Sometimes a person's biography alone is grounds for reading whatever they write. I've got a specific case for you.
Howard Schmidt, CISSP, CISM, is the president of the Information Systems Security Association (ISSA) and author of a fascinating book entitled Patrolling Cyberspace: Lessons Learned from a Lifetime in Data Security.
Schmidt has indeed had a lifetime of involvement in security, beginning with his service to the nation as a member of the U.S. Air Force from 1967 to 1983, the Arizona Air National Guard from 1989 to 1998, and U.S. Army reserves where he was a special agent in the Criminal Investigation Division as well as being a city police officer for the Chandler, Ariz., Police Department. He moved to the National Drug Intelligence Center at the FBI and was a key contributor to the development of computer forensic methodology as head of the Computer Exploitation Team. He also served as supervisory special agent and director of the Air Force office of special investigations computer forensics lab in computer crime and information warfare division where he created a pioneering computer forensics lab for the federal government.
After serving as chief information security officer and chief security officer for Microsoft, he was appointed vice chair of the President's Critical Infrastructure Protection Board and as the special advisor for cyberspace security for the White House in December 2001, and then served as chair from January 2003 until May 2003 when he retired. Other high-level security positions have included the top security jobs at eBay and chief security strategist for the U.S. CERT Partners Program of the National Cyber Security Division of the Department of Homeland Security.
Patrolling Cyberspace is a small book full of delights for anyone interested in the history of our field and in the thoughtful reflections of one of its major contributors. Here’s a quick overview of topics in the nine chapters of this little gem (I’m not expanding acronyms this time):
1. Political Protest or Criminal Intent? Phreakers and early hackers from the 1960s and 1970s; PHRACK, Mitnick, Legion of Doom, Masters of Deception, Eric Bloodaxe, Phiber Optik, the Steve Jackson Games debacle, Operation SunDevil.
2. Adversity is the Mother of Invention: Mike Anderson and computer forensics, safeguarding evidence, recovering deleted files, early file-validation tools, pre-Photoshop graphics manipulation.
3. Worming a Way into History: The Cuckoo’s Egg, the Morris Worm, Datastream Cowboy & Kuji v. Rome Labs.
4. Fighting 21st-Century Crime with 18th-Century Laws: BBSs and child porn, First Amendment rights, new conceptions of trespass and theft, search-and-seizure changes, new resources for police, CFAA, ECPA.
5. From Fame to Fortune: phishing, Russians, hats, Dan Farmer & SATAN, ILF and DoS, MafiaBoy & DDoS, Fluffi Bunni, Melissa, Code Red, Nimda, Blaster, security through obscurity.
6. An International Affair: I Love You, Indo-Pakistan cyberwar, China Eagle Union, ILF again, Scott Charney & the international anti-cybercrime effort, the culture of security.
7. Safeguarding Our Goods: educating the police, the US federal response, child pornography, intellectual property rights, jurisdictional nightmares.
8. Where We’re Most Vulnerable: Senate Armed Services Committee on Security in Cyber Space, GAO report on DoD systems being attacked, PCCIP, PDD-63, information sharing my eye, PCIPB, DHS, not crying wolf, Titan Rain.
9. The Highway Ahead: Top Ten Trends Impacting Security, cybercrime will become normal, identity theft will get worse, distrust v. optimism.
It’s a great read!