of the world with a few stray ideas. They call it teaching, and it doesn’t pay much. I think Mr. Shepherd was making a good case that scope, and cause and effect, and process of one program might no align realistically with another program. The secrecy, single mindedness, and type of problem that was the Manhattan project has almost nothing to do with the quite different project of cyber security. Much like I’ll never be able to equate my teaching to Socrates, the cyber security community shouldn’t really think “Manhattan Project”.

….Everything you likely think about defense in depth is wrong. All of the audit and compliance stuff is wrong. The firewall and intrusion detection and prevention technologies are wrong. The autocratic and dictatorial policies of information security are wrong. The underlying theories of robust and resilient programming are wrong. There is nothing about the current information technology infrastructure that is security oriented. The foundations of the technologies are fundamentally at odds with creation of an information secure culture. Now to be honest I didn’t say this. Neumann, Saltzer, Cerf, Bernack, and so many other people said this long before I did. But, maybe you haven’t read their stuff before.

How can I possibly support that they are all wrong and don’t work? Pretty simple. They don’t. Though we can secure systems to some point we are almost always talking about a security absent some failure in the system. There is nothing really secure. This is a huge problem that breaks most peoples “common sense” way of thinking about security. Simply put the way we do things will never be secure and we should stop trying to fix things the way we know doesn’t work.

Read the rest here.

John Hagel –A Contrarian View on Resilience

In a world of growing uncertainty and mounting performance pressure, it’s understandable that resilience has become a very hot topic. Everyone is talking about it and writing about it. We all seem to want to develop more resilience. But I’m going to take a contrarian position and suggest that resilience, at least as conventionally defined, is a distraction and perhaps even dangerous.

….In this context, the conventional view of “bounce back” resilience for enterprises is profoundly dangerous. It simply increases the ability of the institutional status quo to survive when conditions demand a fundamental transformation. It increases the gap between what we are doing and what we need to do. We already face a growing mismatch between the institutions and practices that dominate in business and the needs of the markets and societies that are being re-shaped by the global forces outlined earlier. As long as this mismatch persists, we will face increasing disruptions and stress as struggle to maintain institutions and practices that are no longer viable. We don’t need to bounce back; we desperately need to move forward.

International Centre for the Study of Radicalisation (ICSR) –“Who Matters Online: Measuring Influence, evaluating content and countering violent extremism in online social networks“ by JM Berger and Bill Strathearn

J.M. Berger, author of Jihad Joe (reviewed here by Charles) frequently tackles Islamist militants and various kinds of terrorism at Intelwire but the focus in the above paper is on far Right, white nationalist and radical racist strands of violent extremism

SWJ Blog– (Bunker) Review: Intersections of Crime and Terror and (Sullivan) Spillover/Narcobloqueos in Texas

A new Texas Department of Public Safety Threat Assessment report states that criminal cartels are operating in Texas and are the No. 1 threat to the Lone Star State. Narcobloqueos (narco-blockades) are now being seen north of the border.

Eeben Barlow – Failing to Listen