http://blogs.forbes.com/firewall/2010/07/06/throwing-the-sun-tzu-baby-out-with-the-infosec-bathwater/ By Jeffrey Carr The Firewall Forbes.com July 6, 2010 Steve Tornio and Brian Martin just published a 5,000 word rant [1] against anyone who dares utter the name Sun Tzu in connection with information security. According to Tornio and Martin, Sun Tzu - the principal strategic authority who's seminal work has served to guide China's military and civilian leadership for 2500 years, is "not relevant to modern day InfoSec" because "information security is not warfare (leaving aside actual warfare, of course". That's a pretty huge stipulation considering that the People's Republic of China has been heavily invested in information technology R&D to revolutionize both its Armed Forces and its civilian infrastructure simultaneously for the past 20 years or so. The same is true for the Russian Federation (sans Sun Tzu, of course). I'd love to hear either of these two gentlemen discuss where they make the distinction between InfoSec for the enterprise versus InfoSec as an "expression of warfare by other means" (to paraphrase Clausewitz) or their thoughts on the implications of China's recent reorganization of its defense and civilian funding for priority IT research through one agency, thus making it easier to persist the illusion of plausible deniability while further blurring the line between civilian and military technology. Then we come to your assessment of Sun Tzu's advice regarding knowing your enemy: [1] http://attrition.org/security/rants/fsck_sun_tzu/ [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Wed Jul 07 2010 - 01:45:28 PDT
This archive was generated by hypermail 2.2.0 : Wed Jul 07 2010 - 01:57:22 PDT