Great post. Thought I might share a few related books I’ve found interesting (in rough order of usefulness according to my memory)- I’m looking for more so please share!
1. Perfect Weapon by Sanger. An account of the history of cyberweapons and cyber espionage by one of the NYT reporters who broke a number of stories on covert cyber programs like Stuxnet. I found it relatively “spin-free” compared to other content in the area and probably at least 1.5x as useful as the next most.
2. The Sword and the Shield by Andrew and Mitrokhin. A detailed history of the KGB based on one of the largest intelligence leaks in history (Mitrokhin worked in the KGB archives for years). A lot of the details were in the weeds, it is very USSR centric, and doesn’t reach modern day, but I found it useful for getting a sense of how information security worked in the pre-digital age.
3. Legacy of Ashes by Wiener. A history of the CIA with a definitive slant towards trying to demonstrate the agency is incompetent (I think examples may be somewhat cherry picked to this end based on 2) and other accounts). Still found helpful for getting a general sense of how the intelligence community does info security.
4. Click Here to Kill Everybody by Schneier. Similar to 1) but with a narrative driven more by the author’s various theses on security and seemingly geared toward a more popular audience. Examples are fairly redundant with 1).
(A couple caveats: I wish I knew better examples than the above and read these rapidly and some time ago. I expect that re-reading deeply would change my portrayal of them/ and/or ranking. )
Just finished Spy Schools by Golden. I would rank it between 1) and 2). Describes the history of espionage in academic and research circles. Doesn’t emphasize cyber, but is much more up to date than 2)-4) and given how relevant academia is, I found the examples more interesting.
Great post. Thought I might share a few related books I’ve found interesting (in rough order of usefulness according to my memory)- I’m looking for more so please share!
1. Perfect Weapon by Sanger. An account of the history of cyberweapons and cyber espionage by one of the NYT reporters who broke a number of stories on covert cyber programs like Stuxnet. I found it relatively “spin-free” compared to other content in the area and probably at least 1.5x as useful as the next most.
2. The Sword and the Shield by Andrew and Mitrokhin. A detailed history of the KGB based on one of the largest intelligence leaks in history (Mitrokhin worked in the KGB archives for years). A lot of the details were in the weeds, it is very USSR centric, and doesn’t reach modern day, but I found it useful for getting a sense of how information security worked in the pre-digital age.
3. Legacy of Ashes by Wiener. A history of the CIA with a definitive slant towards trying to demonstrate the agency is incompetent (I think examples may be somewhat cherry picked to this end based on 2) and other accounts). Still found helpful for getting a general sense of how the intelligence community does info security.
4. Click Here to Kill Everybody by Schneier. Similar to 1) but with a narrative driven more by the author’s various theses on security and seemingly geared toward a more popular audience. Examples are fairly redundant with 1).
(A couple caveats: I wish I knew better examples than the above and read these rapidly and some time ago. I expect that re-reading deeply would change my portrayal of them/ and/or ranking. )
Just finished Spy Schools by Golden. I would rank it between 1) and 2). Describes the history of espionage in academic and research circles. Doesn’t emphasize cyber, but is much more up to date than 2)-4) and given how relevant academia is, I found the examples more interesting.