Duncan Hart

“We are presented not only with fragmented news but news without context, without consequences, without value, and therefore without essential seriousness; that is to say, news as pure entertainment.”

kk.org/cooltools…

The potential for #cybersecurity spending is limitless.

There’s literally no end to the time, effort and money you could spend on adding more checks and controls to make things more ‘secure’ ad infinitum.

The result is extreme cybersecurity ideologies, ‘secure everything just in case’.

And if you’re responsible, and accountable, for running a cybersecurity programme there are no incentives to not keep demanding for more.

Because if you’re a security extremist, and you still get hacked, at least you can say you did everything in your power to make things more ‘secure’.

It takes real guts and courage to be a cybersecurity non-extremist and advocate for an informed risk approach.

Aeschylus in Perrhaibides: ‘Where are my many promised gifts and spoils of war? Where are my gold and silver cups?’

“Blood grows hot, and blood is spilled. Thought is forced from old channels into confusion. Deception breeds and thrives. Confidence dies, and universal suspicion reigns. Each man feels an impulse to kill his neighbor, lest he be first killed by him. Revenge and retaliation follow. And all this … may be among honest men only. But this is not all. Every foul bird comes abroad, and every dirty reptile rises up. These add crime to confusion.”

— Abraham Lincoln, letter to the Missouri abolitionist Charles D. Drake, 1863

“The purpose of government is to enable the people of a nation to live in safety and happiness. Government exists for the interests of the governed, not for the governors.” - Thomas Jefferson

“I doubt if more than one campaign in a hundred contains a big idea. I am supposed to be one of the more fertile inventors of big ideas, but in my long career as a copywriter I have not had more than 20, if that. Big ideas come from the unconscious. This is true in art, in science and in advertising. But your unconscious has to be well informed, or your idea will be irrelevant. Stuff your conscious mind with information, then unhook your rational thought process. You can help this process by going for a long walk, or taking a hot bath, or drinking half a pint of claret. Suddenly, if the telephone line from your unconscious is open, a big idea wells up within you.”

— David Ogilvy

“A work of art is the unique result of a unique temperament. Its beauty comes from the fact that the author is what he is. It has nothing to do with the fact that other people want what they want. Indeed, the moment that an artist takes notice of what other people want, and tries to supply the demand, he ceases to be an artist, and becomes a dull or an amusing craftsman, an honest or a dishonest tradesman. He has no further claim to be considered as an artist.”

​— Oscar Wilde​​

‘May Day’ (1935) by L.S. Lowry. #art #dailylowry

‘Lady crossing a bridge’ (1961) by L.S. Lowry. #art #dailylowry

‘Home from the pub’ (1944) by L.S. Lowry. #art #dailylowry

My first attempt at goat curry was pretty damn good if I say so myself.

Blood is thicker than water. And ego is thicker than blood. When a decision becomes part of who you are because you’ve emotionally invested in it, that’s a self-made prison in the making. It’s already becoming too hard to respond to new information by raising a hand, shrugging a shoulder and saying to yourself, “hmm, I didn’t do that very well, did I?”, or “what was I even thinking?”, or “you daft idiot, will you ever learn?”, or “I’m sorry, I was wrong”. And if in saying that while resisting any kind of justification, there’s not at least a glimmer of discomfort, it’s become trite and insincere. Lying to yourself or blaming others is much easier.

“The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane.” Marcus Aurelius (121-180 AD)

Companies must respond urgently, but also seek to reduce risk smartly, in a world of limited resources. And quite rightly the question of “what is to be done?” is being asked by the executive and Board.

The biggest problem is not spending more money and deploying more controls but rather deciding how to spend the limited time and resources.

The true task of the cybersecurity leader is to pick what to do based on an informed sense of which tasks lead to a better future. There will always be too much to do. There will always be a top-down demand for perfection.

The alternative is to try and ‘secure everything just in case.’ The result is rampant spending on additional controls and oversight that then demands even more resourcing and with no clear end in sight.

This unsustainable growth of cybersecurity creates a paralysing implementation gridlock. the few teams, often technical and already highly utilised are further put upon with implementing the new controls and become overloaded with too many competing demands. This is simply unsustainable.

I’ve been recently thinking a lot about civility. Basic politeness and exercising good manners is essential. But I think civility, real civility, goes deeper. It means to choose our words carefully and thoughtfully in non-hurtful ways. It means to be respectful of how another person sees the world even when we heartily disagree and to maintain a sense of humility because we can often be wrong.

This should be posted every year on this day. #tankman #tiananmensquare #china #tiananmen1989

To horribly paraphrase Albert Einstein: “How you solve a problem is about how you frame it”.

Quite possibly the best ‘security’ rant I’ve seen:

“Of the innumerable things I detest about information technology, first prize goes to the word “security.” Not the concepts behind it, the actual word. The definition of “security” wobbles drunkenly all about the dictionary depending on who’s speaking, who’s listening, the context, and the distance to the nearest brute squad. It’s a transcendental state where everyone is perfectly safe from everyone, but it’s not inconvenient or intimidating or incomprehensible in the slightest. Security is Happy Fun Land, where everybody eats hot fudge sundaes all day every day without developing diabetes or gaining so much as a gram. The only way to make this word even slightly meaningful is to tightly define the context.”

Michael Lucas I salute you 🖖

Cool morning.

The Day of the Triffids.

When you’re moving fast and there’s a lot at stake how well a system works is only half the story. The other half is how badly it fails.

“Trust arrives on a tortoise and leaves on a horse.” (Dutch Proverb)

Pink & purple.

‘Head of a man’ (1938) by L.S. Lowry. #art #dailylowry

Or if you’re part of contemporary society then opting out is hardly an option.

It seems impossible to live our contemporary lives without having a dependence on the Internet. All aspects of how we now live have a digital element either directly or indirectly. What I mean is that services we rely upon rely upon the Internet, a kind of virtual network of reliance and dependence. Our daily lives, whether you like it or not, are dependent on the smooth operation of electricity, networks, computers, good clocks and industrial cyber-physical controls. Very few of us can truly opt ourselves out of those things, our dependence, especially our expectation of stable, reliable operation, brings us risk.

#cybersecurity #risk #reliance #dependence