CyberWire Daily - So you want to write a book about AI and cybersecurity? [CSO Perspectives]
Episode Date: November 25, 2024Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, turns over hosting duties to Caroline Wong, the Chief Strategy Officer at Cobalt to discuss the mechanics of writing a cybersecurity boo...k about AI. References: Ben Smith. “Security Metrics: A Beginner’s Guide” Review [Review]. Cybersecurity Canon Project. Caroline Wong, 2011. Security Metrics, A Beginner’s Guide [Book]. Goodreads. Rick Howard, Caroline Wong, 2022. Interview with Author and Hall of Fame winner Caroline Wong [Interview]. Cybersecurity Canon Project. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard. Security Metrics, A Beginner’s Guide [Review]. Cybersecurity Canon Project. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you i was concerned about my data being sold by data brokers so i decided to try delete me i have
to say delete me is a game changer within days of signing up they started removing my personal
information from hundreds of data brokers i finally have peace of mind knowing my data privacy
is protected delete me's team does all the work for you with detailed reports so you know exactly Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K.
Hey, everybody.
Welcome back to Season 15 of the CSO Perspectives podcast.
This is the last episode of the season where we turn the microphone over to some of our regulars who visit us here at the N2K CyberWire hash table.
You all know that I have a stable of friends and colleagues who graciously come on the show to provide us some clarity about the issues we're trying to understand. At least that's the official reason we have them on the show. In truth, though,
I bring them on to hip-check me back into reality when I go into some of my more crazier rants.
We've been doing it that way for almost four years now, and it occurred to me that these
regular visitors to the hash table were some of the smartest and well-respected thought leaders
in the business. And in a podcast called CSO Perspectives, wouldn't it be interesting and
thought-provoking to turn the mic over to them for an entire show to see what's on their mind?
We might call the show Other CSO Perspectives. So that's what we did. Over the break, the interns
have been helping these hash table contributors get their thoughts together for an entire episode for this podcast.
So, hold on to your butts.
Hold on to your butts.
This should be interesting.
My name is Rick Howard, and I'm broadcasting from the N2K CyberWire's secret Sanctum Sanctorum studios,
located underwater somewhere along the Patapsco River near Baltimore Harbor, Maryland, in the good old U.S. of A. And you're listening to CSO Perspectives, my podcast about the ideas,
strategies, and technologies that senior security executives wrestle with on a daily basis.
Caroline Wong is the Chief Strategy Officer for Cobalt, a pen test as a service company,
where she has worked for over eight years.
She's kind of a unicorn in that regard.
But over the years, she's held senior security positions in companies like eBay,
Sigital, and Symantec.
I first ran into her when the Cybersecurity Canon Project inducted her book,
Security Metrics, a Beginner's Guide, into the Hall of Fame a couple of years ago.
I immediately reached out to ask her to join the CyberWars hash table crew.
Well, she's been writing a new book on cybersecurity AI,
and I thought it would be interesting to let her talk about the mechanics of writing a cybersecurity book
and outline her initial thoughts about what topics might go into a book of that sort.
Here's Caroline.
I'd like to start off today by thanking Rick Howard for inviting me to join CSO Perspectives.
It's an honor to be a part of this series, which I've long admired for its thoughtful
exploration of the ideas and challenges shaping our industry.
I'm excited to share my perspective and contribute to the ongoing dialogue about cybersecurity
resilience.
I'm Caroline Wong, cybersecurity author, educator, and advocate for resilience in the face of
digital threats.
Today, I'm sharing about something very personal,
my journey writing my second book.
It's tentatively titled Beyond Algorithms,
How AI and Cybersecurity
Are Defining the Future of Resilience.
My first book, Security Metrics, A Beginner's Guide,
was published in 2011 and inducted into the Cybersecurity Canon Hall of Fame in 2022.
Writing a book is challenging, but also deeply rewarding.
And I want to give you an inside look at how this new project came to life.
came to life. We'll explore the mechanics of writing a cybersecurity book, the key themes I'm covering, and why I believe this topic is critical for the future of our field.
But more than that, I'm asking you for your input. If this resonates with you, I want to know
what questions, challenges, and insights do you think should make it into the
final manuscript? Let's start with the mechanics of book writing, particularly in the world of
cybersecurity. Most infosec professionals I've spoken to feel like they have a book in them.
