We already have moved to an understanding of crisis being part of our BAU, much like the tide it ebbs and flows with regularity. Constant crisis creates new tolerance thresholds whilst shifting perception away from incidents being of note or cause for alarm. No sirens are sounded, as the chorus would be indistinguishable.
On Task Force Bounds
Reading the recent report from the Ransomware Task Force reminds us of the advantages and limitations task forces offer. In any cresting malicious cyber trend, the tide go out when the monetary spends exceed gains. Bounds imposed on task forces create challenges for lasting change.
Securing Third-Party App Risk and Controls
One of the most recognised risks is third party/ app supplier risks, as they provision the tools used to create your business' client services. Here is how to create a simple path, limiting disruption from a cyber event.
Separating Actors and Actions in CTI
Using traditional intelligence models in private sector often doesn't account for the difference in audience and scope of responses available. By separating the focus between actors and actions, CTI practitioners can focus on delivering actionable intel to decision-makers thus also building the case for cyber as a value generating component of the P&L.
Resetting VCAT
If we focus on how to get the best out of the team without focusing on the team, we look at process and results without looking at team dynamics. The difference between liking what you do logically, and loving what you do on a deeper emotional level is rooted in the team having good dynamics and feeling like they are part of a purposeful whole. Resetting VCAT is a way we build and re-build the team.
Pearl Steps
It's said you can't step into the same river twice, and oysters create layers of beauty encapsulating threat. Lessons from both in the growth of individuals and organisations.
What is Intel?
Evaluations such as risk are partially built on external threat assessments, regarded as intelligence. Understanding what intel is, what it can do, and what it cannot is foundational to recognise the spectrum of offerings. The following synopsis of intel from a cyber perspective starts a whole new line of inquiry.
Building Remote Esprit de Corps
Creating and maintaining a team in remote environment is challenging. Finding leaders who can adapt to circumstances we've had over the last year to effectively build disparate teams and missions, even more so. In establishing mutual trust to work as teams, we must find remote camaraderie - helping people belong when there is no meeting space.
And I think to myself…
Louie Armstrong references aside, this post is a bit of a departure from the others. There is no BLUF, OpRes, or cyber. Instead it illustrates the world from a stoic (Marcus Aurelius/ Epictetus/ Seneca) philosophical standpoint. Your world.
Phishing the Blind
Bad actors' use of phishing in many forms to gain access is common. Phishing used against people with vision-related disabilities using assistive technology requires further conversations and considerations.
