Information Risk Management – Page 87 – Maverisk / Étoiles du Nord

The State of Crowdsourcing

[Kopenhagen. Denmark]

It has been a while since Wikinomics et al. brought the idea of Crowdsourcing to the fore.
Where are we now, with that ..? Would anyone have good pointers as to the current state of affairs with the handful

of initially successful crowdsourcing ideas, sites, etc..?

My guess is that in the end, crowdsourcing times global reach equals a market for lemons. How to fix that ..?

With market rules, but how to keep those neat and tidy, and above all principle-based, and still enforce compliance

..?
The latter part is maybe the most difficult part. The hordes will overrun any (necessarily human-monitored)

decent-behaviour rules slash subscription/abuse system.

With no rules, accepting the race to the bottom, in quality but in price, in return, too.

With club memberships. Maybe. These will go up and down the effectiveness scale. And may arrive at some Pareto

optimum that’s just no use – no use for elicitating the strengths of crowdsourcing as a problem resolution

mechanism.

Where would moderation be

..?

Anticipating nothingness

[Your guess.]

Just read a post on Anticipatory Computing. Like it, though maybe not a full Belieber:
For one thing, the picture contains the limitations of the idea: It has this block Understanding the World, and within that Understanding the Human.

But let’s not get ahead of ourselves. The idea presented, on the surface looks rather appealing. And scary at the same time. If a System around you would implement Ambient Intelligence, it certainly should include Anticipatory Computing. As noted in a post below, Data crunching or even Information or Knowledge, is a basis for Intelligence but no more than that… And notice the underpinning ‘Predictive Analysis’ idea.

But it’s scary, too, for its Privacy implications. Think Minority Report. Even the complacents may not want to live such a life.
Moreover, who will control the System ..? There is no safeguard that it won’t get abused; it will as even any democracy will succumb to totalitairan control. [Famous who was it that said this?] Or will not any human be in control anymore (no need) but will (s)he fall to the ÜberSystem as well? Singularity.

And don’t now complain that Anticipatory Computing will not go so far. Any development will go as far as it can, and further, with scope creep at a societal scale always winning out over moral counterforces.
Let’s just be happy that its fundamental flaws have already been built in. Apart from the practical aspects (some here); but we shouldn’t overstimate these, these days: A model of the World – Universe ..? As that determines 😉 the quantum collapse of probability functions that ‘determine’ us Humans since Understanding the Human requires encapsulation of all its erratic neuron firing – would have to include the model itself as well, leading to infinite recursion, silicon-based life’s idea of infinity.

Nevertheless, let’s see how things develop, shall we ..?

New InfoSec (OSSTMM)

[Eye aye, captain!]

Hey look, interesting new way(s) to do effective information security…:
An intro in Dutch
And the ‘source code’ in English

Now, let’s combine this with Rebooting CIA, and we’re getting somewhere …

[Edited 2013-12-13: a link (in Dutch) maybe relevant to the CIA remark.]

Shaping up Non-BYOD

[Honeymoon]

To investigate; an idea: Now that the BYOD phenomenon has taken the pressure off of IT departments’ provision of equipment (and software), how can we use the time and budget that has become available, to shape up the Asset / Configuration / Inventory Management regarding the iron that we still have, keep, and service ..?

Out of a desire to maybe see those systems management areas for once be complete and current… Even if only for the efficiency of subsequent maintenance, and the beauty to see insight finally bringing better understanding and razorsharp management.

But it won’t be an easy walk. Because of the backlog… Because of the amount of work, redecorating the shop while it’s still open for business, and while all sorts of other demands are placed on staff; demands that are more urgent, more important, and more interesting ntellectually.

