SlideShare a Scribd company logo

Yellow Emperor Internal Canon on Information Security - part 1

Download as PPTX, PDF
Chuan Lin
Chuan Lin

Yellow Emperor Internal Canon (YEIC) is a part of series of Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness. This presentation is an obsequious attempt to apply YEIC to Information Security.

Technology
1 of 32
Yellow Emperor's Internal Canon on Information Security, Part 1 of 2 “To fight a disease after it has occurred is like trying to dig a well when one is thirsty or forging a weapon once a war has begun.”
Topics  Introduction  Human (Part 1 of 2)  Heaven (Part 1 of 2)  Earth (Part 2 of 2)  TCM – Traditional Chinese Medicine / Trusted Computing Management (Part 2 of 2)  Conclusion
Introduction A snapshot of Yellow Emperor and his Internal Canon
Who  Yellow Emperor – the First of Chinese Three Sovereigns and Five Emperors. He is renowned for being the originator of the centralized state, a cosmic ruler and a patron of esoteric arts. Traditionally, he reigned around 2697 – 2597 BC.  Qibo – the mythical doctor with enlightened knowledge of traditional Chinese medicine. When Yellow Emperor first sought him to help rule the country, Qibo was not interested. But when Yellow Emperor asked about how to live long and healthy, Qibo became interested.  Yellow Emperor’s Internal Canon is a series of conversation between Yellow Emperor and Qibo on how to have a long and healthy life.
What  Yellow Emperor’s Internal Canon (YEIC) is considered to be the fundamental source on the Chinese Traditional Medicine (CTM).  YEIC based on Daoist view of  nature’s five elements (earth, metal, water, wood, fire)  yin and yang (reactive, proactive force)  qi (breath)  the effect of both heaven and earth on a person’s health  focused more on preventing than reacting to illness.
When & Where  Though Yellow Emperor traditionally known to reign from 2697 – 2597 BC, the earliest YEIC text is believed to be dated around 200 BC according to Joseph Needham and Lu Gwei- Djen  Location: China
Why  YEIC is a part of series of Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness.  This presentation is an obsequious attempt to apply YEIC to Information Security.  Part 1 focuses on the Human and Heaven portions of YEIC and how they apply to the information security.  Part 2 focuses on the Earth and the TCM portions of YEIC and how they apply to the information security.
Human Embodiment of Heaven and Earth whose outward appearances marks the flow of time and whose innards are fixed like the cardinal points
Common Theme : Lifecycle  Like a person, both a company and an information security asset has a life cycle. Human Corporation Asset Birth Docker, Illumino Classify Asset Right Maturing Microsoft, Google Monitoring, Right Management, Logic Control Illness Yahoo, IBM Loss of availability, confidentiality, and/or integrity Death Compaq, Netscape Destruction of Asset
The Five Viscera  The Modern Western Medicine (MWM) began with the study of visible human organs, and then further in-depth study of their structure and function. Their relationship with other organs and body system are not important.  The Traditional Chinese Medicine (TCM) began with the theme: all things grow and change. From the text: That four seasons and yin yang are the root of all things.  Yin yang and four seasons changes mean that all things grow, age, and death. The concept of the internal organs of TCM means that all organs influence each other, so that the body constitutes an integral part of interactive system.  This concept is equally applicable to a business organization and an information security.  Five Viscera existed not just within human body, but also existed in the corporate and information system.
Fire Elementswelling, flowering, brimming with energy Heart, the position of kings, is where deities resided.  Heart belongs to the fire element. Heart is like the sun shining and drawing all the body organs functioning. When heart stopped working, people died.  The heart is the Chairman, commanding all officials to coordinate with each other with division of labors, so that the company constitutes an indivisible whole.  The heart is the CISO (chief information security officer), commanding all other ISO to coordinate with each other with division of labors, so that the information security constitutes an indivisible whole. 心 者 , 君 主 之 官 , 神 明 出 焉 。
Earth Elementleveling and dampening (moderation) and fruition Spleen, the treasury officer, dispenses five flavors.  Spleen is the earth element where all things grow. All living things depends on things grow out of the land. People depends on spleen to digest food and to transfer energy to the entire body.  Spleen is the Treasurer where resources are kept. A company with lots of resources have lots of potential; a company with scan resources has to struggle to get by.  Spleen is InfoSec’s asset management, without which, sensitive assets will be made available to hostile force. 脾 者 , 倉 廩 之 官 , 五 味 出 焉 。
Metal Elementharvesting and collecting Lung, the Premier Ministre, dispenses governance and regulation.  Lung is the metal element where it collects and harvests oxygen from the air and dispense them into blood streams. Lung is the only viscera that can be voluntary controlled. Yet, it can affect how kidney, liver, heart and spleen behaves.  Lung is the CEO whose action affects how other departments behave. CEO leads other management towards the common goal set by the chairman.  Lung is the ISO who secured the network system. Incoming and outgoing data are carefully regulated. Data flow can be shut off temporary to mitigate risk. 肺 者 , 相 傅 之 官 , 治 節 出 焉 。
Water Elementwhere stillness and storage pervades Kidney, the engineering official, dispenses crafts.  Kidney is the water element which is the source of life. It possessed the innate essence and the acquired essence that can be transformed human tissue into organ, or to spark another life.  Kidney is the R&D manager who makes things happened. He harnessed the creative genius with the modern technology to come up new innovation.  Kidney is the ISO whose creativity combines the business and the security needs into the security policy that does not hinder but enhances the company’s business competitive advantages. 腎 者 , 作 強 之 官 , 技 巧 出 焉 。
Wood Elementwhich generates abundance and vitality Liver, the General, dispenses strategies and tactics.  Liver is the wood element which promotes growths and immunization. It attempts to neutralize hostile elements before they can further damage other viscera. Unfortunately, because it constantly defending the body to external threats, it suffers the most and one of the earliest organ to decline.  Liver is the chief risk management officer who enables effective command and control of significant risks, and related opportunities, to a business and its various segments.  Liver is the ISO who specializes in the Incident Response. Whenever there is an information system crisis, the ISO has to coordinate everyone to get the system back online, find the root cause, and to provide recommendation to prevent the disaster from happening again. 肝 者 , 將 軍 之 官 , 謀 慮 出 焉 。
