Challenges abound when you look to create the sportscards for entities (the context is here). An entity's card is a listing of all the directly-associated, definable information we have data for. Trouble often is, we don't know what we don't know - perhaps you've ideas of what should include, but as more datasets are uncovered or created you may find other elements clearly defining an entity needing included. The point is remain flexible in creating the entity cards, but make certain you aren't mixing two entities in a single card.
If a picture is worth a thousand words, what does it look like when we consolidate a thousand logs? In many organisations, there are many disparate data sets acting as pieces of the organisation's puzzle. An excellent analogy to the approach - you may have an idea of the whole picture (it's on the box) but you don't really appreciate it until you start looking at the pieces. In this each dataset is an additional piece, by taking each piece, mining the relevant parts and how they relate to the whole picture, the organisation gains incremental understanding of not only the value held by the dataset, but where it fits in the greater picture.
Every major crisis faced today is like an oncoming avalanche - but started as a pebble-sized risk overlooked. How pebble risks grow exponentially over time and how to effectively assess/preempt/mitigate are keys for effective operational resilience.
Positive or negative, growth is constant provided effort, time and opportunity. Interpreting what/ how/ why for individuals/ groups/ functions requires a gardener's eye to flourish.
In both design and function, the A-10 is the ugliest aerial beauty to behold. Practical considerations manifest in the planning, it offers examples we can apply to our organisations' operational resilience/ continuity of business/ cyber security design and implementation. When failure is a given rather than an option, look no further.
We call on one another's accountability, often recognising the courage required to stand up for right despite challenges. Assuming a stakeholder or leader faces these alone miscasts notions of organisational dynamics and isolation. In some regards we are alone - understand it defies the definition of leadership.
Boards need to know how to prepare organisations for dealing with cyber crime by asking questions in "peace-time" which may help during a cyber incident - aka "war-time".
The distortions created by cyber incidents and the challenge of handling cyber incidents are amplified with the introduction of liability. However, the imposition of death - an irreversible and undesirable impact - shows we need to sort it.
This is the 52nd Tuesday post, closing in on a year of writing. Reflection is standard practice for such a marker, and the term is uncovery. Why this term? So many bits of life are mislabelled; attributed to discovery as something new (or at least new to us). We often look to explore the edges of the map, thinking newness is found in the fog on the horizon. Clausewitz was half right. We are often wrong.
Looking at the distinctions between Cyber Threat Intelligence (CTI) and cyber risk - both with similar elements with supportive properties, but often misunderstood. Offering definition to aid practitioners, auditors, regulators and boards.