Looking at my previous reviews, it's clear that my interest in reading and reviewing technical books expired in the summer of 2011. Since then, the only technical book I wanted to read and review was Michael W. Lucas' excellent SSH Mastery. MWL is such a great author that I read just about anything he writes, and I was interested in his first self-published technical work.
So what happened? Becoming CSO at Mandiant in April 2011 contributed to my changing interests. Since that time I've spoken to almost a hundred reporters and industry analysts, and hundreds of customers and prospects, answering their questions about digital threats and how best to live in a world of constant compromise. (I listed some of the results of talking to the reporters on my press page.)
For me, the most interesting questions involved history, political science, and public policy. Probably not be accident, these are the three subjects in which I have degrees.
Accordingly, I bought and read books to add the historical, political, and policy content I needed to balance my technical understanding of the threat landscape. I also read a few books based purely on personal interest, without a work connection.
I thought you might want to know what these books were, despite my lack of interest in reviewing them at Amazon.com.
The books on Chinese topics included:
- Chinese Intelligence Operations
- China's Techno-Warriors: National Security and Strategic Competition from the Nuclear to the Information Age
- 21st Century Chinese Cyberwarfare
- Chinese Cyber Nationalism: Evolution, Characteristics, and Implications
- China's Rising Global Profile: The Great Power Tradition
Of these five, the first was probably the most interesting. The way Chinese intelligence agencies work today appears very much the same way that the author described them almost twenty years ago.
I read three books on intelligence and Russia:
- For the President's Eyes Only: Secret Intelligence and the American Presidency from Washington to Bush
- Recasting the Red Star
- Cyber Silhouettes: Shadows Over Information Operations
Of these three, the first was exceptional. It combined a history of the US with a history of intelligence through the end of Bush 41's term.
Finally, I read two other books; one related to security, and one completely unrelated:
The first was Bruce Schneier's latest, which I found largely interesting. I recommend reading it, because it may convince you that all the technical safeguards our industry pursues contribute probably less than 10% of the risk mitigation we need in the real world.
The second was another biography of my favorite historical figure, US Grant.
I'm trying to finish Tim Thomas' latest book, Three Faces of the Cyber Dragon, by the end of tomorrow, as well.
In my last post of 2012 I'll announce my Best Book Bejtlich Read in 2012 winner.