MY LATEST BOOK RELEASED! “The Science of Security” May 16, 2026
Posted by Chris Mark in cyberespionage, cybersecurity, Industry News, InfoSec & Privacy, Laws and Leglslation, Piracy & Maritime Security, Risk & Risk Management, security, security theater.Tags: ai, artificial-intelligence, cybersecurity, data breach, History, InfoSec, Maritime Security, philosophy, Piracy & Maritime Security, risk management, security, technology
add a comment
Announcing Scientia Securitatis: The Science of Security
After 34 years across nearly every security domain that exists — armed physical security at an overseas critical installation, combat force protection, security in a regional hospital’s psychiatric ward, payment-card industry compliance, armed maritime contracting off the East African coast, and a return to enterprise cybersecurity that has occupied the past decade — I have written the book I wish someone had written when I started.
Scientia Securitatis: The Science of Security — Theory, Frameworks, and Practice is available now.
The gap this book is intended to fill
The security profession does not lack books. Walk into any bookstore, scan any conference vendor floor, search any retailer’s security category, and you will find more material on cybersecurity, physical security, risk management, military theory, criminology, intelligence analysis, and organizational resilience than any single practitioner could read in a career. The field is overwhelmed with information.
What it lacks is integration.
Each security domain has developed its own vocabulary, its own frameworks, its own bestsellers, its own consultants. Each domain — when traced carefully to its analytical roots — is reaching for the same underlying concepts the next domain over named differently. Practitioners in physical and cybersecurity are working on the same analytical problems and rarely speak to one another. When they do, they discover that they have been duplicating each other’s work for decades.
Scientia Securitatis is an attempt to make that recognition the starting point of professional practice rather than an accident a few practitioners stumble into late in their careers.
What’s in the book
The book runs to 525 pages across 11 chapters and three appendices. It develops four original analytical frameworks:
- The Mark Heptad — a taxonomy of seven adversary motivations (financial, espionage, war/defense, facilitation, hacktivism, revenge, nuisance) that maps directly to deterrence strategy
- The IMCM Framework — Ignorance, Mistake, Complacency, Malice — for classifying human-induced vulnerabilities and matching them to specific interventions
- The DIVE Framework — Direction, Intensity, Vulnerability, Exposure — for assessing specific exposure surfaces
- The Multiplicative Security Model — the mathematical basis for defense-in-depth, with implications for how security architecture should actually combine
These original frameworks sit within a broader analytical apparatus drawn from criminology (Cohen and Felson’s Routine Activity Theory, Cornish and Clarke’s Twenty-Five Techniques of Situational Crime Prevention), cognitive science (Kahneman and Tversky on judgment under uncertainty), military theory (Sun Tzu, Clausewitz, contemporary unrestricted warfare doctrine), and systems-safety scholarship (James Reason’s Swiss Cheese Model, Charles Perrow’s normal-accident theory).
The book also examines — and critically engages — the victim-blaming reflex that dominates post-incident analysis, drawing on the foundational criminological literature on victim precipitation and contemporary case studies including Equifax, OPM, Target, and Snowflake.
A note on the Latin title
Scientia Securitatis translates as “the science of security,” and the choice was deliberate. The Latin signals that the book engages security as a serious analytical discipline whose intellectual roots long predate the cybersecurity industry’s tendency to treat its problems as historically unprecedented. The phenomena security examines are ancient; the framework for studying them rigorously has been available since at least the mid-20th century. The book argues that practitioners have, with rare exceptions, declined to use it.
Who this book is for
This book is for the practitioner who has noticed that decades of escalating security investment have not produced proportional security gains, and who wants to understand why. It is for the security executive building defensible programs across multiple domains. The policy professional confronting unrestricted warfare doctrine. The risk and compliance leader who suspects that frameworks alone are not stopping sophisticated adversaries. The graduate student approaching security as an analytical discipline rather than a job category.
It is not a tactical handbook. It is not a configuration guide. It is the analytical apparatus that determines whether tactical choices are well-made — the apparatus the field has been operating without.
Where to get it
Scientia Securitatis: The Science of Security is available now on Amazon in eBook, paperback, and hardcover formats:
If you find the book useful, please consider leaving a review. Self-published analytical nonfiction lives and dies by word-of-mouth among the practitioners it was written for — and a thoughtful Amazon review from a working professional is worth more to other professionals than any amount of marketing.