And because so much … user interaction oh the horror, is required. To establish the total landscape of all systems, from the meanest hardware cable and plug, all the way up through the infrastructure, systems software, middleware, applications, parameters, et.etc. up to what the end user would understand to be their ‘system’. And back again, checking the rationale of every tiny part, and every chunk in between and at the top. Indeed, much may be found, that wasn’t suposed to be there, that is, without anyone knowing why, but still working, without anyone knowing why. Or how. Or where…

So far, so good. But now, the shop is still open and all end users want the latest (app!) toys to be connected to just all enterprise ‘systems’ in ways that nobody would know a rationale for but hey, we must quod non give it a try!
Yes, the old demands are still there, reenlivened, with seriously stepped up requirements in terms of timeliness and speed, versatility, and quality. High time to make it happen; high time to start with the basics ..!

Rebooting the CIA

[Nope]

The CIA of information security doesn’t cut it anymore. We have relied on Confidentiality-Integrity-Availability for so long, that even ‘managers’ in the most stale of government departments now by and large know of the concepts. Which may tell you that very probably already by that fact, the system of thought has been calcified into ineffectiveness.
At least we should reconsider where we are, and where we’d want to go.

Lets tackle Confidentiality first. And maybe foremost. Because it’s here that we see the most clear reflection of our deepened understanding of the value merits of information not being in line with the treatment(s) that the information (data!) gets. Which is a cumbersome way to formulate that the value estimation on data, and the control over that data, is a mess.
Add in the lack of suitable (!) tools. User/Group/World, for the few among you who would still know what that was about, is clearly too simple (already by being too one-dimensional), but any mesh of access as can (sic) be implemented today, makes a mess of access rights. Access blocks? Access based on (legitimate, how to verify) value (s), points in time, intended and actually enabled use, non-loss copyability, etc.?
But what is the solution ..? Continue reading “Rebooting the CIA”

Update on 2014

[From Riga, for you]

For a real update on my Prediction for 2014 (see below some post, and the original post), I homage Ross Dawson for a much better long-term rationale.

Data doesn’t Know

[Unseen Rotjeknor]

In the stories on Big Data et al. (predictive analysis, … , you name it), I often see a big confusion about terms. Some even mix up data and information, or only pay lip service to the fundamental difference..!

Oh yes, many come up with the Information Pyramid; in a most basic picture I took from wipo.int:

* sometimes, Knowledge is bracketed between Data and Information; more on that below.

But there’s something fishy with the way the picture is being used, commonly.
For one thing, any action that produces meta data (i.e., just plain flat derivative data !!) is considered to be ‘enrichment’ onto Information. But that’s wrong! All the aggregation, the averaging, the abstraction that you do, only delivers other data, with the (near-mathematical) translation functions still intact – although also, information gets lost..! Yes, the details count, and have their own ‘information’; a full description of all data points in a set would require at least all the data points themselves, or miss something when they’re described, circumscribed otherwise.
The problem is; no-one really knows how to get from Data to Information as we intuitively (heh) understand it. Information seems to be detached, or separated from Data by a chasm that we do not know how to cross, probably because our understanding of what Information is, and our definitions, are so weak.
Oh, and putting a layer of Knowledge in between Data and Information, doesn’t help anything, either. Even worsens the problem. As it is above, it doesn’t say much either. And instead of Knowledge, above one could also fill in Understanding, or Insight (which would come closer to but remain separated from Wisdom). And above the peak, is there Nirvana? Smells like blog spirit.

So, all the efforts of NLIQ and MITIQ may be fine, as for data analysis to try to achieve predictive analysis (nice pun, the contradictio in those terms!), but as long as Data and Information are used arbitrarily (see the list of publications and the actual articles contents …), one will remain stuck in data analysis and not reach the next level of Information. Or Knowledge, let alone Understanding, Insight or even Wisdom.

But I keep running in circles. Yes, I know, and I also know that in order to advance, we’ll need to get a grip on two things:
1. Definitions, in the traditional sense or by way of aspect/category/label/hermeneutic quality descriptions, of all the levels we may distinguish;
2. Definitions, in both ways, too, of the transitions and transition methods, tools, etc., we may construct theoretically and practically.

I’ll do some work on this, but your help is appreciated..!

Fuzzy risk language

[Antwerp. Seriously.]

