Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare

by Paul Rosenzweig

Cyberspace is the 21st century’s greatest engine of change. Telecommunications, commercial and financial systems, government operations, food production - virtually every aspect of global civilization now depends on interconnected cyber systems to operate; systems that have helped advance medicine, streamline everyday commerce, and so much more.

Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare is your guide to understanding the intricate nature of this pressing subject. Delivered by cybersecurity expert and professor Paul Rosenzweig, these 18 engaging lectures will open your eyes to the structure of the Internet, the unique dangers it breeds, and the ways we’re learning how to understand, manage, and reduce these dangers.

In addition, Professor Rosenzweig offers sensible tips on how best to protect yourself, your network, or your business from attack or data loss.
Disclaimer: The views expressed in this course are those of the professor and do not necessarily reflect the position or policy of the U.S. Department of Homeland Security, the U.S. Department of Defense, or the U.S. government.

Disclaimer: Please note that this recording may include references to supplemental texts or print references that are not essential to the program and not supplied with your purchase.

©2013 The Teaching Company, LLC (P)2013 The Great Courses

Genres: Technology, Nonfiction, Audiobook, Science, Computer Science, Education, Business

Audible Audio

First published January 1, 2013

Reviews

[Jon Larson · Rating 3 out of 5]

This was a good, broad overview of cybersecurity. However, because of the speed of change, especially in the computing world, this information is outdated. as of this review, the lectures were published coming up on 8 years ago. That is a lifetime ago in technology.

If you are looking to increase your general knowledge in this space, I think this is still relevant. For the average person, there are some good general tips in Lecture 16.

Being in the tech field, I would have enjoyed it much more if the material was current/relevant at this time.

[Daniel · Rating 4 out of 5]

Great intro into the cyber security. Covers all the bases in an easy understandable manner. I wish it would of gone into a bit more of the technical aspects of some of the major malware but I realize that is not what this course was for.

Well worth the minimal time commitment for anyone who is putting their toes in the cyber waters or even for seasoned professionals as a reminder of what has come and what is coming.

[Elwin Kline · Rating 4 out of 5]

Honestly... for on-the-go professional development for an information security professional, it's hard to beat this one.

These short lectures are perfect for trips back and forth to work and while a lot of content was familiar to me and nothing super ground breaking, they are good refreshers none the less. There were a few gems/new things here and there which I greatly appreciated.

I recommend this to any cybersecurity professional looking for some light, easy to digest, and rewarding professional development while on the move.

Only reason why I didn't give this a 5/5 is because most of the content was revisit material/content I have already been exposed to. For someone at a different stage in their knowledge, skill, and ability in the cybersecurity realm... this could easily be a solid 5/5.

[Mary · Rating 5 out of 5]

Listened to this Great Courses book. Excellent overview of cybersecurity. About ten years old, but terms given etc. so easy to google terms and bring yourself up to the date in the basics.

[Jason Holliday · Rating 3 out of 5]

Not overly technical for someone already in IT but a nice review and is sure to contain some new information even if you're already somewhat familiar with security. The professor's voice and speaking style was pleasant to listen to and reminded me a bit like Cramer from Mad Money without the edge.

[Feng Ouyang · Rating 3 out of 5]

"Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare" by Paul Rosenzweig is part of the "Great Courses" lecture series and is clearly aimed at a general audience without specialized knowledge. The course offers a broad overview of cybersecurity issues, focusing more on philosophical and policy-oriented perspectives than on technical details.

Paul Rosenzweig, the lecturer, brings a background in law and public policy rather than engineering or computer science. He served as Deputy Assistant Secretary for Policy at the Department of Homeland Security and now works as a senior cybersecurity consultant and law professor. His expertise shapes the course's emphasis on the legal and societal implications of cybersecurity.

The lectures explain that the roots of cyber vulnerability lie in the Internet's original design, which prioritized openness and distributed control. This foundational structure, while enabling rapid growth and innovation, has also made the Internet inherently insecure. Rosenzweig explores how this vulnerability can lead to real-world physical consequences, especially when critical infrastructure is targeted.