Maybe it's a collection of war stories from the SOC,
a deep dive into threat modeling, or a manifesto about a better way to do security.
Whatever the topic, writing a book is less about having something to say and more about
the discipline of saying it. For me, the process begins with an outline. I presented the framework
for this book to my publisher, Wiley, earlier this year. The key was showing them not only that AI
and cybersecurity are timely and important topics, but that there's a unique angle worth exploring.
unique angle worth exploring, how AI redefines resilience. After the outline is going to come months of research, writing, and revisions. Unlike my first book, which focused on practical metrics
for demonstrating cybersecurity ROI, this one is forward-looking, combining technical concepts with strategic insights.
I expect to be constantly seeking feedback from peers, collaborators, and this podcast audience,
because I believe the best ideas come from collaboration.
AI is reshaping cybersecurity in ways that we couldn't have imagined a decade ago. It is kind of like a dual-edged sword, offering unparalleled advantages for defenders while also empowering attackers.
This dynamic makes resilience more important and more complex
than ever before. Here's an outline of my book, which I hope serves as both a guide and a
provocation for what's ahead. Number one, AI as a weapon for cybercriminals. Adaptive malware, polymorphic attacks,
and AI-driven phishing campaigns
are making traditional defenses obsolete.
AI allows attackers to scale operations with precision,
crafting hyper-personalized social engineering campaigns
that evade classic detection.
Number two, AI as a tool for cyber defenders.
AI's data processing capabilities and how they enable real-time threat detection
and anomaly analysis.
Caterns of life analysis,
where AI learns about normal behavior and flags deviations,
has become a game changer for proactive defense.
But AI isn't foolproof.
We'll also need strategies for defending our models
from adversarial attacks. And of course, number three,
ethics, oversight, and adaptation. As we deploy AI in security, we must balance automation with
human oversight, ensuring fairness, privacy, and compliance. Ethical AI isn't just a buzzword. It's a necessity for maintaining trust
and mitigating unintended consequences. I think one of the things that fascinates me the most
is AI's dual role. It is both a vital defense mechanism and a potent weapon for adversaries. Understanding this
particular tension is key to building the next phase of cyber resilience.
Take AI-powered ransomware, for example. Attackers are using AI to refine their attacks, making their operations faster and harder to detect and to disrupt.
And on the flip side, defenders are using AI to try and predict and also thwart and even block
these attacks before they happen. Resilience in this context means preparing for worst-case scenarios while building systems
that are capable of both recovery and adaptation. It's no longer just about stopping threats.
It's about evolving with them. So here's where you come in. The book is still a work in progress, and I would really like your input. What challenges are you facing as AI transforms the threat landscape? Are there specific use cases, either on the offensive or the defensive side, that you think deserve more attention? What kind of ethical dilemmas and regulatory questions are on your mind?
You can reach out to me on LinkedIn or through this podcast's channels. Your feedback could
help me shape this book and ensure that it addresses the real-world issues that cybersecurity
professionals are grappling with today. To make these ideas tangible, I plan to include
case studies in the book. Here are what some of those might look like.
A global enterprise using predictive analytics to reduce ransomware risks. An incident where
adversarial machine learning disrupted a key AI defense system and how that organization rebounded.
Lessons learned from AI-driven automation in incident response where minutes and seconds can mean the difference between containment and catastrophe.
catastrophe. I'm also outlining practical strategies for integrating AI into cybersecurity programs, balancing automation with human expertise, and building resilient teams that
are equipped to handle AI-driven threats. Writing this book isn't just about sharing what I know.
It's about helping to equip the cybersecurity community for what's coming next.
And that's our show.
Well, part of it.
There's actually a whole lot more.
And if I do say so myself, it's all pretty great.
But before we get to the credits, I have one more announcement to make.
Aside from the annual end-of-year webinar called CSO Perspectives Live
on 19 December at 2 p.m. Eastern Standard Time,
this is my last show for the CSO Perspectives podcast.
That's right.
I'm hanging up the Rick the Toolman tool belt
after four years,
and it's been a great run.
But, you know, it's time to move on to other things.
