The Fifth Domain
Richard A Clarke and Robert K Knake
(C) 2019
Penguin Press

Completed March, 2020

Summary:
Resilience is the key to maintaining secure systems in cyberspace. The idea here is to shift the advantage in cyberspace from the attacker to the defender. This quote sums it up, “We want to make our defenses so good, and our architectures so strong, that we do not care about whether we are being attacked most of the time because the attacks have no serious effects.”, p14. The remainder of the book reads like a manifesto of how to do that.

The ideas in “The Fifth Domain” apply to a wide swath of government and private industry. Clark and Knake remind us that the front line in the cyber domain lies with private corporations. They make a compelling argument that corporations need to do the basics well, and recommend the CSC-20 controls and the NIST Cybersecurity Framework as starting points. One idea they propose is that corporations need to work better as sharing intelligence.

The government’s role is discussed. A significant idea is that the government should give nudges and shoves as incentives to the private sector to improve defenses. That’s probably a good idea. They also write about power grids, elections and people.

That all is solid and sound.

I mentioned a wide swath of ideas? Three chapters toward the end deal with artificial intelligence, quantum computing, 5G data networks and IoT. The value with these chapters is that it helps us all realize there is more to come that will greatly impact cybersecurity.

This book is easy to read, but sometimes the authors wander. Ultimately I believe there is great value to be found in the ideas contained in it.

Yes, I would recommend it. You can get the physical version, the digital version, or the audiobook. Any one of these three should give you something to think about.