The purpose of this slide is to find a commonality among InfoSec, PMP and Chan. While two are quite modern and systematic oriented, the last one had existed for thousand of years and viewed as simplistic. After all, one just sits and finds the inner peace. But Chan is a discipline that is also measurable just like its modern counterparts as this slide will show.
项目资安禅 - Project Management, Information Security & ChanChuan Lin
这简报的目标是查找项目、资安与禅之间的共同点。 先前两个都相当现代化和系统化的。 禅已经存在了几千年来,看来是简单化而无系统化的。 但是禅也是个相当系统化、并有科学与研究的后盾。
The purpose of this slide is to find a commonality among InfoSec, PMP and Chan. While two are quite modern and systematic oriented, the last one had existed for thousand of years and viewed as simplistic. After all, one just sits and finds the inner peace. But Chan is a discipline that is also measurable just like its modern counterparts as this slide will show.
The purpose of this slide is to find a commonality among InfoSec, PMP and Chan. While two are quite modern and systematic oriented, the last one had existed for thousand of years and viewed as simplistic. After all, one just sits and finds the inner peace. But Chan is a discipline that is also measurable just like its modern counterparts as this slide will show.
项目资安禅 - Project Management, Information Security & ChanChuan Lin
这简报的目标是查找项目、资安与禅之间的共同点。 先前两个都相当现代化和系统化的。 禅已经存在了几千年来,看来是简单化而无系统化的。 但是禅也是个相当系统化、并有科学与研究的后盾。
The purpose of this slide is to find a commonality among InfoSec, PMP and Chan. While two are quite modern and systematic oriented, the last one had existed for thousand of years and viewed as simplistic. After all, one just sits and finds the inner peace. But Chan is a discipline that is also measurable just like its modern counterparts as this slide will show.
Thirty-Six Stratagems of Social Engineering, Part IChuan Lin
Why Thirty-Six Social Engineer Stratagems?
As organization/nation-states are strengthened software and network aspect of cyber defenses, attackers have to look for other ways to access data.
Cyber attacks like all forms of warfare are ever escalating. In 2003, phishing introduced the art of social engineering into information security world. An email, that informed users of their password expiration, has opened up a new battlefront.
For a more sophisticate and escalate data breach, a master plan will be required, numerous stratagems are hatched to deal with various scenario, and vast numbers of bots will provide ample firepower.
An objective for this slide is to provide food for thoughts to InfoSec Pro (Information Security Professions) to recognize patterns and hopefully come up with means to deal with them.
Warfare is an extension of state in exerting its influences.
Project is an extension of a company in exerting its competitiveness.
While PMI provides standards, best practices, and guidelines, it views situations within the box. Practitioners are advised to follow through Organization Process Assets (OPA), Enterprise Environmental Factors (EEF), and/or advises of senior members on non-standard situations.
Sunzi's Art of War can offer a valuable insights from outside the box.
There are common issues faced by generals and project managers.
1) Time/Heaven – it is always a race against time because any prolongment drains available resources.
2) Resources/Earth – While it is necessary to spend capital toward the completion of project, no project is worth the cost, if the end result would bankrupt a nation/company.
3) People – Whether internal stakeholders to external vendors or domestic oppositions to foreign combatants, they are the wildcards in a control environment.
Thirty-Six Stratagems of Social Engineering, Part IChuan Lin
Why Thirty-Six Social Engineer Stratagems?
As organization/nation-states are strengthened software and network aspect of cyber defenses, attackers have to look for other ways to access data.
Cyber attacks like all forms of warfare are ever escalating. In 2003, phishing introduced the art of social engineering into information security world. An email, that informed users of their password expiration, has opened up a new battlefront.
For a more sophisticate and escalate data breach, a master plan will be required, numerous stratagems are hatched to deal with various scenario, and vast numbers of bots will provide ample firepower.
An objective for this slide is to provide food for thoughts to InfoSec Pro (Information Security Professions) to recognize patterns and hopefully come up with means to deal with them.
Warfare is an extension of state in exerting its influences.
Project is an extension of a company in exerting its competitiveness.
While PMI provides standards, best practices, and guidelines, it views situations within the box. Practitioners are advised to follow through Organization Process Assets (OPA), Enterprise Environmental Factors (EEF), and/or advises of senior members on non-standard situations.
Sunzi's Art of War can offer a valuable insights from outside the box.
There are common issues faced by generals and project managers.
1) Time/Heaven – it is always a race against time because any prolongment drains available resources.
2) Resources/Earth – While it is necessary to spend capital toward the completion of project, no project is worth the cost, if the end result would bankrupt a nation/company.
3) People – Whether internal stakeholders to external vendors or domestic oppositions to foreign combatants, they are the wildcards in a control environment.
How ancient Chinese Classics, Great Learning, remains relevant in modern information security profession. This presentation will show side by side of what was true back in 400 BC, can also apply to modern day 21st Century. It is also the first book on MaaS (Management as a Service).
大学的三纲跟(ISC)2和SAN的守则没有什么不同。
十资安域和技术信息的知识是对于信息安全专业有必要地。但个人的道德标准是有预期但不多指示、只要按照各种法律/裁决像HIPAA、SOX、GLBA、安全港等就算了。
我相信大学是信息安全(InfoSec)专业伦理有用的指南。
Revisit the Three Kingdoms was a quarterly issue ezine on China's Three Kingdoms era. It was created as part of Romancing Cathay which was a group of people interested in playing and introducing games about Ancient China. There were many impressive and exciting tall tales, legends, myths, and historical events that we believed would fascinate players world-wide. Our goal was to introduce these captivating stories in various game formats. In addition, we felt that through playing games, people would become more curious in learning more about China.
