Steve Tornio and Brian Martin just published a 5,000 word rant against anyone who dares utter the name Sun Tzu in connection with information security. According to Tornio and Martin, Sun Tzu – the principal strategic authority who’s seminal work has served to guide China’s military and civilian leadership for 2500 years, is “ not relevant to modern day InfoSec ” because “information security is not warfare (leaving aside actual warfare, of course” . That’s a pretty huge stipulation considering that the People’s Republic of China has been heavily invested in information technology R&D to revolutionize both its Armed Forces and its civilian infrastructure simultaneously for the past 20 years or so. The same is true for the Russian Federation (sans Sun Tzu, of course). I’d love to hear either of these two gentlemen discuss where they make the distinction between InfoSec for the enterprise versus InfoSec as an “expression of warfare by other means” (to paraphras...
Just my ordinary blog...