* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [Cybersecurity](https://www.paloaltonetworks.com.au/blog/category/cybersecurity-2/)
* The Cybersecurity Canon: ...

# The Cybersecurity Canon: Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F03%2Fcybersecurity-canon-advanced-persistent-security-cyberwarfare-approach-implementing-adaptive-enterprise-protection-detection-reaction-strategies%2F)  
[](https://twitter.com/share?text=The+Cybersecurity+Canon%3A+Advanced+Persistent+Security%3A+A+Cyberwarfare+Approach+to+Implementing+Adaptive+Enterprise+Protection%2C+Detection%2C+and+Reaction+Strategies&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F03%2Fcybersecurity-canon-advanced-persistent-security-cyberwarfare-approach-implementing-adaptive-enterprise-protection-detection-reaction-strategies%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F03%2Fcybersecurity-canon-advanced-persistent-security-cyberwarfare-approach-implementing-adaptive-enterprise-protection-detection-reaction-strategies%2F&title=The+Cybersecurity+Canon%3A+Advanced+Persistent+Security%3A+A+Cyberwarfare+Approach+to+Implementing+Adaptive+Enterprise+Protection%2C+Detection%2C+and+Reaction+Strategies&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2017/03/cybersecurity-canon-advanced-persistent-security-cyberwarfare-approach-implementing-adaptive-enterprise-protection-detection-reaction-strategies/&ts=markdown)  
\[\](mailto:?subject=The Cybersecurity Canon: Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies)  
Link copied  
By [Ben Rothke](https://www.paloaltonetworks.com/blog/author/ben-rothke/?ts=markdown "Posts by Ben Rothke")  
Mar 08, 2017  
4 minutes  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)  
[Araceli Treu Gomes](https://www.paloaltonetworks.com/blog/tag/araceli-treu-gomes/?ts=markdown)  
[cybersecurity canon](https://www.paloaltonetworks.com/blog/tag/cybersecurity-canon/?ts=markdown)  
[Ira Winkler](https://www.paloaltonetworks.com/blog/tag/ira-winkler/?ts=markdown)

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/10/Big-Canon-Banner.png)  
[![big-canon-banner](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/10/Big-Canon-Banner.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/10/Big-Canon-Banner.png)

*We modeled the* [*Cybersecurity Canon*](https://www.paloaltonetworks.com/threat-research/cybercanon.html)*after the National Baseball Hall of Fame and the Rock \& Roll Hall of Fame ­-- but for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to significantly increase the number. Please write a review and nominate your favorite.*

*The Cybersecurity Canon is a real thing for our community. We have designed it so that you can* [*directly participate in the process*](https://www.paloaltonetworks.com/threat-research/cybercanon/nominate-a-book)*. Please do so!*

Book review by Cybersecurity Canon committee member Ben Rothke, "Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies," Syngress 2016, by Ira Winkler and Araceli Treu Gomes

### Executive Summary

Advanced persistent threats (APT) have been given a significant amount of press over the last few years. When I first scanned the title of this book, I assumed it was on that topic. While "[Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies](https://www.amazon.com/gp/product/0128093161/ref=as_li_tl?ie=UTF8&tag=benrothkswebp-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=0128093161&linkId=8a4712f6cc4477a27f4b28bbadba6048)" does detail APTs, that's not the main focus of the book.

### Review

One of the reasons people are turned off by information security is the plethora of security buzzwords. At the recent RSA 2017 conference, one's ear could get sore from the repetition of the year's buzzwords: *machine learning* and *artificial intelligence*.

Going back a year or so, the buzzword was *advanced persistent threat* (APT). When I got a copy of the book mentioned above, I thought at first: not again.

Authors Ira Winkler and Araceli Treu Gomes have enough experience that they don't have to rely on buzzwords. The book's notion of advanced persistent security means ensuring that security is built into every aspect of a system. This goes from endpoint to server and covers everything in between.

The point the authors reiterate is that defense in depth (almost a buzzword) is required for serious information security controls. One can't rely on a security appliance or one security administrator to do it all.

The book is pretty much an advanced introduction to a security guide. Their premise may not be so earth-shattering, but the massive number of security breaches and indicators proves that far too many firms didn't get the memo about building secure systems.

Many organizations have purchased unified threat management (UTM) devices that were meant to be a single, all-inclusive security appliance. Too many of them thought that security meant having the device in their data center and not having to do anything else. This is the perfect book for such people, as Winkler and Gomes show that effective information security requires a lot more than a single expensive appliance.

The authors write that a more appropriate title for the book would have been Adaptive Persistent Security, since the goal is that information security systems must be proactive in nature and design -- which is no trivial point. The authors propose methods for more adaptive and comprehensive approaches to information security.

A somewhat contrarian (albeit pragmatic) approach the authors take is that failure is an integral part of information security. No one can build a system that won't fail. Rather the systems should be resilient enough when failure does occur -- and it eventually will. The advanced persistent security methodology they propose means that a security program should proactively adapt to the failures of protection such that any loss is minimized.

The authors admit that the book does not provide any technological breakthroughs. Rather they provide advanced methods for implementing already available technologies.

### Conclusion

At 230 pages, what the book lacks in depth, it makes up for in its tactics for effective information security. For those looking for a methodology to create a more robust information security program, [Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies](https://www.amazon.com/gp/product/0128093161/ref=as_li_tl?ie=UTF8&tag=benrothkswebp-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=0128093161&linkId=8a4712f6cc4477a27f4b28bbadba6048) is a valuable resource and a welcome addition to the Canon.

*** ** * ** ***

## Related Blogs

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)

[#### The Cybersecurity Canon: Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day](https://www.paloaltonetworks.com.au/blog/2017/09/cybersecurity-canon-spies-among-us-stop-spies-terrorists-hackers-criminals-dont-even-know-encounter-every-day/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Cybersecurity Canon Candidate Book Review: "Abundance: The Future Is Better Than You Think](https://www.paloaltonetworks.com.au/blog/2018/09/cybersecurity-canon-candidate-book-review-abundance-future-better-think/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### The Cybersecurity Canon - American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road](https://www.paloaltonetworks.com.au/blog/2018/01/cybersecurity-canon-american-kingpin-epic-hunt-criminal-mastermind-behind-silk-road/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)

[#### We're Down to the Last Two Contestants In the 2018 Cybersecurity Canon People's Choice Awards!](https://www.paloaltonetworks.com.au/blog/2017/10/last-two-contestants-2018-cybersecurity-canon-peoples-choice-awards/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)

[#### 2018 Cybersecurity Canon People's Choice Awards: The Final Four](https://www.paloaltonetworks.com.au/blog/2017/10/2018-cybersecurity-canon-peoples-choice-awards-final-four/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)

[#### 2018 Cybersecurity Canon People's Choice Awards: Vote Now for Round 3](https://www.paloaltonetworks.com.au/blog/2017/10/2018-cybersecurity-canon-peoples-choice-awards-vote-now-round-3/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language