Content
Sorry for the Delay
Cao Cao's Ambition , part 5b of 9
Zhange He, the Marquis of Strength
Zhou Yun, the Artful General
Adventure at Qian-tong
Web Reference
Catalog
Romance of the The Kingdoms Manga Volume I Sneak Peak
Yellow Emperor Internal Canon on Information Security - part 1Chuan Lin
Yellow Emperor Internal Canon (YEIC) is a part of series of Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness.
This presentation is an obsequious attempt to apply YEIC to Information Security.
Revisit the Three Kingdoms was a quarterly issue ezine on China's Three Kingdoms era. It was created as part of Romancing Cathay which was a group of people interested in playing and introducing games about Ancient China. There were many impressive and exciting tall tales, legends, myths, and historical events that we believed would fascinate players world-wide. Our goal was to introduce these captivating stories in various game formats. In addition, we felt that through playing games, people would become more curious in learning more about China.
Content
Looking Back, Looking Forward
Cao Cao's Ambition , part 5 of 9
Art of Propriety
Yu Jin, General of Tiger's Awe
Zhou Yun, the Artful General
Reference and Resources
There was a plan do a Kickstarter for the romance of the three kingdoms table top role playing game. Preview ad is @
https://www.kickstarter.com/projects/sanguine/1817858762?token=79efaf43
這簡報的目標是查找專案、資安與禪之間的共同點。先前兩個都相當現代化和系統化的。禪已經存在了幾千年來,看來是簡單化而無系統化的。但是禪也是個相當系統化、並有科學與研究的後盾。
The purpose of this slide is to find a commonality among InfoSec, PMP and Chan. While two are quite modern and systematic oriented, the last one had existed for thousand of years and viewed as simplistic. After all, one just sits and finds the inner peace. But Chan is a discipline that is also measurable just like its modern counterparts as this slide will show.
The document discusses events in China around 197 AD during the late Han Dynasty. Liu Bei fled from his position in Xiaopei city, fearing an attack from Yuan Shu's general Ji Ling. Liu Bei sought protection from Cao Cao, who reinstated him. Meanwhile, Lu Bu allied with Yuan Shu but disagreed with attacking Liu Bei. Yuan Shu later declared himself emperor, causing Cao Cao and Lu Bu to turn against him. Chen Deng of Xu province helped Cao Cao and gained promotions, angering Lu Bu. Yuan Shu then attacked Xu province in response to Lu Bu's betrayal.
Revisiting the Three Kingdoms Quarterly is a pdf ezine dedicated to the advocacy and increase general awareness of Romance of the Three Kingdoms period.
Historical Articles:
Cao Cao's Ambition
Jiao, Shen, and Ling
Dong Zhuo, the Tyran
Peach Garden Oath theme deck
FUDGE - Revisiting the Three Kingdoms in a nutshell
International Journal for Romance of the Three Kingdoms
Vol 1 Issue 2 - February 2002
Revisiting the Three Kingdoms Quarterly is a free pdf
magazine dedicated to the advocacy and increase general awareness of Romance of the Three Kingdoms period.
Historical Articles
Life of Cào Cao - Part II: The Foundation (190 - 195 AD)
Late Han Dynasty Bureaucracy
Sun Jian, Scion of Sun-tze
My first attempt on creating ezine that focused on Three Kingdoms period in China back in early 2000s.
Contents included
- Story of Cao Cao (Part 1 of 9)
- Army Structure During Three Kingdoms Period
- Lu Bu: East and West views
- Review of games with Three Kingdoms theme
This document discusses the similarities between the board game Go (also known as Weiqi) and information security (InfoSec). It describes how Go components like stones, the board, and lines of defense map to InfoSec concepts like technologies, company locations, and layers of security. Stones represent both offensive and defensive tools, and the board represents a company, with intersection points as areas where networks, hardware, software, and people converge. Different board sizes correlate to company sizes, and strategic points on the board are like critical assets to protect. The document advocates viewing InfoSec defenses holistically and in depth, rather than focusing on any single area.
Great Learning & Information Security - English editionChuan Lin
How ancient Chinese Classics, Great Learning, remains relevant in modern information security profession. This presentation will show side by side of what was true back in 400 BC, can also apply to modern day 21st Century. It is also the first book on MaaS (Management as a Service).
How ancient Chinese Classics, Great Learning, remains relevant in modern information security profession. This presentation will show side by side of what was true back in 400 BC, can also apply to modern day 21st Century. It is also the first book on MaaS (Management as a Service).
大學的三綱跟(ISC)2和SAN的守則沒有什麼不同。
十資安域和技術信息的知識是對於信息安全專業有必要地。但個人的道德標準是有預期但不多指示、只要按照各種法律/裁決像HIPAA、SOX、GLBA、安全港等就算了。
我相信大學是信息安全(InfoSec)專業倫理有用的指南。
57. 參考
Slide 33 & 41: The Yi Globe – the Cosmos in the I Ching is done by József
Drasny, Budapest, 2007 and his website: http://www.i-
ching.hu/index.htm
Following graphs are from Hackmageddon
(http://hackmageddon.com/)
Slide 43: motivations behind attacks, September 2014
Slide 43: distribution of targets, September 2014,
Slide 44: attack techniques, September 2014
Slide 53: Top 10 famous computer hackers images are from
http://h4x3r.quora.com/Top-10-famous-Computer-HACKERS
Slide 54: various images are pulled from bing image search based on
the article, http://www.topcomputersciencedegrees.com/notorious-
hacker-groups/