Mornings With Mark

The "secret" to most success is being prepared. Taking a few minutes or hours to map out what you want to happen is far better than trying to figure it out when you're up against the clock. I see this happen time and time again with security teams around the world. They don't plan out their response to various scenarios and when the time comes, they scramble. That leads to poor outcomes and stressed out teams.

Before any big shifts there are always small signals that hint at what's coming. We're seeing more and more companies start to make a play for data. Whether it's as a broker, niche analysis, or in data aggregation. There is risk here if this rapidly growing area is left unchecked.

We build services and solutions using parts provided by other companies. That's the only way to move forward effectively. When a security or privacy breach happens, how do you handle those parts out of your direct control? Especially considering your customer may not have any idea they exist?

You know you have to master your tools but are you selecting or building the right tools? A lot of teams over or under engineer their tools. This results in either a failure to return the value invested or lost productivity. Are you hitting the sweet spot?

You can't really remove something from the internet. Not is the owner/operator really wants it out there. That's a huge advantage and challenge for the internet community. What are the impacts of that fact?

Cyberattack attribution is HARD. But time and time again, we're seeing attributions—who carried out the attack—made publicly with little to no evidence presented. Worse, these attributions are having real world impacts...

Knowing what the tools in your kit are capable of is critical to success. But can you actually use those features? Do you really understand the implications of the more advanced features of those tools? Sometimes simple is better...and in any case, you better master those tools!

Your product/solution/service has a goal and you've probably gotten good at articulating that goal...but is that message resonating with the audience you're in front of right now? Are you adequately customizing the message for each audience?

"Don't do work you don't have to." It's a solid rule and one that you can leverage more often than you think. There are opportunities to automate our work all around us, but do you have the skills to take advantage?

Working deeply on any one problem for too long narrows your perspective. That's just human nature. Are you taking steps to refresh that perspective? To empathize with teams around you?

Trust is a tricky thing. Dotto Tech posed a number of great questions about trust in business and online that got me thinking. Do you trust the technology you're using? How far? With what data? So many questions, here a few more to help you find some answers... Steve Dotto's original video: http://bit.ly/2qdc9p2

Nothing is built in isolation. Each technology builds on layers and layers of technology before it. But are those layers worth building on? Can they support the weight of new ideas? How do you account for issues in layers you don' t control? We're seeing the negative consequences more and more in the IIoT / OT world... Some additional references and background: https://markn.ca/2018/04/ot-paradox/

Decisions are hard enough that you don't want to have to revisit them constantly. But that's exactly what is required in the realm of cybersecurity. Do you have a system in place to review decisions? Are you recording the right information to update those decisions when the time comes? Most teams do not and it's taking it's toll...

User experience is often overlooked when it comes to security and privacy. This leads to some confusing, dangerous, and challenging situations that users are forced into. Why?!?

During a large incident response, bringing everyone together to a "war room" can be the difference in a speedy recovery, but there are downsides as well. The biggest? Fatigue & burnout. How do you monitor and handle that? The Guardian on Facebook's new war room: https://www.theguardian.com/technology/2018/oct/18/facebook-war-room-social-media-fake-news-politics

There is a ton of news and information on social networks. There's also a mountain of garbage. How do you sort through it all? Can you? Do we have the tools we need to make sense of the content we're presented with? A few steps in the right direction: Twitter UI changes: https://techcrunch.com/2018/10/17/twitter-makes-it-easier-to-see-enforcement-taken-on-reported-tweets/ Twitter data cache on removed accounts/tweets: https://www.bloomberg.com/news/articles/2018-10-17/twitter-posts-millions-of-tweets-linked-to-russia-iran-meddling Facebook updates: https://www.wsj.com/articles/facebook-tentatively-concludes-recent-hack-was-perpetrated-by-spammers-1539821869

Many questions come along with the federal legalization of cannabis in Canada. It's a massive example of trickle down risk as various controls around usage and methods of delivery are pushed into areas they weren't designed for. Are you doing the same thing with your IT deployments? Are you evaluating your risk graph?

Virtual events can be a great way to connect with your audience. They are not only less expensive to run but they are much easier to access for most people. So why are they rarely enjoyable despite having great content?

When you're trying to teach, pass along a message, or just generally reach anyone, the key is to understand how THEY want to consume information. That's a huge gap in most communications today, especially breach notification. Put yourself in the audience's shoes!

Facebook removes 800+ accounts this week, some with massive followings, for political content. The twist? They were US-based, not foreign. What does this mean for our use of social networks?