Ben McCarty’s CYBERJUTSU: Cybersecurity for the Modern Ninja is an intriguing and, for the most part, successful attempt to illustrate and illuminate modern cybersecurity issues in the light of historical parallels. In this case, the historical parallels are the strategies and techniques used by Japanese ninjas (“shinobi”) to infiltrate, gather information from, and coordinate attacks on enemy castles, as outlined in scrolls only recently translated into English (most notably the Bansenshūkai).
The chapters are clearly organized for readability and ease of reference with each starting with a description of a particular shinobi technique or strategy, followed with a discussion of its relevance to modern cybersecurity issues. For example, the first chapter addresses the creation of meticulously accurate maps, which is analogous to creating a network map outlining the locations and routes on any given network. In both cases, this is intended to show vulnerable points open to easy attack. He then offers a discussion of how to best counter that problem, with the network’s security personnel taking the place of the lord of the castle and his guards, defending their stronghold against attack. This is followed by a thought exercise, a summary of recommended security controls and mitigations, and a quick chapter summary called a “debrief.” This structure allows both a detailed explanation of both potential attacks and counters, for deeper consideration and examination, as well as a quick reference summary for those who simply need a quick memory refresher on the job. The analogies are for the most part well-drawn and reasonable, with the goals and techniques of the shinobi spy, assassin, or saboteur directly related to those of the modern hacker, and the countermeasures likewise clearly shown in response.
McCarty’s credentials are substantial and impeccable, with many years of expertise in cybersecurity in the military and civilian worlds, and the book’s technical reviewer is likewise an experienced professional in the field – this shows in the detailed and substantial recommendations given for each chapter. But even a technical know-nothing can get the gist of each chapter, if not the technical details, thanks to the author’s clear and effective language and storytelling flair. The historical framework allows cybersecurity problems to be framed in a manner that encourages creative analysis and fresh thinking, and combats the dullness, complacency, and cynicism that often plague security officers under less innovative and effective leadership. All in all, this book has potential to be of great use for those who are tasked with fighting off invasions, infiltration, and attack from modern cyber-shinobi.
CYBERJUTSU: Cybersecurity for the Modern Ninja is a very well researched and clearly organized book that uses Japanese history quite cleverly to illustrate modern cybersecurity problems, suggesting ways to counter technological invaders and hackers based on techniques used to defend castles against attacks by clever and resourceful ninja.
~Catherine Langrehr for IndieReader