Yin & Yang in Organization/Entity Yin Passive, reactive, feminine force  Body: front, interior organ, body, blood, below waist  Corporation: employees, finance, products, buildings  Information Security: asset management, incident response, network system Yang Active, initiating, masculine force  Body: back, exterior skin/muscle, head, qi, above waist  Corporation: management, marketing, service, people  Information Security: access management, risk management, data stream
Qi in Entity/Organization/ Information Security Qi is the flow of energy. In Human body, qi travels along the meridian system. In organization, qi is the financial flow that keeps it alive. No department can survive without inflow of finance. In Information Security, qi is the information that travels along the network system. Acupuncture Pressure Points Chart from http://lam24.wordpress.com/2009/10/07/acupuncture/
Examples of Qi in Organization & Information Security Logical Network Map from http://www.umass.edu/i2/ Network Security Architecture Design from http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/safek12.ht ml
Heaven Nature in motions
Introduction to Heaven  Heaven is the symbol of nature in motions. It represents cycles of changes, movement of times, and flutter of activity.  It also embodies the state that we found ourselves in a given situation  Birth, Enlivening, Spring  Maturing, Ascending, Summer  Aging, Descending, Autumn  Death, Retiring, Winter
Spring heaven and earth given birth enable thriving in all living things This spring air reflects the way of maintaining good health  In nature, Spring represents birth of all living things.  In business, Spring represents birth of new products, business units, and employees joining the enterprise.  In security, Spring represents births of  new employee access  certification cycle  malware in host machine 天 地 俱 生 , 萬 物 以 榮 … 此 春 氣 之 應 養 生 之 道 也
S u m mer heaven and earth interacts, all living things bloom This summer air reflects the way of maintaining longevity.  In nature, Summer represents all living things at their prime.  In business, Summer represents the optimal of new products, business units, and employees reaching their full potential.  In security, Summer represents the peak such as  employees gain more responsibility, more access are granted  Certification cycle reaches greater acceptance  malware infects to largest number of machines 天 地 氣 交 , 萬 物 華 實 … 此 夏 氣 之 應 養 長 之 道 也
A u t u mn the heavenly chi hurried, the earthly chi brightened This autumn air represents the Way of Harvesting.  In nature, Autumn represents all living things pass their prime.  In business, Autumn represents the decline of products, business units, and employees potential. At this stage, resources are milked for all their worth.  In security, Autumn represents the gradual decline of  employees role have been redefined and may not need certain access  Certification cycle moves toward closing cycle as some business needs are not met.  malware infection has been contained and reduced. 天 氣 以 急 , 地 氣 以 明 … 此 秋 氣 之 應 養 收 之 道 也
W i n t e r Water froze and earth cracked, undisturbed from the sun This winter air represents the Way of Hoarding.  In nature, Winter represents death of all living things.  In business, Winter represents the closing of product lines, business units, and employees positions. At this stage, resources are conserved.  In security, Winter represents the end of  employees accesses are closed  Certification cycle  malware infection 水 冰 地 坼 , 無 擾 乎 陽 … 此 冬 氣 之 應 養 藏 之 道 也
Yin and Yang in Heaven  Yang energy brings warmth in Winter & Spring but excessive heat in Summer & Fall.  Yin energy brings relief in Summer & Fall but excessing frigidity in Winter & Spring.  In Business:  Yang energy proactively starts the company by finding a need.  Yin energy reactively starts the company by fulfill a need.  In Security:  Yang energy championed the need for security awareness.  Yin energy followed the requirement for security awareness.
Qi in Nature  In Heaven, the most obvious sign of qi is the movement of wind. Scientifically, wind is caused by difference in atmospheric pressure. Philosophically, wind is caused by combination of Yin and Yang.  In Business, the qi is the healthy mix of Yin (inflow of revenue) and Yang (outflow of products & services).  In InfoSec, the qi is the healthy mix of Yin (technology) and Yang (InfoSec Pro).
In Closing - Heaven  Even though we designated three months of a year to a season, yet, in reality, they are not constant as certain season felt long and other season felt short.  Likewise, all things experience four different states, but not all states have same durations. A business unit takes a long to get start A product line has short period of birth and discontinue, but long periods on growing and declining A certification can schedule to have the closing of one cycle coincide with the starting of one another.
Summary Condensing of a condense PowerPoint.
Summary  Yellow Emperor Internal Canon (YEIC) is a Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness.  Historically, people have used it as is, to treat illness of their patients.  Others have used it as guide to treat illness of a dynasty  In Modern Time, could it serve other functions:  Treating illness of a business entity?  Treating illness of a information security network?
Summary  The Modern Western Medicine (MWM) treats individual organ as is without paying attention to other organs.  The Traditional Chinese Medicine (TCM) began with the theme: all organs influence each other, so that the body constitutes an integral part of interactive system.  the root cause of a failed business component does not necessary resides within that business component.  likewise, the failure of an information security system does not necessary caused by that system.
Summary  Heaven represents movement of four phases:  All living things experienced birth, grown, declining, and death  All non-living things experienced forming, accumulating, decaying, and dispersing  All social organization experienced transforming, performing, reforming, and adjourning  All technologies experienced creating, thriving, maturing, and effacing
Summary  This PowerPoint presentation is the first of two parts that focuses on how an ancient Chinese Wisdom as a Service can be applied in modern time in form of analyze a corporation and an information security system.  This presentation focuses only the Human and the Heaven aspects of Yellow Emperor Internal Canon.  Next presentation will focus on the Earth and the Traditional Chinese Medicine treatment of Yellow Emperor Internal Canon.

