Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies

Posted on by Ben Rothke

Advanced persistent threats (APT) have gotten significant amounts of press over the last few years. When I first scanned the title of this book, I assumed it was on that topic. While Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies (Syngress 978-0128093160) does details APT, that’s not the main focus.


The books notion of advanced persistent security means ensuring that security is built into every aspect of a system. This goes from endpoint to server, and covers everything in between. In the book, authors Ira Winkler and Araceli Treu Gomes have written a somewhat advanced introduction to security guide. Their premise may not be so earth shattering; but the massive number of security breaches & indicates prove that far too many firms didn’t get the memo about building secure systems.

Many organizations have purchased unified threat management (UTM) devices that were meant to be a single all-inclusive security appliance. Too many of them thought that security meant having the device in their data center and not having to do anything else. This is the perfect book for such people, as Winkler and Gomes show that effective information security requires a lot more than a single expensive appliance.

The authors write that a more appropriate title for the book would be Adaptive Persistent Security. The aim being that information security systems have to be proactive in nature and design; to which this is not a trivial point. The authors propose methods for more adaptive and comprehensive approaches to information security.

Winkler and Gomes write that failure is an integral part of information security. No one can build a system that won’t fail. Rather the systems should be resilient enough when failure does, and eventually occurs. The advanced persistent security methodology they propose means that a security program should proactively adapt to the failures of protection such that any loss is minimized.

The authors admit that the book does not provide any technological breakthroughs. Rather they provide advanced methods for implementing already available technologies. At 230 pages, what the book lacks in depth, it makes up for in its tactics for effective information security. For those looking for a methodology to create a more robust information security program, Advanced Persistent Security is a valuable resource.


Ben Rothke

Senior Information Security Manager, Tapad

hackers & threats data security security awareness security operations

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community