Richard Thieme Defending the Information Web New Ways of Thinking About Security
0Richard Thieme, CEO, Thiemeworks.com.
Defending the Information Web: New Ways of Thinking About Security
Computer security often focuses on trees. Yet data becomes meaningful only when seen as a forest.
Security means operating on the macro level of the Big Picture. Security means defending an organizational structure, not its data. Security begins, therefore, with a mental model of the organization, not the data inside it. Attacker and defender share this mental model prior to attack or defense. Attackers must know what they're looking for before they look for it.
It's a paradox, all right. Security begins and ends with a shared paradigm. To the degree that it doesn't, data is leaked through other structures where it is linked differently and mined by different algorithms.
War in space is an example. In the space-air-ground model, the entire web of information spun across all dimensions of the system must be defended. The entire system radiates information not just through explicit communication but through energy, structure and behavior. If something moves, it is talking.
Cyberdefense means defending the entire web in which information in all its forms is embedded. The entire web spun through space, air and ground defines the topography of the battlespace. The use of holographic image projection, cloaking devices, multispectral camouflage, and the creation of synthetic environments which the attacker believes to be real in space war also serve as metaphors for what is necessary in computer security as well ... because computer security is a subset of the entire information web.
Because the manipulation of human perception is the primary act of cyberwar, including deception, illusion, and camouflage of every dimension of a system, concepts and percepts alike are ammunition in global cyberwar. Cyberwarfare is in fact cyborg-war.
This presentation uses war in space as a metaphor for the macro models that must inform computer security if it is to be truly secure.
Thieme was born in Chicago, Illinois, in 1944 and graduated from Northwestern University in 1965 with a B.A. in English literature (highest honors, Phi Beta Kappa). His non-academic education included working with the Daley political organization. After living in Madrid, Spain for a year, he attended the University of Chicago (Title IV NDEA Fellow) and received an M.A. in English literature. He taught literature and writing at the University of Illinois-Chicago and wrote fiction in his twenties. Then, after two years in England and a three-year professional Master's degree from Seabury-Western Theological Seminary, he became an Episcopal priest and led parishes for sixteen years in three very different cultures: Salt Lake City, Utah; the Hawaiian island of Maui; and Milwaukee, Wisconsin.
He bought an Apple II computer in the early eighties and life was never the same. He realized that the way he was affected by his interaction with the computer was exactly how society would be affected by the computer revolution. He began writing about topics like "Computer Applications for Spirituality: the Transformation of Religious Experience," but ÷ as one editor wrote ÷ "only three of you care about this."
The internet changed all that, making the transformation visible. His diverse experiences working with symbols in speech and literature and communities bound together by symbols translated effortlessly into the digital world. His passion for exploring the impact of technology on institutions and organizations ÷ business, education, government, religion ÷ and his extensive experience with leadership, management, organizational dynamics, and cultural diversity led him to establish ThiemeWorks in 1993 to pursue a career of professional speaking, consulting, and writing.
Black Hat - USA - 2001 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security