Recommended

Entrep special report fan li (cristhel molina pdf)
Entrep special report fan li (cristhel molina pdf)Entrep special report fan li (cristhel molina pdf)
Entrep special report fan li (cristhel molina pdf)
Cristhel Molina
 
Emperor wen ti
Emperor wen tiEmperor wen ti
Emperor wen ti
mrmonreal
 
Tao
TaoTao
Tao
Felicia Tan
 
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slingerSexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
VAV_700
 
Revisit the Three Kingdoms Issue 06
Revisit the Three Kingdoms Issue 06Revisit the Three Kingdoms Issue 06
Revisit the Three Kingdoms Issue 06
Chuan Lin
 
Nutritional dissorders
Nutritional dissordersNutritional dissorders
Nutritional dissorders
Jijo G John
 
"The Aryan (1.7.2) april.17
"The Aryan (1.7.2) april.17 "The Aryan (1.7.2) april.17
"The Aryan (1.7.2) april.17
SEEENCE
 
Quarn healing
Quarn healingQuarn healing
Quarn healing
Al-Huda International Welfare Foundation
 

Recommended

Entrep special report fan li (cristhel molina pdf)
Entrep special report fan li (cristhel molina pdf)Entrep special report fan li (cristhel molina pdf)
Entrep special report fan li (cristhel molina pdf)
Cristhel Molina
 
Emperor wen ti
Emperor wen tiEmperor wen ti
Emperor wen ti
mrmonreal
 
Tao
TaoTao
Tao
Felicia Tan
 
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slingerSexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
Sexual secrets alchemy-of_ecstasy-by-nik_douglas__penny_slinger
VAV_700
 
Revisit the Three Kingdoms Issue 06
Revisit the Three Kingdoms Issue 06Revisit the Three Kingdoms Issue 06
Revisit the Three Kingdoms Issue 06
Chuan Lin
 
Nutritional dissorders
Nutritional dissordersNutritional dissorders
Nutritional dissorders
Jijo G John
 
