We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!
Book Review by Canon Committee Member, Bob Clark: Rise of the Machines: A Cybernetics History (2016) by Thomas Rid
Executive Summary
As cybersecurity practitioners we have a lot to read simply to stay current in our industry. However, after reading the latest threat reports, flash releases, CERT notifications, CVEs and products on emerging technology, we should seek to develop ourselves as complete practitioners. This is one of those books. Understanding our history, and how we got here, makes you a better practitioner with a broad base of knowledge. And hell, who doesn't love a book that talks about the HAL9000, Arthur C. Clarke, Playboy articles, Omni magazine, AT-ATs, Terminator, Karel Čapek’s R.U.R. (the 1920 Czech play that gave us the word “robot”), Blade Runner, Whole Earth Catalog, Mary Pranksters and acid trips, the counterculture of San Francisco, and finally, finally, lets us all quote the real origins of that much-maligned term "cyber." Rise of the Machines: A Cybernetics History covers it all, including the arts, literature, and trends in pop culture.
The author, Thomas Rid, is a professor in the Department of War Studies at King’s College London and the author of Cyber War Will Not Take Place and War and Media Operations. Professor Rid's research is extensive as he takes us through the history of cybernetics, the merging of man and machine starting with cybernetics foundations in Norbert Weiner's writings in the 1940s and moving through each subsequent decade, including the West Coast techno-libertarians' addition to the theory, ending with an extensive look at what Rid calls the first cyberwar.
As Matthew Kirschenbaum states in his review:
Rise of the Machines is a sweeping intellectual history, engagingly written and brought to life by numerous details and anecdotes. Cybernetics and its progression of offshoots — cybernation, cyberculture, cyborgs, cyberspace, cyberpunk, cypherpunk, and finally cyberwar — are all disentangled and demystified in its pages.
Cybersecurity Canon candidate books are supposed to be essential to the cybersecurity practitioner, and it's great to be steeped in your specific knowledge that makes you an expert. However, it is well-rounded practitioners who will distinguish themselves among their peers; reading this book will definitely accomplish that goal.
Review
I confess, any book that can properly define the word "cyber" – I'm all for it, especially with so many practitioners and policy wonks misusing the term. Rid recognizes this and, therefore, uses this historical look to help us all understand where, when and how to use the prefix "cyber." Rid immediately helps the industry, correctly stating that "cyber" is a prefix being slapped onto anything to make it more techie or interesting. He goes on to answer the oft-asked question, “where did cyber come from?” He slams the door shut on that perpetuated myth we've all heard and repeated that cyber is the child of William Gibson's Neuromancer. "Cyber" was first used as in "cybernetics" a general theory of machines from the early 1940s; it was about computers, control, security, and the ever-evolving interaction between humans and machines.
Rid builds the book’s narrative through eight main chapters that are organized chronologically: Automation, Organisms, Culture, Space, Anarchy and War. Cybernetics found its beginnings in Norbert Wiener’s foundational Cybernetics or Control and Communication in the Animal and the Machine (1949) that became improbable bestsellers. Using this as a launching point, Rid looks at cybernetics through the decades to include not only the technological advances but also the philosophical developments dealing with advances in merging machines with humans. Others mentioned, who come and go along the way, include John von Neumann, Gregory Bateson, Stewart Brand, Timothy Leary and Jaron Lanier.
Developed from the mind of MIT mathematician Norbert Wiener amid the devastation of World War II, the cybernetic vision looked at the merging of man with the future of machines. This need to combine man and machine to improve our defenses and man's capability to fight looks at the early advances in war-fighting capabilities, not only man becoming engaged with various machines but also computer systems developed, such as our air defense system SAGE – one would say, the predecessor to NORAD.
The 50s and early 60s see the same focus, making technology that can increase man's power and strength to include fighting devices developed for the war in Vietnam and walking machines that never got past prototypes but preceded the AT-ATs of Star Wars. Ultimately cybernetics finds two competing factions: some seeking to make a better world – Bay Area denizens/libertarians hoping for a new unregulated and uncontrolled digital space – and some seeking to control it (i.e., Washington, DC).
In the 60s and 70s the technology side of the cybernetics movements, changes with the Bay Area’s introduction into drugs, rock and computers. Rid details the rise of this movement including the numerous influencers from the West Coast, including the birth of the Electronic Frontier Foundation, a great organization for defending civil liberties in the digital world.
As the Bay Area movement subsides, the 80s did bring us Gibson's cyberpunks and "Rid takes us back inside the green machine — the military, specifically the U.S. Department of Defense, aligning the precepts of the AirLand Battle that was supposed to defeat Warsaw Pact tank armies in the 1980s and the post-Desert Storm revolution of military affairs with cybernetic arts of war." We also see the rise of unfulfilled promises of cool "virtual reality" devices, the prototypes of which were clunky at best and looked like "Dark Helmet" from Mel Brooks’ Spaceballs. And let us not forget what the 90s brought us, of course: the crypto wars and introduction of cypherpunks.
Finally, Rid finishes up with a topic near and dear to his heart and extensively researched: moonlight maze, as many U.S. government folks called the first state-on-state cyberwar. (Cyber-espionage is what it should have been classified.) Ironically Matt Kirschenbaum compares Rid's discussion on this subject with Fred Kaplan's in Dark Territory, also reviewed by me and on the Canon website. Kirschenbaum believes Rid presents this information much more deeply than Kaplan. And while I know Rid's research is extensive, I thought both covered it equally well with Kaplan painting the Russian's actions much better. Then again, I think it fit better into Kaplan's book and was treated appropriately in Rid's.
Of course "the climax of the book is its discussion of the complex of public fears around an Electronic Pearl Harbor (the language is Hamre’s), a phrase whose staying power Rid sees as evidence of the machines at their apogee."
Conclusion
Rise of the Machines: A Cybernetics History will not make you more proficient in your cybersecurity job, unless you're a policy wonk. What this book will do is make you a better practitioner, well-versed in "the rise of the machine." And if your promotion comes down to advancing an SME who can speak solely to his/her area of expertise or promoting one that, all things being equal, is more well-rounded then this book will definitely accomplish that and give you knowledge to be used as a cyber-professional. (See how I did that? I used "cyber" as a prefix before "professional." Tom Rid would be proud – I think.)