One of the course's central themes is the delicate balance between freedom and security. Effective cybersecurity measures may require examining private information and restricting certain personal freedoms. Rosenzweig argues that our core values must be reinterpreted and adapted to meet the challenges of the digital age.

He also examines cybersecurity through the lens of international relations, highlighting the challenges of applying domestic laws to cyber activities that frequently transcend national boundaries. Additionally, he explores the growing role of state-sponsored cyberoperations in modern warfare, raising complex questions about sovereignty, accountability, and global norms.

A major insight from the lectures is that cybersecurity can never be completely foolproof. A strong defense may reduce the likelihood of an attack or make a target less attractive, but it cannot stop a determined attacker indefinitely. As such, effective cybersecurity must include plans for damage control and recovery after a breach.

The course also offers some standard personal cybersecurity tips, such as using strong passwords, maintaining backups, and being cautious about online scams. While useful, these recommendations are widely known and do not contribute significantly to the overall value of the lectures.

Overall, "Thinking about Cybersecurity" presents an engaging introduction to cybersecurity issues, especially for those interested in the legal and ethical dimensions. It offers thoughtful reflections rather than practical solutions, making it a good starting point for anyone looking to understand the broader context of cybersecurity.

[Terry Koressel · Rating 3 out of 5]

I am of the baby-boom generation and, therefore, grew up before the digital, wired, interconnected cyber world in which we now live. This new world is fascinating to me, particularly given the speed of the transformation. Our work, our culture, our daily lives, even our relationships have been completely reshaped and the rate of progress is accelerating. It is in this context that I tackled this Great Course selection. The premise of the course is this: The early, limited use internet was designed to maximize communication efficiencies, but since the small cabal of early users were known to each other, security was not a priority. It's developers never contemplated the magnitude of world wide growth nor the critical world wide infrastructure is now supports. The security weaknesses are now apparent. As a world society, how do we manage these risks? That is a very interesting subject to me. However, the course was good but not great. I have listened to many other Great Courses which were outstanding. This one did not measure up to the normal standards. While Paul Rozenweig certainly kept the subject matter accessible to the layperson, I felt the material lacked depth and substance. I did not learn nearly as much as I had hoped. But I would still recommend the course if the subject matter of interest.

[Chad Schultz · Rating 4 out of 5]

As of 2021, this book is 8 years old. Typically anything related to technology would become completely obsolete by that point. Although this book would benefit from updates referencing a more current state of affairs and stories that have occurred in the intervening years, it is not obsolete. This book goes from the origin of the Internet to the possible revolution of quantum computing, and discusses (at a high level) the concerns of cybersecurity and the legal, moral, practical and personal conundrums. For example, modern warfare has rules like "don't attack hospitals" and "meet attacks with a proportionate response, but not necessarily using the same vector." But how does that apply to cyberwarfare? Should we respond to cyberattacks with conventional attacks? What if we launch a cyberattack that goes through the networks of neutral countries, or accidentally harms a hospital?

The book even provides some sensible basic tips on keeping yourself safe online.

This isn't an amazing, earth-shattering book. But it's a decent explainer, so it's a good resource for everyone to use to grasp some of the personal and national security issues brought about my modern connectivity.

[TJ Totland · Rating 5 out of 5]

One of the best books I have read on cybersecurity so far, even though its about 10 years out of date. I run a computer business and now I am considering focusing it just on providing cyber security services to families and small companies because we all need help protecting ourselves from this crazy Internet we all love so much.

One fact he mentioned several times in the book. You cannot protect yourself on the Internet and you will get hacked. Our jobs then are not only to provide the best defense we possibly can, but to prepare for what we will do when we are hacked. It happens all the time and its better to be prepared.

There are a few books that I can read multiple times and this book is one of them. I only wish he will create a n updated one with more current information.