"The Aryan (1.7.2) april.17
"The Aryan (1.7.2) april.17 "The Aryan (1.7.2) april.17
"The Aryan (1.7.2) april.17
SEEENCE
 
Quarn healing
Quarn healingQuarn healing
Quarn healing
Al-Huda International Welfare Foundation
 
Is there really any God exist??
Is there really any God exist??Is there really any God exist??
Is there really any God exist??
Krishna Ram
 
Healingbyquran eng
Healingbyquran engHealingbyquran eng
Healingbyquran eng
islamtics default
 
Edu 145 ch 8 flashcards
Edu 145 ch 8 flashcardsEdu 145 ch 8 flashcards
Edu 145 ch 8 flashcards
Claudia Anderson
 
Healing by Quran
Healing by QuranHealing by Quran
Healing by Quran
Hussain Fahmy
 
Challenge erie teleclass
Challenge erie teleclassChallenge erie teleclass
Challenge erie teleclass
Mark Filippi
 
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
Julie Roest
 
Dating Couples
Dating CouplesDating Couples
Dating Couples
Lynn M. (Mike) Wallace
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
wkyra78
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
endawalling
 
Wireless Energy Body - Medical Astrology
Wireless Energy Body - Medical AstrologyWireless Energy Body - Medical Astrology
Wireless Energy Body - Medical Astrology
Kongo Zen Shorinji Kempo
 
Healing by Quran
Healing by QuranHealing by Quran
Healing by Quran
Xenia Y
 
Role Of Accountability And Control System
Role Of Accountability And Control SystemRole Of Accountability And Control System
Role Of Accountability And Control System
Denise Enriquez
 
Essay Topics For The Lovely Bones. Online assignment writing service.
Essay Topics For The Lovely Bones. Online assignment writing service.Essay Topics For The Lovely Bones. Online assignment writing service.
Essay Topics For The Lovely Bones. Online assignment writing service.
Dianne Aldrian
 
2012 the truth that can save the world
2012 the truth that can save the world2012 the truth that can save the world
2012 the truth that can save the world
Freelance Researcher and Agriculturist
 
Healing By Quran
Healing By QuranHealing By Quran
Healing By Quran
Junaid Qasim
 
Healing by Quran eng (1)
Healing by Quran eng (1)Healing by Quran eng (1)
Healing by Quran eng (1)
Xenia Y
 
العلاج بالقرآن: Quran Healing
العلاج بالقرآن: Quran Healing العلاج بالقرآن: Quran Healing
العلاج بالقرآن: Quran Healing
F El Mohdar
 
Death is a Statistical Matter
Death is a Statistical MatterDeath is a Statistical Matter
Death is a Statistical Matter
Danila Medvedev
 
Attraction Relativity Theory (A.R.T.)
Attraction Relativity Theory (A.R.T.)Attraction Relativity Theory (A.R.T.)
Attraction Relativity Theory (A.R.T.)
Eve Michal Willinger
 
POS 252: Abortion Philosophy
POS 252: Abortion PhilosophyPOS 252: Abortion Philosophy
POS 252: Abortion Philosophy
Steve Schneider
 
大学与​信息安全​
大学与​信息安全​大学与​信息安全​
大学与​信息安全​
Chuan Lin
 
黄帝内经与信安上部
黄帝内经与信安上部黄帝内经与信安上部
黄帝内经与信安上部
Chuan Lin
 

More Related Content

Similar to Yellow Emperor Internal Canon on Information Security - part 1

Challenge erie teleclass
Challenge erie teleclassChallenge erie teleclass
Challenge erie teleclass
Mark Filippi
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
wkyra78
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
endawalling
 
Healing by Quran
Healing by QuranHealing by Quran
Healing by Quran
Xenia Y
 
Role Of Accountability And Control System
Role Of Accountability And Control SystemRole Of Accountability And Control System
Role Of Accountability And Control System
Denise Enriquez
 
Healing by Quran eng (1)
Healing by Quran eng (1)Healing by Quran eng (1)
Healing by Quran eng (1)
Xenia Y
 

Similar to Yellow Emperor Internal Canon on Information Security - part 1 (20)

Is there really any God exist??
Is there really any God exist??Is there really any God exist??
Is there really any God exist??
 
Healingbyquran eng
Healingbyquran engHealingbyquran eng
Healingbyquran eng
 
Edu 145 ch 8 flashcards
Edu 145 ch 8 flashcardsEdu 145 ch 8 flashcards
Edu 145 ch 8 flashcards
 
Healing by Quran
Healing by QuranHealing by Quran
Healing by Quran
 
Challenge erie teleclass
Challenge erie teleclassChallenge erie teleclass
Challenge erie teleclass
 
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
Good Ideas For Persuasive Essays. Thoughts of a Third Grade Teacher: Persuasi...
 
