Military Strategy Applied to Security

It is no secret to anyone who knows me or has heard me speak on the subject of security that I have learned quite a bit of my way of thinking about computer and Internet security while serving in the military and while attending the United States Military Academy (West Point).  I tend to think of securing a web application as a battle or campaign.  I want to destroy the hacker for daring to cross the line of departure.  As a result I have drawn heavily from the classics of military strategy and wanted to share a couple of titles with you.  I will spare you the references that are wholely obvious such as Sun Tzu’s “The Art of War” and “The Book of Five Rings” while also stepping gingerly around the more heavy reads such as Clauswitz’s “On War”.  I do suggest you read those if they peak your interest, but I think there are two books that should be read by everyone who seeks to have a deeper understanding.  The first is called the “Defense of Duffer’s Drift” and is a great introduction to defensive tactics written in a unique and entertaining style.  A friend of mine pointed me to an online version that I think is the complete text though if you like it definitely pick up a copy to read regularly.  The other book is called “Lure the Tiger into the Mountains” and it is a great read about the 36 classic strategems taken from Chinese history.

Expect some comments about and from these books in the future here on my blog.  Some of you may already know that Duane Laflotte and I are planning to write a book and our plan is to mimic the format to some extent of the Defense of Duffer’s Drift.