— Chris Mark
“Viva La Revolucion!”- Social Media; The New Yellow Journalism? May 3, 2012
Posted by Chris Mark in Industry News, Risk & Risk Management.Tags: Chris Mark, markconsultinggroup.com, Piracy & Maritime Security, Social media, yellow journalism
add a comment
In the late 19th Century, a phenomenon known as ‘yellow journalism’ took hold as newspapers battled for marketshare. More specifically, it was the battle between Joseph Pulitzer and William Randolph Hearst which fostered the coining of the phrase. At a high level, Yellow Journalism is defined as: “…a type of journalism that presents little or no legitimate well-researched news and instead uses eye-catching headlines to sell more newspapers.[1] Techniques may include exaggerations of news events, scandal-mongering, or sensationalism.” In fact, Yellow journalism was blamed for the start of the Spanish American War. In response, responsible journalists founded organizations such as the Society of Professional Journalists (founded 1909) and developed codes of ethics and responsible reporting. Today, responsible, professional journalists adhere to a code of ethics or canons which dictate that they will report the truth accurately. As stated in the SPJ: “Seek Truth and Report It”. While some bend the rules, most reporters are accurate and professional.
With the rise of “bloggers”(this author included) and other social media ‘experts’ could it be that we are seeing the rise of a new wave of ‘Yellow Journalism’? (more…)
Geopolitical Context of Piracy; Dr. Heather Mark April 18, 2012
Posted by Chris Mark in Industry News, Piracy & Maritime Security.Tags: Chris Mark, combating piracy week, Dr. Heather Mark, geopolitical context of piracy, Maritime Security, Piracy & Maritime Security
add a comment
Since I am traveling to Hamburg this week for a piracy event (pirates like “ARGHH MATEY!” type)…not software pirates….to provide my readers with some piracy info, I am publishing the whitepaper: “The Geopolitical Context of Piracy” by the illustrious Dr. Heather Mark. This paper has an interesting history. At one point the paper was ‘borrowed’ by a person who proceeded to publish the paper as four articles which he attributed authorship to himself. Plagiarism is alive in 2012 😉 Fortunately, the organization who published the articles recognized something was amiss and contacted Heather. Please read the paper….good info…No doubt the person who “borrowed” the paper will try to once again pass it off as his own as the event…
London Conference on Somalia – “Talk, Talk, Talk” February 24, 2012
Posted by Chris Mark in Industry News, Uncategorized.Tags: Chris Mark, London Conference on Somalia, mark consulting group, Piracy & Maritime Security, security
add a comment
On February 23, 2012 the London Conference on Somalia was held. The conference brought together representatives from 40 different nations including US Secretary of State Hilary Clinton. The impetus for the conference was not solely piracy rather the idea that Somalia, as a failed state, may become the Worlds’ largest safe haven for Islamic extremists. As stated: “For two decades politicians in the West have too often dismissed the problems in Somalia as simply too difficult and too remote to deal with,” British Prime Minister David Cameron told the summit. “Engagement has been sporadic and half-hearted. That fatalism has failed Somalia. And it has failed the international community too.” While the nations came together to talk about the future of Somalia, it seemed to have a familiar ring harkening back to 1991-1994. “In many ways, I think I was more confident before the summit,” said researcher, and Somali specialist Anyimadu at Chatham House. “All this emphasis on security and talk of airstrikes — there’s a real risk we will simply repeat the mistakes of the past.”
Published Articles: – “Geopolitical Context of Piracy” February 24, 2012
Posted by Chris Mark in Industry News, Piracy & Maritime Security, Uncategorized.Tags: Dr. Heather Mark, geopolitical context of piracy, Maritime Security, markconsultinggroup.com, Piracy & Maritime Security, pirate as a rational actor, security
1 comment so far
UPDATE: The company that published the articles contacted Heather and has agreed to pull the articles off their website. This is good news and shows that the copany is interested in ensuring their readers get original work from the original author. In an interesting twist, the company representative stated that, when asked, the party who submitted the articles stated “unequivocally” that it was their work. Considering that the company pulled the articles, Heather has a PhD and background in defense, and political economy, and has published over 100 articles, scores of whitepapers, research briefs and other material as well as possessing the original whitepaper from which it was taken, I think the readers are savvy enough to know the actual author of the work. It certainly seems unlikely that a person who has never published a single article or other document would embark on something as complex as: “the Geopolitical Context of Piracy” for their first foray into writing.
Two years ago my wife, Dr. Heather Mark wrote a whitepaper on the Geopolitical Context of Piracy that has since been broken into its component sections and published verbatim as 4 different articles without any form of attribution to her. She was contacted by the organization that published the articles today to ask about her work and attribution. To assuage any concerns that it is indeed her sole work and not anybody else’s work here is a copy of the whitepaper. “Understanding Modern Piracy; Geopolitical and Regulatory Considerations”….the first section is titled: “Geopolitical Considerations”, the next section is titled: “Current Anti-Piracy Efforts”. Heather is a brilliant person and a tremendous righter writer (thanks to Heather’ brother Bill for pointing this out;). There are times that I certainly would like to “borrow” her work and claim it as my own. I would certainly appear smarter and more informed than I actually am. As professional writers (yup, we actually get paid to write;) it is disturbing when someone uses your work without attribution.
Kudos to the company for maintaining the integrity of its service and evaluating the content and writers.
Global Security, Privacy, & Risk Management 