Dating Couples
Dating CouplesDating Couples
Dating Couples
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
 
Managing Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docxManaging Riskin InformationSystemsPowered by vLab Solu.docx
Managing Riskin InformationSystemsPowered by vLab Solu.docx
 
Wireless Energy Body - Medical Astrology
Wireless Energy Body - Medical AstrologyWireless Energy Body - Medical Astrology
Wireless Energy Body - Medical Astrology
 
Healing by Quran
Healing by QuranHealing by Quran
Healing by Quran
 
Role Of Accountability And Control System
Role Of Accountability And Control SystemRole Of Accountability And Control System
Role Of Accountability And Control System
 
Essay Topics For The Lovely Bones. Online assignment writing service.
Essay Topics For The Lovely Bones. Online assignment writing service.Essay Topics For The Lovely Bones. Online assignment writing service.
Essay Topics For The Lovely Bones. Online assignment writing service.
 
2012 the truth that can save the world
2012 the truth that can save the world2012 the truth that can save the world
2012 the truth that can save the world
 
Healing By Quran
Healing By QuranHealing By Quran
Healing By Quran
 
Healing by Quran eng (1)
Healing by Quran eng (1)Healing by Quran eng (1)
Healing by Quran eng (1)
 
العلاج بالقرآن: Quran Healing
العلاج بالقرآن: Quran Healing العلاج بالقرآن: Quran Healing
العلاج بالقرآن: Quran Healing
 
Death is a Statistical Matter
Death is a Statistical MatterDeath is a Statistical Matter
Death is a Statistical Matter
 
Attraction Relativity Theory (A.R.T.)
Attraction Relativity Theory (A.R.T.)Attraction Relativity Theory (A.R.T.)
Attraction Relativity Theory (A.R.T.)
 
POS 252: Abortion Philosophy
POS 252: Abortion PhilosophyPOS 252: Abortion Philosophy
POS 252: Abortion Philosophy
 

More from Chuan Lin

Revisiting the Three Kingdoms, Issue 05
Revisiting the Three Kingdoms, Issue 05Revisiting the Three Kingdoms, Issue 05
Revisiting the Three Kingdoms, Issue 05
Chuan Lin
 
Revisit the Three Kingdoms issue04
Revisit the Three Kingdoms issue04Revisit the Three Kingdoms issue04
Revisit the Three Kingdoms issue04
Chuan Lin
 
孙子项目管理法
孙子项目管理法孙子项目管理法
孙子项目管理法
Chuan Lin
 
孫子專案管理
孫子專案管理孫子專案管理
孫子專案管理
Chuan Lin
 
Sunzi's Art of PMP
Sunzi's Art of PMPSunzi's Art of PMP
Sunzi's Art of PMP
Chuan Lin
 
三十六社交工程计 上-简体
三十六社交工程计 上-简体三十六社交工程计 上-简体
三十六社交工程计 上-简体
Chuan Lin
 
Thirty-Six Stratagems of Social Engineering, Part I
Thirty-Six Stratagems of Social Engineering, Part IThirty-Six Stratagems of Social Engineering, Part I
Thirty-Six Stratagems of Social Engineering, Part I
Chuan Lin
 

More from Chuan Lin (20)

大学与​信息安全​
大学与​信息安全​大学与​信息安全​
大学与​信息安全​
 
黄帝内经与信安上部
黄帝内经与信安上部黄帝内经与信安上部
黄帝内经与信安上部
 
黃帝內經與資安上部
黃帝內經與資安上部黃帝內經與資安上部
黃帝內經與資安上部
 
Revisiting the Three Kingdoms, Issue 05
Revisiting the Three Kingdoms, Issue 05Revisiting the Three Kingdoms, Issue 05
Revisiting the Three Kingdoms, Issue 05
 
项目资安禅 - Project Management, Information Security & Chan
项目资安禅 - Project Management, Information Security & Chan项目资安禅 - Project Management, Information Security & Chan
项目资安禅 - Project Management, Information Security & Chan
 
專案、資安、禪 - PMP, InfoSec and Chan
專案、資安、禪 - PMP, InfoSec and Chan專案、資安、禪 - PMP, InfoSec and Chan
專案、資安、禪 - PMP, InfoSec and Chan
 
PMP, InfoSec & Chan
PMP, InfoSec & ChanPMP, InfoSec & Chan
PMP, InfoSec & Chan
 
Revisit the Three Kingdoms issue04
Revisit the Three Kingdoms issue04Revisit the Three Kingdoms issue04
Revisit the Three Kingdoms issue04
 
