Tamara Shoemaker – författare

Let’s be realistic here. Ordinary K-12 educators don’t know what "cybersecurity" is and could probably care less about incorporating it into their lesson plans. Yet, teaching cybersecurity is a critical national priority. So, this book aims to cut through the usual roadblocks of confusing technical jargon and industry stovepipes and give you, the classroom teacher, a unified understanding of what must be taught. That advice is based on a single authoritative definition of the field. In 2017, the three societies that write the standards for computing, software engineering, and information systems came together to define a single model of the field of cybersecurity. It is based on eight building blocks. That definition is presented here. However, we also understand that secondary school teachers are not experts in arcane subjects like software, component, human, or societal security. Therefore, this book explains cybersecurity through a simple story rather than diving into execution details. Tom, a high school teacher, and Lucy, a middle school teacher, are tasked by their district to develop a cybersecurity course for students in their respective schools. They are aided in this by "the Doc," an odd fellow but an expert in the field. Together they work their way through the content of each topic area, helping each other to understand what the student at each level in the educational process has to learn. The explanations are simple, easy to understand, and geared toward the teaching aspect rather than the actual performance of cybersecurity work. Each chapter is a self-contained explanation of the cybersecurity content in that area geared to teaching both middle and high school audiences. The eight component areas are standalone in that they can be taught separately. But the real value lies in the comprehensive but easy-to-understand picture that the reader will get of a complicated field.

Let’s be realistic here. Ordinary K-12 educators don’t know what "cybersecurity" is and could probably care less about incorporating it into their lesson plans. Yet, teaching cybersecurity is a critical national priority. So, this book aims to cut through the usual roadblocks of confusing technical jargon and industry stovepipes and give you, the classroom teacher, a unified understanding of what must be taught. That advice is based on a single authoritative definition of the field. In 2017, the three societies that write the standards for computing, software engineering, and information systems came together to define a single model of the field of cybersecurity. It is based on eight building blocks. That definition is presented here. However, we also understand that secondary school teachers are not experts in arcane subjects like software, component, human, or societal security. Therefore, this book explains cybersecurity through a simple story rather than diving into execution details. Tom, a high school teacher, and Lucy, a middle school teacher, are tasked by their district to develop a cybersecurity course for students in their respective schools. They are aided in this by "the Doc," an odd fellow but an expert in the field. Together they work their way through the content of each topic area, helping each other to understand what the student at each level in the educational process has to learn. The explanations are simple, easy to understand, and geared toward the teaching aspect rather than the actual performance of cybersecurity work. Each chapter is a self-contained explanation of the cybersecurity content in that area geared to teaching both middle and high school audiences. The eight component areas are standalone in that they can be taught separately. But the real value lies in the comprehensive but easy-to-understand picture that the reader will get of a complicated field.

The art of war is of vital importance to the state. It is a matter of life or death. Hence, it is a subject which can on no account be neglected.—Sun TzuWhy are we calling this war? It’s because the conflict in cyberspace is a matter of national concern, and we are, most assuredly, losing the current struggle. So, what do we do? The person who best understands war is a 2,300-year-old Chinese general who saw conflict as more about process and strategy than fighting. Which, in essence, is the holistic concept.Hence, this book is founded on two principles. First, cybersecurity is a state, not a technical solution. Accordingly, people and organizations must take active steps to both design and sustain a consistently secure operational process. Second, it’s given that you have not attained the desired state if you have failed to deploy all of the controls necessary to achieve it.The catch-all term for such an approach is “holistic.” A holistic control architecture is the only way to achieve adequate protection. Therefore, holistic cyber defenses embody a single, unified system of electronic, behavioral, and physical controls that enforce continuous security across all common attack surfaces.Why does the solution need to be holistic? It is because the cybersecurity function is responsible for securing three distinct and disparate types of attacks – electronic, human, and physical. And just as in war, the adversary doesn’t care which attack surface they breach. They only want your stuff, and they will do whatever it takes to get it. In that respect, then, the only practical approach to cybersecurity is to create an integrated, appropriately tailored defense against any viable threat… electronic, human, or physical.This book describes the lifecycle process for conceptualizing, implementing, and maintaining a holistic control solution. It centers on a well-defined process for planning, building, and ensuring comprehensive, in-depth cyber defense. In that respect, then, we will demonstrate why holistic security is the only way for an organization to identify and address all valid threats to its digital resources.