In some previous post, I posited that we should move from quantitative (quod non) to qualitative or even intuitive risk management.
And how that may be difficult. ‘cause it is.
As an intermediary step, I propose to build a better language with which to communicate, discuss and calculate (sic) with qualitative risk management.

Because I see a place for a combination of fuzzy logic and wavelet theory, including neural network signal combination functions.
As my time is limited, this time of year, would anyone have pointers to what’s already out there in papers, practical applications, etc..? That could kickstart the discussion. And I’ll return with more, better, more extensive, more thought out stuff on the subject later.

Bit coin: Money bytes sovereignty

[Berlin again, tucked away, much underrated]

Bitcoin’s hopping up and down in ‘real’ currency terms and everyone is happy to declare it all a pyramid game.
It is, but so is any other currency issued on the promise of maybe some future repayment in … the same or another currency. The underlying value of any currency depends on the future income stream of the issuing entity, or intermediate trade for … other currencies, services, or goods. Exactly like Bitcoin.

Except, of course, that ‘normal’ currencies are issued by governments, geography-based entities from the past when geography mattered.
But does it, still, today, much ..? And will it in the near future? Aren’t we already in a blended world, a blended society, where for the lower layers of Maslow’s pyramid we’re still physical entities and hence geography-dependent (safety, water, food, shelter, etc.) but for the higher layers (group belonging, recognition, self-actualisation) we don’t care from where it comes ..? Once our (developed) world develops further, with so much more automated, silicon- rather than carbon-based, intelligence and sentience becoming available, will the importance of the lower layers not diminish ..?
Up to a point, I know, we can’t ‘shed’ the lower layers. Though the Singularity could, almost, and could at least do without us…

But that’s not the point. the point is that if the sovereignty of nations, understood here in the narrow sense to regard the right and possibility to create and issue money at will, backed by a grossly overestimated guarantee (would you dare to guess how often governments have declared insolvent, in the past few centuries alone ..? On the principle, they all were and are equals…), is lost because others can have the same sovereignty and other sovereignties previously reserved for nation-states, why would we still regard nation-states as the highest entities ..?
[You will now point out that some nations of nation/states spring up, e.g., USofA (sic), EU, UN; right, but their structure is just an amalgamated mesh of more of the same]

And, why would we regard what we previously had, as currency, while not understanding Bitcoin and the many others around (see this and that, possibly incomplete), as such, too ..? Or would we need a ‘real’ economy to underpin a currency; where would you draw the line, then..? What would be the link between a currency and its ‘underlying’ economy, what would be the boundaries of the economy, what definition of sovereign debt would we include or not (there’s many definitions; e.g., would we include guarantees?), how would we establish a ‘value’ in what other ‘currency’..? Gold has been dethroned, remember?

So, we need to study harder, and all of us need to understand more, about the nature of money altogether and only then take a look at digital currencies and their merits (or non-). Would anyone have pointers to good in-depth on-line courses or so ..?

The Compliabullies

[Berlin at dusk]

Just a thought: Would investigation and analysis show that the kids that were bullied in prep school and / or (separate hypotheses…) high school, in later life be the ones that end up in Compliance and Risk Management (not being management of risks…!) departments, to take eternal revenge on those that bullied them..?
Because the latter will not have noticed too much the damage they did (they were kids back then) and have merrily gone their own way as they were allowed to be prepped to do. Now, they find themselves being caught in a web by the ones that have frustration embedded deep in their brains at the lower levels that (truly) developed early on, the ones that want to get even by tossing around and beating the innocent puppets into ill-understood compliance with stupid rules.
The bullying instigators, of course, the ones that were behind the scenes, are the big stingers that happily fly straight through the web that catches only the little bugs.

If so, will there be a fix, so much needed, to the totalitarian bureaucracy explosion of the last decade or will the ossification have to go even further before the current economic structures collapse under the weight of their overhead and inproductivity ..?
Sometimes I’m optimistic that the cycle has already reached its peak (see some earlier posts). Sometimes I’m not, and would appreciate your ideas…