孙子项目管理法
孙子项目管理法孙子项目管理法
孙子项目管理法
 
孫子專案管理
孫子專案管理孫子專案管理
孫子專案管理
 
Sunzi's Art of PMP
Sunzi's Art of PMPSunzi's Art of PMP
Sunzi's Art of PMP
 
Revisit the Three Kingdoms 03
Revisit the Three Kingdoms 03Revisit the Three Kingdoms 03
Revisit the Three Kingdoms 03
 
三十六社交工程计 上-简体
三十六社交工程计 上-简体三十六社交工程计 上-简体
三十六社交工程计 上-简体
 
三十六社交工程計-上-繁體中文
三十六社交工程計-上-繁體中文三十六社交工程計-上-繁體中文
三十六社交工程計-上-繁體中文
 
Revisit the Three Kingdoms 02
Revisit the Three Kingdoms 02Revisit the Three Kingdoms 02
Revisit the Three Kingdoms 02
 
Romance of Three Kingdoms Vol1 Issue1
Romance of Three Kingdoms Vol1 Issue1Romance of Three Kingdoms Vol1 Issue1
Romance of Three Kingdoms Vol1 Issue1
 
Thirty-Six Stratagems of Social Engineering, Part I
Thirty-Six Stratagems of Social Engineering, Part IThirty-Six Stratagems of Social Engineering, Part I
Thirty-Six Stratagems of Social Engineering, Part I
 
易经与资安 中文版
易经与资安 中文版易经与资安 中文版
易经与资安 中文版
 
易經與資安-中文
易經與資安-中文易經與資安-中文
易經與資安-中文
 
圍棋和資安-中文版
圍棋和資安-中文版圍棋和資安-中文版
圍棋和資安-中文版
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Yellow Emperor Internal Canon on Information Security - part 1

