* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Cybersecurity Canon](https://www2.paloaltonetworks.com/blog/category/canon/)
* Cybersecurity Canon Candi...

# Cybersecurity Canon Candidate Book Review: Cyber-War: Anatomy of the Global Security Threat

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2018%2F12%2Fcybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat%2F)  
[](https://twitter.com/share?text=Cybersecurity+Canon+Candidate+Book+Review%3A+Cyber-War%3A+Anatomy+of+the+Global+Security+Threat&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2018%2F12%2Fcybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2018%2F12%2Fcybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat%2F&title=Cybersecurity+Canon+Candidate+Book+Review%3A+Cyber-War%3A+Anatomy+of+the+Global+Security+Threat&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2018/12/cybersecurity-canon-candidate-book-review-cyber-war-anatomy-global-security-threat/&ts=markdown)  
\[\](mailto:?subject=Cybersecurity Canon Candidate Book Review: Cyber-War: Anatomy of the Global Security Threat)  
Link copied  
By [William Yurek](https://www.paloaltonetworks.com/blog/author/william-yurek/?ts=markdown "Posts by William Yurek")  
Dec 07, 2018  
6 minutes  
[Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)  
[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)  
[CYBER WAR](https://www.paloaltonetworks.com/blog/tag/cyber-war/?ts=markdown)  
[cybersecurity canon](https://www.paloaltonetworks.com/blog/tag/cybersecurity-canon/?ts=markdown)  
[Cybersecurity Canon Review](https://www.paloaltonetworks.com/blog/tag/cybersecurity-canon-review/?ts=markdown)  
[JULIAN RICHARDS](https://www.paloaltonetworks.com/blog/tag/julian-richards/?ts=markdown)  
[William Yurek](https://www.paloaltonetworks.com/blog/tag/william-yurek/?ts=markdown)

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/cybersecuity-canon-blog-600x260.png)

*We modeled the [Cybersecurity Canon](https://cybercanon.paloaltonetworks.com/) after the Baseball Hall of Fame and the Rock \& Roll Hall of Fame, except it's a canon for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number. Please write a review and nominate your favorite.*

*The Cybersecurity Canon is a real thing for our community. We have designed it so that you can [directly participate in the process](https://cybercanon.paloaltonetworks.com/nominate-a-book/). Please do so!*

Executive Summary

*Cyber-War* attempts to demystify technical concepts surrounding the study of cyber threats and, in particular, the likelihood and possibility of a cyber war. It does so by focusing on certain key debates within government and academic circles and bringing a plain-language approach to them. He does this through examinations of the hyperbole and generalizations that often accompany such debates. In doing so, the author, Julian Richards, largely accomplishes his goal, which is not one of resolving debate but rather encouraging a standard framework for that debate.

While the approach Richards uses in *Cyber-War* is a valid one, his examples and conclusions suffer a bit from the passage of time and the accompanying increased understanding and visibility of the strategic cyber threats facing the U.S. For this reason, I am not recommending it for inclusion in the Cyber Canon.

Review

*Cyber-War* 's author, Julian Richards is the Co-Director of the Centre for Security and Intelligence Studies at the University of Buckingham, U.K. He spent 17 years working in security and intelligence for the U.K. government. But despite being written by a U.K. security expert, *Cyber-War* is remarkably U.S.-centric in its analysis, perhaps owing to the relative wealth of cyber incidents affecting, or publicized in, the U.S.

Richards begins with the premise that we can't really have an honest discussion about the real risk posed by cyber attacks and whether those attacks rise to the level of cyber war because of two impediments to analysis: 1) Cyber is an inherently technical realm, which in essence makes it difficult for non-techies to understand and assess; and 2) Discussion of the potential for cyber war is framed more in terms of science fiction rather than fact. *Cyber-War* sets out to "cut through some of the myth and hyperbole surrounding the cyber debate." Richards doesn't really seek to resolve or settle any debate (although he admits to having his own views), but instead to lay out a clearer playing field for those debates. To that extent, *Cyber-War* is relatively successful.

Richards begins his book by bringing up some of the major cyber events from preceding years. He highlights the fact that often, the initial knee-jerk response to these events was to assign blame to actors in accordance with developing norms of the time, e.g., to assign blame to Russia for a SCADA attack when in fact it was a simple error by an employee. Having lived through the response to that "attack," and witnessing firsthand the speed with which a conclusion was reached, I recognize and appreciate his point. However, Richards does have a clear "the cyber Pearl Harbor attack isn't likely" bias (one to which he admits) that may lean too far in the other direction.

Through its six chapters, *Cyber-War* brings out some issues surrounding the overall debate about the likelihood, and indeed the very definition, of cyber war. For example:

* Are cyber attacks the archetypal modern asymmetric technique, or are they simply a new way of conducting or supplementing warfare as it's been conducted throughout history? As part of this discussion, Richards brings up the very real catch-22 of U.S. technological superiority: It makes us both the beneficiary and likely victim of the asymmetric cyber threat.
* Do even the most egregious cyber attacks by nation states constitute an act of war in the traditional sense of the term? The discussion of this point is relatively simplistic considering the various international-law, national-security, and military-doctrine overlays inherent in any such analysis. This question alone can be, and has been, the basis for an entire book.
* Are China and Russia developing military-grade capabilities for use in a future wartime conflict? Or is the analysis of those countries' activities a reflection of an antiquated "Cold War mentality" in the U.S.? The author leans toward the U.S. position being driven more by hyperbole than fact with respect to this question --- a position I don't find all that convincing, especially when informed by developments since the book was published.
* How should states develop counterthreat strategies in the contemporary era, especially in light of the mutual dependencies of the private and government sectors and the privacy considerations they engender? The author shies away from the common consideration of cyber war as analogous to a nuclear attack and suggests that an analogy to biological/chemical attacks is more fitting.
* Is the general three-tier categorization of cyber warfare threats (cyber-enabled traditional information operations, which can happen both during conflict and in peacetime scenarios; cyber attack activities, which enable battle in the physical realm; and cyber attacks, which cause real physical death and destruction) appropriate, and does it facilitate defining when cyber war exists? Richards appears to dismiss the last of these as unlikely due to political and practical factors.

Conclusion

*Cyber-War* is an interesting read for those who are in the earlier stages of educating themselves about the cyber threat and when it slides into the realm of cyber war, as well as what could be done when that shift occurs. It is, however, hampered by its relative age. Although not an old book by most standards, it doesn't benefit from the events of the last 4 years. Those events, including chiefly the rise in hacks of huge government and private sector systems, as well as the disclosure of cyber-facilitated information manipulation in the 2016 election, paint a different background for today's analysts.

*Cyber-War*'s continued value is in its promotion of careful analysis and common vocabularies as necessities for a productive discussion of the cyber threat. It guides the reader toward a healthy skepticism of some accepted "truths" about cyber threats.

*** ** * ** ***

## Related Blogs

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### The Cybersecurity Canon - Cyberlaw: The Law of the Internet and Information Technology](https://www2.paloaltonetworks.com/blog/2018/02/cybersecurity-canon-cyberlaw-law-internet-information-technology/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "InSecurity"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-insecurity/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: How America Lost Its Secrets](https://www2.paloaltonetworks.com/blog/2020/03/book-review-how-america-lost-its-secrets/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "The Perfect Weapon"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-the-perfect-weapon/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "No Place to Hide"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-no-place-to-hide/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "CISO Compass"](https://www2.paloaltonetworks.com/blog/2020/02/cyber-canon-ciso-compass/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language