Cyber Canon Book Review: “The Fifth Domain - Defending our country, our companies, and ourselves in the age of cyber threats” by Richard A. Clarke and Robert K. Knake (published July 16, 2019)
Book Reviewed by: Helen Patton, Chief Information Security Officer, The Ohio State University; Fred Streefland, CSO NEUR and EEUR, Palo Alto Networks; John Davis, VP and CSO (Federal), Palo Alto Networks.
Bottom Line: We recommend this book for the Cybersecurity Canon Hall of Fame.
We truly believe that “The Fifth Domain” is a “must read” for not only every cybersecurity professional – in both the public and private sectors – but also for every global citizen who has an interest in what’s happening in the digital age.
The book, which officially published on July 16, 2019, is written by Richard A. Clarke and Robert K. Knake, two very experienced, leading experts on security, cyberspace and terrorism. They clearly show their experience throughout the book and combine the facts with their honest opinions. They give us clear insight, using easy-to-understand language, about the enormous challenges we all face from cyber threats.
“The Fifth Domain” describes the roles and responsibilities that governments, industry and citizens should have and why these roles are the most practical and effective way of improving the increasingly dangerous situation we face today. Throughout the book, the authors reiterate that we need to shift the balance of power from the attacker to the defender, to enable our institutions to be resilient in the face of changing attack patterns.
This is exactly why this book is unique and great to read. It provides the reader with knowledge of and insights into today’s cyberworld. The book is very current and invites the reader to think constantly about how to make improvements within cyberspace.
The book provides an overview of the developments within cyberspace (or the “fifth domain,” as it is identified by the U.S. government), and describes what has happened in the past with attacks like Stuxnet and Wannacry. The authors note that, while cyber may be the “fifth domain” of war, it is the only domain that is man-made, and therefore we are capable of changing it. They also detail cyber events and actors that are not always well-known, which is another reason why every cybersecurity professional should read this book.
Some of our favorite parts of the book involve the important role that responsible cyber threat intelligence sharing at speed and scale plays in the concept of collective defense (including an explanation of the innovative work of industry’s Cyber Threat Alliance). The authors also highlight rapid recovery from and resilience to cyberattacks through an integrated and agile “DevSecOps” model.
The writers show their knowledge about the details of the most impactful cyberattacks in the past and explain why things went wrong (if they went wrong) and how these mistakes could have been prevented, or which lessons learned could be identified and learned. They describe the reactions from the U.S. administration to those events, while sharing their own opinions on what could have been worse, different or better. Of particular interest is a section on why certain types of attacks could happen again and how to mitigate these risks.
“The Fifth Domain” opens with stories of impactful events and builds up the narrative and implications, describing what corporations are and should be doing, followed by what the government should and should not do. It concludes with predictions for the near future of cyberspace.
Clarke served in the U.S. Government for 30 years, including as White House counterterrorism coordinator under Presidents Bill Clinton and George W. Bush and became the first White House official placed in charge of U.S. cybersecurity policy. He is the author of eight books (four of which are non-fiction and four novels). Knake served from 2011 to 2015 in the Obama White House as director of cybersecurity policy at the National Security Council. He is a senior fellow at the Council on Foreign Relations, a senior research scientist at Northeastern University in Boston and an advisor to start-ups, investment firms and Fortune 500 companies.
The writers provide advice and suggestions on how they would have handled these challenges and how both corporations and governments can improve. Both writers are realistic enough to know that many of these improvements probably won’t happen. They discuss these issues without injecting any political bias. Both writers also comment on the actions taken by corporations and don’t “spare” them with their critiques.
In looking to the near future, the book contains a very good description of where we are heading with some very powerful technologies, including software-based advanced analytics like machine learning (ML) and artificial intelligence (AI), quantum capabilities, 5G, and the Internet of Things (IoT) with its connection to internal control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Clarke and Knake describe current and expected developments within these areas and predict how these elements will change cyberspace, both from a defender’s and an attacker’s perspective. When the authors move on to consider future technologies, they provide practitioners ways of thinking about emerging technologies and emerging threats, including ideas that can be immediately applied. They are clear-eyed when talking about emerging technologies, noting where there is substance and where there is still just theory and hype. This pragmatic view will make it easier for cyber defenders to prioritize and incorporate the book’s suggestions into current security programs.
Clarke and Knake conclude this outstanding book with some practical advice and a menu of best practices available to all digital citizens in order to better manage cyber risks and protect themselves from cyber threats. These recommendations include: advice about what’s really important to protect; passwords and multi-factor authentication; identity management; what to do about your banks, stocks and credit cards; best practices for your device security settings; what you should back up and how to do it; and what you should do if you lose a device.
In the final words of the authors: “We must continually adapt and improve capabilities for individual companies, governments and for the ecosystem as a whole. What’s really needed is a shift in mindset. Governments have their roles, but the primary responsibility lies with the private sector. Securing our countries, our businesses and ourselves in cyberspace is far from hopeless. We have the strategy, we have the tools – now we need to do the hard work. What is missing is national consensus, will and priority setting.”
Do we need to say more? This is a MUST read book!
We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!