Cybersecurity experts from across industries and sectors share insights on how to think like scientists to master cybersecurity challenges
Humankind’s efforts to explain the origin of the cosmos birthed disciplines such as physics and chemistry. Scientists conceived of the cosmic ‘Big Bang’ as an explosion of particles - everything in the universe centered around core elements and governed by laws of matter and gravity. In the modern era of digital technology, we are experiencing a similar explosion of ones and zeros, an exponentially expanding universe of bits of data centered around the core elements of speed and connectivity. One of the disciplines to emerge from our efforts to make sense of this new universe is the science of cybersecurity. Cybersecurity is as central to the Digital Age as physics and chemistry were to the Scientific Age. The Digital Big Bang explores current and emerging knowledge in the field of cybersecurity, helping readers think like scientists to master cybersecurity principles and overcome cybersecurity challenges.
This innovative text adopts a scientific approach to cybersecurity, identifying the science’s fundamental elements and examining how these elements intersect and interact with each other. Author Phil Quade distills his over three decades of cyber intelligence, defense, and attack experience into an accessible, yet detailed, single-volume resource. Designed for non-specialist business leaders and cybersecurity practitioners alike, this authoritative book is packed with real-world examples, techniques, and strategies no organization should be without. Contributions from many of the world’s leading cybersecurity experts and policymakers enable readers to firmly grasp vital cybersecurity concepts, methods, and practices. This important book:
- Guides readers on both fundamental tactics and advanced strategies
- Features observations, hypotheses, and conclusions on a wide range of cybersecurity issues
- Helps readers work with the central elements of cybersecurity, rather than fight or ignore them
- Includes content by cybersecurity leaders from organizations such as Microsoft, Target, ADP, Capital One, Verisign, AT&T, Samsung, and many others
- Offers insights from national-level security experts including former Secretary of Homeland Security Michael Chertoff and former Director of National Intelligence Mike McConnell
The Digital Big Bang is an invaluable source of information for anyone faced with the challenges of 21st century cybersecurity in all industries and sectors, including business leaders, policy makers, analysts and researchers as well as IT professionals, educators, and students.
Table of Contents
Introduction xvii
Section 1: Binding Strategies 1
1 Speed 5
Speed: The Nucleus of the Cyberfrontier 7
Roland Cloutier, ADP
Is Speed an Advantage? It Depends on the Context 18
Scott Charney, Microsoft
2 Connectivity 23
Managing the Intensifying Connectivity of the IoT Era 25
Brian Talbert, Alaska Airlines
Cyberspace: Making Some Sense of It All 30
Chris Inglis, Former NSA Deputy Director
Section 2: Elementary Shortfalls 43
3 Authentication 47
Authentication, Data Integrity, Nonrepudiation, Availability, and Confidentiality: The Five Pillars of Security 50
Mike McConnell, Former Director of National Intelligence
Authentication and Models of Trust 58
Shannon Lietz, Intuit
4 Patching 65
Patching: A Growing Challenge and a Needed Discipline 68
Chris Richter, Former VP of Global Security Services, CenturyLink
Conquer or Be Conquered 74
Renee Tarun, Fortinet
5 Training 79
Fill the Skills Gap with an Environment of Continual Training 82
Chris McDaniels, CT Cubed, Inc.
Employee Training is Key for Cybersecurity 89
Mo Katibeh, AT&T
Training is a Mindset 97
Dave Rankin, Verisign
Section 3: Fundamental Strategies 103
6 Cryptography 105
Cryptography: The Backbone of Cybersecurity 108
Taher Elgamal, Salesforce
Cryptography: The Good, the Bad, and the Future 117
Dan Boneh, Stanford
7 Access Control 127
Managing Access in Challenging Environments 130
Erik Devine, Riverside Health
A Systematic Approach to Access Control 136
George Do, Equinix
8 Segmentation 143
Successful Segmentation Isn’t Separation: It’s Collaboration 147
Colin Anderson, Levi Strauss & Co.
Why We Need to Segment Networks 153
Hussein Syed, RWJBarnabas Health
Section 4: Advanced Strategies 161
9 Visibility 164
Visibility: Identifying Pathogens, Risk Factors, and Symptoms of Cyberattacks 167
Michael Chertoff, Former Secretary, Department of Homeland Security
20/20 Insight: Redefining Visibility to Stop Modern Cybercrime Syndicates 173
Tim Crothers, Target
The Challenge of Visibility 180
Daniel Hooper, PIMCO
10 Inspection 188
In and Out of the Shadows: The Visibility That Inspection Enables is Not Confined to Technology Alone 192
Ed Amoroso, TAG Cyber
The Fundamental Importance of Inspection 199
Michael Johnson, Capital One
11 Failure Recovery 206
Preparation, Response, and Recovery 209
Thad Allen, Booz Allen Hamilton
Cyber Event Recovery 219
Simon Lambe, Royal Mail
Section 5: Higher-Order Dimensions 223
12 Complexity Management 226
Shift Your Mindset to Manage Complexity 229
Michael Daniel, Cyber Threat Alliance
Seven Steps to Reducing Complexity 238
Jay Gonzales, Samsung
13 Privacy 246
Don’t Panic! Security Pros Must Learn to Embrace the New Era of Privacy 249
Kevin Miller, MGM Resorts International
Stricter Privacy Regulations Are Driving the Conversations - and Innovations - We Need 259
Peter Keenan, Global Financial Services Firm
14 Human Frailty 265
Overcoming Human Frailty: People and the Power of Obligation 268
Kevin Kealy, Ingram Micro
Overcoming Human Frailty by Design 274
Theresa Payton, Fortalice
The Future 282
Why Cybersecurity Needs AI 290
Michael Xie, Fortinet
The Future of Cybersecurity 293
Ken Xie, Fortinet
Index 301