[Ashraf · Rating 5 out of 5]

Very good written and quite structured approach, despite being dated topics are mostly still quite relevant. Unique focus and centric on United States and a passable mention on Canada, disregards other cultures and experiences, outside of US. Most of the legal and governance come from AMERICAN perspective. A good content all the same, even experts may find mental food for certain areas. Highly recommended for both novice and intermediate level.

[Tom · Rating 3 out of 5]

If you are interested in learning about cybersecurity, this would be a good book to read. I picked this book, because the author was knowledgeable about law and I was interested to see this topic from that perspective. While repetitive is many spots, there is still a lot one could learn.

[Yates Buckley · Rating 5 out of 5]

Good lecture series, bit out of date and just an introduction but still quite useful information, that even experts might not have come actoss.

Very US centric, ignores the asymmetric problems developing nations have in this area.

[Esben · Rating 3 out of 5]

This was a pretty good course series but for it to be a lecture series, I was missing significantly more technical details, unfortunately. However, it highlighted good cases I didn’t know and talked about the governance of cybersecurity.

[Andrew Obrigewitsch · Rating 4 out of 5]

An excellent series of lectures on cyber security and how technology has pervaded our lives, potentially places us at greater risk than ever.

[Steve · Rating 4 out of 5]

Great primer on cybersecurity. Not just the basics. One thing that I learned from this was threats from the hardware and service layers.

[Kubi · Rating 3 out of 5]

Too basic and in 2020 already quite outdated.

[Ny_a · Rating 3 out of 5]

Cloud is presented as future concept. Nice general concepts of security explained.

[Tania · Rating 4 out of 5]

These lectures are fairly old (late 2012), but many of the concepts are still relevant to the world of cybersecurity. A good primer of cybersecurity issues and workarounds.

[Ralph Trickey · Rating 4 out of 5]

Needs an update
The material isn't bad for an overview, and most of the stuff is still relevant, but it desparately needs an update.

[Jonathan Love · Rating 5 out of 5]

http://www.audible.com/listener/ATLA4...

[Anastasia · Rating 3 out of 5]

An interesting topic with a lot to think about and precautions to take.

[Joseph L. · Rating 3 out of 5]

Watch a detailed review along with my favorite ideas and takeaways at:
https://youtu.be/820KxDUuJ9s

[Norjak · Rating 3 out of 5]

3.5 standard fare/content for anyone in the biz.

[Tibike · Rating 4 out of 5]

For those that are familiar with the subject it is a great recap, and for those that are not that familiar it might be a nice intro.

[Lee · Rating 4 out of 5]

A generally informative series of lectures that, while dated, have a lot to recommend them to the general reader.

[Jason · Rating 3 out of 5]

I'm not an expert. It struck me as a good overview, but specifics are quickly outdated.

[Sal Coraccio · Rating 4 out of 5]

It is a lecture series on cybersecurity with a knowledgeable and talented speaker. He's not so smooth that it's off-putting and his interaction with a live audience helps with that.

Starts with a history of the modern age; the origins of it, though it focuses on Stuxnet rather than digging too deeply into the WW2 thread. And to me, that makes sense as a point of relevancy. From there it moves smoothly into a lecture on the scope of the game.

That includes a brief discussion on the 5 layer model, though I think a bit more detail on the unencrypted parts of the first layer may help folks understand the vulnerabilities (literally) inherent in the system. A matter of personal preference - the author clearly knows his stuff.

It describes the 5 gateways of vulnerability, and the various threats that attack them (viruses, botnets, etc.).

And from there, an exploration of the challenges of identity (pluses and minuses) and how those concepts interact with fraud, theft and various forms of organized crime. Related to that is hactivism (hello, Anonymous).

Then a few lectures on how to control the situation, or try to - so this covers governance, the constitution, etc. Some talk of ISO 27001 would have been nice.