I've told my CyberWire origin story a lot
over the last four years, but here it is one last time. You all know that I've been a fan of podcasts
long before we even started calling them podcasts. And one of my duties at my last CSO gig was
evangelizing the product. So, I got the opportunity to go on the Cyber Wire shows and hawk our wares on a podcast.
I know.
I was in hog heaven.
That's when I got to know Dave Bittner, Peter Kilpie, and the rest of the Cyber Wire gang.
When I left the CSO gig back in 2019, I thought I was going to retire.
And as a joke, I sent Peter a note saying he should let me do a podcast.
I didn't even expect that he would answer me.
But the next day, he called and said I should come work do a podcast. I didn't even expect that he would answer me.
But the next day he called and said I should come work for him, which I did. And like I said before,
it's been a blast. And at the end of my time here, I can't tell you how fortunate I feel about the opportunity I had here. Rarely as an InfoSec professional, you get the chance to do
nothing but think, reflect, write, and in this case, record my thoughts on everything that's happened in cybersecurity in the last 30 years and test out my ideas about how we could make it better.
The result of that contemplation was our Cybersecurity First Principles book, which I'm very proud of, and which the first draft of those ideas came from this podcast.
And I couldn't have done any of that without the crew here at
the Cyber Wire that supported me and all of my crazy ideas. Jen is our producer extraordinaire
and my partner in crime. I love you, Jen. Elliot, our sound wizard, and Trey, his clone,
their music and editing made what I wrote sound way more important than it really was.
Bennett, our sales guy, he and his team said, wait, you want to do what?
Yeah, I can sell that.
Brandon, our jack-of-all-trades biz guy,
who actually found a way to make the biz profitable
and was, by the way, one of the editors to the book.
So thanks for doing that, Brandon.
It was way better because you were on that project.
Dave, the best podcast host on the planet, bar none.
He and I got to do so many great things together,
but without him, it wouldn't have worked at all.
And Peter, who took a chance on a senior security pro
who couldn't even spell podcast three times out of five,
let alone make one.
And everyone else at the CyberWire
who I didn't get a chance to mention here,
not to mention the outside crew of thought leaders
who would graciously come on the CyberWire hash table to help us understand something. I love you all very much and consider
an honor to be your friend. So as we let the interns return to their homes for the first time
in years and close the door to the Sanctum Sanctorum one last time. No, no, no, Kevin. It's
lefty, loosey, righty-tighty to lock the outer hat.
Even after all this time, you still have to watch them like a hawk.
Anyway, it's time to say goodbye.
To all the listeners out there, thank you, thank you for joining me on this journey.
It has been a pleasure, and I will see you down the road. CISO Perspectives is brought to you by N2K CyberWire,
where you can find us at thecyberwire.com.
For this episode, I've added some helpful links in the show notes
to help you do more of a deep dive if that strikes your fancy. And don't forget to check out our book, Cybersecurity First Principles,
a reboot of Strategy and Tactics that we published in 2023. Automation as a first
principle strategy is a key concept that runs all through that book. But I can see that whenever I
get around to writing that second edition, AI might be an entire subsection of that chapter. And by the way, we'd love to know what you think of our show. Please share a rating
and review in your podcast app. But if that's too hard, you can fill out the survey in the show
notes or send an email to csop at n2k.com. We're privileged that N2K Cyber Wire is part of the
daily routine of the most influential
leaders and operators in the public and private sector, from the Fortune 500 to many of the
world's preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at N2K.com.
One last thing, here at N2K, we have a wonderful team of talented people
doing insanely great things to make me sound good.
And since I'm at the end of my tenure here at the CyberWire,
I think it's only appropriate that you know who they are.
I'm Liz Stokes. I'm N2K's CyberWire's Associate Producer.
I'm Trey Hester, Audio Editor and Sound Engineer.
I'm Elliot Peltzman, Executive Director of Sound and Vision. I'm Jennifer Iben, Executive Producer.
I'm Brandon Karf, Executive Editor. I'm Simone Petrella, the President of N2K.
I'm Peter Kilpie, the CEO and Publisher at N2K. And I'm Rick Howard. Thanks for your support, everybody.
And thanks for listening. Thank you.