  • 1. Yellow Emperor's Internal Canon on Information Security, Part 1 of 2 “To fight a disease after it has occurred is like trying to dig a well when one is thirsty or forging a weapon once a war has begun.”
  • 2. Topics  Introduction  Human (Part 1 of 2)  Heaven (Part 1 of 2)  Earth (Part 2 of 2)  TCM – Traditional Chinese Medicine / Trusted Computing Management (Part 2 of 2)  Conclusion
  • 3. Introduction A snapshot of Yellow Emperor and his Internal Canon
  • 4. Who  Yellow Emperor – the First of Chinese Three Sovereigns and Five Emperors. He is renowned for being the originator of the centralized state, a cosmic ruler and a patron of esoteric arts. Traditionally, he reigned around 2697 – 2597 BC.  Qibo – the mythical doctor with enlightened knowledge of traditional Chinese medicine. When Yellow Emperor first sought him to help rule the country, Qibo was not interested. But when Yellow Emperor asked about how to live long and healthy, Qibo became interested.  Yellow Emperor’s Internal Canon is a series of conversation between Yellow Emperor and Qibo on how to have a long and healthy life.
  • 5. What  Yellow Emperor’s Internal Canon (YEIC) is considered to be the fundamental source on the Chinese Traditional Medicine (CTM).  YEIC based on Daoist view of  nature’s five elements (earth, metal, water, wood, fire)  yin and yang (reactive, proactive force)  qi (breath)  the effect of both heaven and earth on a person’s health  focused more on preventing than reacting to illness.
  • 6. When & Where  Though Yellow Emperor traditionally known to reign from 2697 – 2597 BC, the earliest YEIC text is believed to be dated around 200 BC according to Joseph Needham and Lu Gwei- Djen  Location: China
  • 7. Why  YEIC is a part of series of Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness.  This presentation is an obsequious attempt to apply YEIC to Information Security.  Part 1 focuses on the Human and Heaven portions of YEIC and how they apply to the information security.  Part 2 focuses on the Earth and the TCM portions of YEIC and how they apply to the information security.
  • 8. Human Embodiment of Heaven and Earth whose outward appearances marks the flow of time and whose innards are fixed like the cardinal points
  • 9. Common Theme : Lifecycle  Like a person, both a company and an information security asset has a life cycle. Human Corporation Asset Birth Docker, Illumino Classify Asset Right Maturing Microsoft, Google Monitoring, Right Management, Logic Control Illness Yahoo, IBM Loss of availability, confidentiality, and/or integrity Death Compaq, Netscape Destruction of Asset
  • 10. The Five Viscera  The Modern Western Medicine (MWM) began with the study of visible human organs, and then further in-depth study of their structure and function. Their relationship with other organs and body system are not important.  The Traditional Chinese Medicine (TCM) began with the theme: all things grow and change. From the text: That four seasons and yin yang are the root of all things.  Yin yang and four seasons changes mean that all things grow, age, and death. The concept of the internal organs of TCM means that all organs influence each other, so that the body constitutes an integral part of interactive system.  This concept is equally applicable to a business organization and an information security.  Five Viscera existed not just within human body, but also existed in the corporate and information system.
  • 11. Fire Elementswelling, flowering, brimming with energy Heart, the position of kings, is where deities resided.  Heart belongs to the fire element. Heart is like the sun shining and drawing all the body organs functioning. When heart stopped working, people died.  The heart is the Chairman, commanding all officials to coordinate with each other with division of labors, so that the company constitutes an indivisible whole.  The heart is the CISO (chief information security officer), commanding all other ISO to coordinate with each other with division of labors, so that the information security constitutes an indivisible whole. 心 者 , 君 主 之 官 , 神 明 出 焉 。
  • 12. Earth Elementleveling and dampening (moderation) and fruition Spleen, the treasury officer, dispenses five flavors.  Spleen is the earth element where all things grow. All living things depends on things grow out of the land. People depends on spleen to digest food and to transfer energy to the entire body.  Spleen is the Treasurer where resources are kept. A company with lots of resources have lots of potential; a company with scan resources has to struggle to get by.  Spleen is InfoSec’s asset management, without which, sensitive assets will be made available to hostile force. 脾 者 , 倉 廩 之 官 , 五 味 出 焉 。
  • 13. Metal Elementharvesting and collecting Lung, the Premier Ministre, dispenses governance and regulation.  Lung is the metal element where it collects and harvests oxygen from the air and dispense them into blood streams. Lung is the only viscera that can be voluntary controlled. Yet, it can affect how kidney, liver, heart and spleen behaves.  Lung is the CEO whose action affects how other departments behave. CEO leads other management towards the common goal set by the chairman.  Lung is the ISO who secured the network system. Incoming and outgoing data are carefully regulated. Data flow can be shut off temporary to mitigate risk. 肺 者 , 相 傅 之 官 , 治 節 出 焉 。
  • 14. Water Elementwhere stillness and storage pervades Kidney, the engineering official, dispenses crafts.  Kidney is the water element which is the source of life. It possessed the innate essence and the acquired essence that can be transformed human tissue into organ, or to spark another life.  Kidney is the R&D manager who makes things happened. He harnessed the creative genius with the modern technology to come up new innovation.  Kidney is the ISO whose creativity combines the business and the security needs into the security policy that does not hinder but enhances the company’s business competitive advantages. 腎 者 , 作 強 之 官 , 技 巧 出 焉 。
  • 15. Wood Elementwhich generates abundance and vitality Liver, the General, dispenses strategies and tactics.  Liver is the wood element which promotes growths and immunization. It attempts to neutralize hostile elements before they can further damage other viscera. Unfortunately, because it constantly defending the body to external threats, it suffers the most and one of the earliest organ to decline.  Liver is the chief risk management officer who enables effective command and control of significant risks, and related opportunities, to a business and its various segments.  Liver is the ISO who specializes in the Incident Response. Whenever there is an information system crisis, the ISO has to coordinate everyone to get the system back online, find the root cause, and to provide recommendation to prevent the disaster from happening again. 肝 者 , 將 軍 之 官 , 謀 慮 出 焉 。