And a few scary bits on Big Data and privacy. Don't bother being afraid - being afraid that your personal life is being cataloged in detail is a bit like being afraid of the boogeyman in the closet - hiding under the bed will do you about as much good as jumping up and down on it. Well, I guess if the boogeyman is an actual person with petabytes of fast storage and quantum processors...

For myself, the scariest part comes near the end, with a discussion of hardware vulnerabilities. The chips and firmware that are in our devices from foreign and unfriendly agencies that influence the manufacture of that ubiquitous infrastructure. So very little is being done about this and it is a very real problem.

Ultimately, the lectures end with discussions of how to recover quickly and to react well from cyber attack - because it is really more a matter of when, than if.

High marks and highly recommended. It is mostly executive overview level stuff, but because of the broad scope and the author's ability to arrange the lectures in an interrelated didactic way makes it well-suited as a means to deeper study.

[Chuck · Rating 4 out of 5]

Paul Rosenzweig's "Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare" is part of the Great Course Series. The course covers both general background and current issues in Cybersecurity.

Paul Rosenzweig is an attorney, an academic, a consultant, and a political appointee. He is expert in the material at many levels, including at policy levels. He is also an excellent presenter.

The Great Courses products consists of entry college level courses, each encompassing multiple lectures.The presenters are all experienced academics and University level lecturers. The presenters generally have a doctorate and deep understanding in that particular field. I listened to the audio version.

As a general note, I greatly enjoy the Great Course series. The presenters are expert in the material as well as highly experienced in presenting that material. I almost always richly rewarded for the slight effort I expend in listening. Additionally, listening to the lectures makes local traffic jams far more tolerable.

As I am often unfamiliar with the entire field,there is often an element of whimsy to these courses, because I cannot accurately predict what will be covered. And I have almost always found that unexpected approach to be extremely rewarding.

I found this series of lectures a very useful introduction to the general field of Cybersecurity.I am familiar with technical implementation of Cybersecurity. However, I was not familiar with policy determination. Nor with the underlying legal basis. While unexpected, this material removed blinders and introduced me to important elements that I had generally ignored.

I would highly recommend this course to anyone interested in the entire breadth of Cybersecurity. This course will be particularly rewarding to those who have been concentrating only on the technical aspects. It may not help with passing the CISSP, but it will enhance your career afterward.

[Jake Cohen · Rating 3 out of 5]

Not bad. This book is targeted at people with only a very basic technical understanding of computers, and therefore uses lots of analogies and simplifications.

Most of the book is descriptive, though there are a few chapters that venture into more prescriptive territory, such as suggestions for reform to the notion of online privacy in the wake of huge technical advances that have all but made technical solutions to maintaining privacy impossible. I'm not sure I agree with these, and I feel he gave up a little too easily in trying to make this area open for the reader to decide, as he had done in the other sections.

Also his technique for creating a secure password involving taking the first letter from the words of your favorite movie quote, then appending some numbers to the end, is probably not as secure as it sounds. Once you've limited the first characters of your password to the initial letters of movie quotes, you've vastly reduced the possible number of letter sequences.

[Teo · Rating 3 out of 5]

2016.07.07–2016.07.11

Contents

Rosenzweig P (2013) (18 x 00:32) Thinking about Cybersecurity - From Cyber Crime to Cyber Warfare

01. Stuxnet—The First Cyber Guided Missile
02. The Incredible Scope of Cyberspace
03. The Five Gateways of Internet Vulnerability
04. Of Viruses, Botnets, and Logic Bombs
05. The Problem of Identity on the Network
06. Cyber Fraud, Theft, and Organized Crime
07. Hacktivists and Insurgency
08. Nations at Cyber War
09. Government Regulation of Cyberspace
10. International Governance and the Internet
11. The Constitution and Cyberspace
12. Big Data—''They'' Know Everything about You
13. Privacy for the Cyber Age
14. Listening In and Going Dark
15. The Devil in the Chips—Hardware Failures
16. Protecting Yourself in Cyberspace
17. Critical Infrastructure and Resiliency
18. Looking Forward—What Does the Future Hold?