The ever-growing interest in cybersecurity has spawned a large number of books and articles dealing with the deluge of issues stemming from the rising importance of cyberspace. Many of them, including some already reviewed on this website, focus on particular aspects of cybersecurity – it might be cybercrime, social engineering, law of cyberwar, cyberterrorism and many others. However this book, reviewed here, takes a different approach. It attempts to tie all these diverse skeins together into a sweeping and approachable book about, as the authors put it, “all this cyber stuff.”
And without any further ado it needs to be said the authors succeeded. The book strikes a good balance between being technically accurate yet still comprehensible for laymen and also being highly relevant to current politics without sliding down towards either cheerleading or scaremongering (which is unfortunately all too common these days). This in itself is no easy feat, undoubtedly facilitated by considerable experiences of the pair who wrote the book. P. W. Singer has already authored several books about modern security challenges and Allan Friedman is an accomplished technologist and scholar.
Apart from getting the balance between politics and technology quite right, this book also carries a certain popular and even whimsical flare. It contains jokes, large number of references to funny cat memes and it does not shy away from strong language at a few places. It is definitely not a dry, strictly factual or conceptually abstract academic tome as that would probably put off much of the target readership. Authors clearly wanted this book to be read not just by scholars, but also by corporate managers, military personnel, politicians, bureaucrats and interested public. This not only boosts their book sales but also makes the impact of their arguments much wider, which is badly needed in today’s world characterized by both high dependence on IT services and widespread ignorance about IT security.
The downside is that scholars will probably not learn much about their particular fields of expertise, since the book does not go into great depths or details about any specific issue, which follows from the aforementioned target audience. But at the same time, scholars are almost guaranteed to learn a good deal about other aspects of cybersecurity and see their own specialty put in a wider context. Another added value is the large number of background stories and insider knowledge the authors can provide.
The overall structure of the book is somewhat atypical, as it is presented in a “Frequently Asked Questions” (FAQ) format grouped into three major parts with self-explanatory titles – “How it all works”, “Why it all matters” and “What can we do?” This structure makes it markedly easier to quickly look up specific topics or answers to particular quandaries anyone might have. However, it also leads to some discontinuities among certain “questions” or chapters, as they can cover quite a different topic than the one before. The book also does away with in-text citations and uses a list sorted by page numbers instead, which makes it appear even more approachable and less like a specialist textbook.
It is quite hard to find anything missing or wrong with the book. Friedman and Singer use a very balanced approach to cybersecurity, even on the US-China front. They do not pay much attention to other actors however. And while the authors strongly and commendably resist the scaremongering surrounding cyberterrorism and so-called “cyber Pearl Harbor” or “cyber 9/11”, they also do not really fully address neither the difficulty nor impact of potential future physical or kinetic cyber attacks. Singer and Friedman also apparently could not make up their minds whether to use the name “hacktivism” or “hactivism,” as both make regular appearances which is probably just an artifact of the dual authorship that slipped through.
Towards the end, the pair makes a compelling and very strong case for increased vertical government-private cooperation and an adjustment of incentives as a primary tool to fight the apparent lack of investment into cybersecurity. The second major point is the importance of education on all levels to close the existing tragic gap between generations and to push back the technical ignorance which is so prevalent among our policymakers.
To sum up, this book is pretty much exactly what it says on the cover. It is not a technical manual on how to secure a network or win a cyberwar, neither is it an academic research report. It is a policy book and it presents an approachable and well-argued overview of “what everyone needs to know” about cybersecurity – or at least everyone who uses the internet…
Singer, Peter Warren – Friedman, Allan. 2014. Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford University Press, New York. ISBN 978–0–19–991811–9