I have to confess that I was somewhat skeptical about The Digital Big Bang: The Hard Stuff, the Soft Stuff, and the Future of Cybersecurity by Phil Quade. The book consists of chapters contributed by a variety of prominent industry professionals. I am not a big fan of the contributed chapter approach to book writing. However, my skepticism proved to be misplaced.
Quade, who serves as CISO of Fortinet (NASDAQ: FTNT), the multi-faceted, multi-billion-dollar cybersecurity vendor, has achieved something that many seek, but few deliver: true thought leadership. The book reads like the print version of a great cybersecurity conference. You get to hear real insights from extremely knowledgeable and experienced industry experts.
Quade’s premise, that the Internet and its security problems can be likened to the “big bang” theory of the universe, is a bit TED-talkish, but he has a significant and relevant point to make. The Internet, and modern computing in general, comprise a categorically different entity from anything that came before it. It moves at a higher speed, and offers more connectivity, than any invention in human history. Therefore, it does not work well with old models of security. Rather, being secure requires a scientific approach.
To bolster his hypothesis, Quade enlists contributions from senior security executives at companies like AT&T, Intuit and Booz Allen Hamilton. The more than 20 chapters written by Quade’s colleagues articulate the many ways cybersecurity has succeeded, and failed, to achieve the scientific success highlighted by Quade. They cover topics like authentication, cryptography, access control, visibility and inspection.
The book succeeds in blending effective explanations of major issues in cybersecurity and practical approaches to addressing risk. It contains thought-provoking discussions of the limits of the most current countermeasures. For example, the chapter on cryptography lays out the risks of poor cryptography implementation. This was a revelation for me, and it underscores how fragile many seemingly bulletproof security tools can be.
“The Digital Big Bang” also highlights the human factor in cybersecurity. From the start, Quade emphasizes the fundamental, human-based design flaw in the Internet—that it was built for a group of known, trusted people, but then exploded into public use with little thinking about the risks of that move. His contributors also delve into the organizational (human) challenges in implementing security policies. For example, as his contributor notes, network segmentation is only slightly about networks. It’s largely an organizational change management issue, with all the attendant political hassles and challenges that brings up.
This book would be an instructive read for a business manager who wants to get a feel for the range of issues that arise in cybersecurity. It would also be useful to an IT person who may want to get a broader view of the cybersecurity field. It’s well-written throughout, which is also a pleasant surprise for a book with so many contributors.
Publication Date: August 6, 2019
Sold by: Amazon Digital Services LLC