  • 16. Yin & Yang in Organization/Entity Yin Passive, reactive, feminine force  Body: front, interior organ, body, blood, below waist  Corporation: employees, finance, products, buildings  Information Security: asset management, incident response, network system Yang Active, initiating, masculine force  Body: back, exterior skin/muscle, head, qi, above waist  Corporation: management, marketing, service, people  Information Security: access management, risk management, data stream
  • 17. Qi in Entity/Organization/ Information Security Qi is the flow of energy. In Human body, qi travels along the meridian system. In organization, qi is the financial flow that keeps it alive. No department can survive without inflow of finance. In Information Security, qi is the information that travels along the network system. Acupuncture Pressure Points Chart from http://lam24.wordpress.com/2009/10/07/acupuncture/
  • 18. Examples of Qi in Organization & Information Security Logical Network Map from http://www.umass.edu/i2/ Network Security Architecture Design from http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/safek12.ht ml
  • 20. Introduction to Heaven  Heaven is the symbol of nature in motions. It represents cycles of changes, movement of times, and flutter of activity.  It also embodies the state that we found ourselves in a given situation  Birth, Enlivening, Spring  Maturing, Ascending, Summer  Aging, Descending, Autumn  Death, Retiring, Winter
  • 21. Spring heaven and earth given birth enable thriving in all living things This spring air reflects the way of maintaining good health  In nature, Spring represents birth of all living things.  In business, Spring represents birth of new products, business units, and employees joining the enterprise.  In security, Spring represents births of  new employee access  certification cycle  malware in host machine 天 地 俱 生 , 萬 物 以 榮 … 此 春 氣 之 應 養 生 之 道 也
  • 22. S u m mer heaven and earth interacts, all living things bloom This summer air reflects the way of maintaining longevity.  In nature, Summer represents all living things at their prime.  In business, Summer represents the optimal of new products, business units, and employees reaching their full potential.  In security, Summer represents the peak such as  employees gain more responsibility, more access are granted  Certification cycle reaches greater acceptance  malware infects to largest number of machines 天 地 氣 交 , 萬 物 華 實 … 此 夏 氣 之 應 養 長 之 道 也
  • 23. A u t u mn the heavenly chi hurried, the earthly chi brightened This autumn air represents the Way of Harvesting.  In nature, Autumn represents all living things pass their prime.  In business, Autumn represents the decline of products, business units, and employees potential. At this stage, resources are milked for all their worth.  In security, Autumn represents the gradual decline of  employees role have been redefined and may not need certain access  Certification cycle moves toward closing cycle as some business needs are not met.  malware infection has been contained and reduced. 天 氣 以 急 , 地 氣 以 明 … 此 秋 氣 之 應 養 收 之 道 也
  • 24. W i n t e r Water froze and earth cracked, undisturbed from the sun This winter air represents the Way of Hoarding.  In nature, Winter represents death of all living things.  In business, Winter represents the closing of product lines, business units, and employees positions. At this stage, resources are conserved.  In security, Winter represents the end of  employees accesses are closed  Certification cycle  malware infection 水 冰 地 坼 , 無 擾 乎 陽 … 此 冬 氣 之 應 養 藏 之 道 也
  • 25. Yin and Yang in Heaven  Yang energy brings warmth in Winter & Spring but excessive heat in Summer & Fall.  Yin energy brings relief in Summer & Fall but excessing frigidity in Winter & Spring.  In Business:  Yang energy proactively starts the company by finding a need.  Yin energy reactively starts the company by fulfill a need.  In Security:  Yang energy championed the need for security awareness.  Yin energy followed the requirement for security awareness.
  • 26. Qi in Nature  In Heaven, the most obvious sign of qi is the movement of wind. Scientifically, wind is caused by difference in atmospheric pressure. Philosophically, wind is caused by combination of Yin and Yang.  In Business, the qi is the healthy mix of Yin (inflow of revenue) and Yang (outflow of products & services).  In InfoSec, the qi is the healthy mix of Yin (technology) and Yang (InfoSec Pro).
  • 27. In Closing - Heaven  Even though we designated three months of a year to a season, yet, in reality, they are not constant as certain season felt long and other season felt short.  Likewise, all things experience four different states, but not all states have same durations. A business unit takes a long to get start A product line has short period of birth and discontinue, but long periods on growing and declining A certification can schedule to have the closing of one cycle coincide with the starting of one another.
  • 28. Summary Condensing of a condense PowerPoint.
  • 29. Summary  Yellow Emperor Internal Canon (YEIC) is a Chinese Wisdom as a Service (CWaaS). It is capable of dispense wisdom to meet the reader’s need if that person has the necessary awareness.  Historically, people have used it as is, to treat illness of their patients.  Others have used it as guide to treat illness of a dynasty  In Modern Time, could it serve other functions:  Treating illness of a business entity?  Treating illness of a information security network?
  • 30. Summary  The Modern Western Medicine (MWM) treats individual organ as is without paying attention to other organs.  The Traditional Chinese Medicine (TCM) began with the theme: all organs influence each other, so that the body constitutes an integral part of interactive system.  the root cause of a failed business component does not necessary resides within that business component.  likewise, the failure of an information security system does not necessary caused by that system.
  • 31. Summary  Heaven represents movement of four phases:  All living things experienced birth, grown, declining, and death  All non-living things experienced forming, accumulating, decaying, and dispersing  All social organization experienced transforming, performing, reforming, and adjourning  All technologies experienced creating, thriving, maturing, and effacing
  • 32. Summary  This PowerPoint presentation is the first of two parts that focuses on how an ancient Chinese Wisdom as a Service can be applied in modern time in form of analyze a corporation and an information security system.  This presentation focuses only the Human and the Heaven aspects of Yellow Emperor Internal Canon.  Next presentation will focus on the Earth and the Traditional Chinese Medicine treatment of Yellow Emperor Internal Canon.