Tag: Security

Ketenregie en legerkorpsvakgrenzen

Tsja en dan denk je terug aan de afgelopen decennia waarin het maar niet lukte om in semi-(quasi-? sub-? nep-?) overheidsland ketenregie op poten te zetten. Nee, nee, nee, er ‘werkt’ misschien hier en daar iets, maar dat komt niet verder dan een operationeel niveau van geen-nucleair-conflict met op tactisch en strategisch niveau een totalitaire koude oorlog.
En ja, in de private sector (op zich al bedroevend, dat er een aparte term bestaat voor wat toch 90+% van de economie zou moeten beslaan maar niet verder komt dan een procent of 30, hóógstens) is er wel iets tot stand gebracht, maar dan met geweld en keiharde afstraffing door failliet bij minder-dan-maximale totale opoffering aan de klant.

Ah, de klant. Van de keten, aan het eind van het productieverhaal.

En oh, er zijn wel modellen. Degenen die nog een kans hebben inzicht te hebben (opgedaan), pakken namelijk hun VS 2-1351 erbij. En lezen vooraf nog even hun IK2-25 ;-] en dan hoofdstuk 8 uit voornoemde. Maar dat terzijde, want de essentie is dat het de lessen terugbrengt inzake de kwetsbaarheid voor aanvallen vanuit het Oosten die zich, van die zijde de intelligentie erkennende die zich zal richten op exploitatie van de zwakke plekken aan onze kant, zal richten op de legerkorpsvakgrenzen.
Omdat daar de coördinatie zwakker zal zijn over de vakgrenzen heen, en de ‘eigen’ suboptimalisatie binnen de vakken tot verminderde aandacht voor de grenzen leidt.

En … dat klinkt bekend ja. En inderdaad, daarin ligt het knelpunt bij regie en toezicht over de hele, van achter, te doen hebbende met een tegenstander (sic) over de hele, tegenover. Die zo is naar interpretatie van de eigen doelen, nog niet in staat is tot tactische nucleaire actie (via de politiek) maar wel de eigen belangen onvoldoende tegemoetgekomen ziet.
En dan? Dan dus de oplossingen uit de door de eeuwen heen ontwikkelde praktijk ter hand genomen. Inzake dwang van hogerhand tot maximale coördinatie tussen de keteneenheden en opoffering van de eigen borstklopperij ten faveure van de totale prestatie, op straffe van degradatie. Zou dat niet boeiend zijn; de holste vaten vanuit de leiding verplicht voor de rest van de carrière in het call center tewerkstellen ..?

Ach, als, áls nou eens de Mexican armies van bureaucraatjes aan de FLOT zouden worden gedumpt… Page en Popla zouden de omzet fors zien stijgen. En het bewust worden van de eigenlijke opdracht zou na catharsis en vervanging door Echte leiders tot zo veel betere overheidsprestaties leiden…

Dromen mag, toch ..? En:
DSCN7902
[Geschikt voor de ‘leidinggevenden’; Stockholm]

New series: Plusquotes

The ballast of your past that you schlepp along, may be what keeps you upright through the turmoil that the future is.

So, inspired by this here Expert, this here post is the first of a somewhat hopefully new series — with my own personal ramblings which I would dare to call motivational soundbites but you would consider to be as typically as this sentence to be my interpretation of brief, not necessarily positively motivational but that’s (yes I do use abbreviations to shorten the sentence even further) because that remains your interpretation but that’s not necessarily the right one being the one I intended.

Capice? And:
DSCN1147
[For even plainer sailing: Use ballast not just keel(s), and ships are safe in (Catherine’s Docks) harbor but that not what ships are for.]

Bunch of quote’lets

Just a short list of quotes (#2…), from someone after a life-long study:

“Institutions are the enemy of creativity.”

“So Codes are the mental limitations of short men, short of experience, short of imagination, short of courage, short of common sense. … Inevitably a bureaucrat is a short man, however long his legs may be. His is a mind only fit for a bureau. He is undersized in most respects. … Here is the fatal weakness of Democracy: the bureaucrat. The fatal weakness of Democracy does not lie in gangsterism or political chicanery [both more intertwined than visible on the surface in NL these days; ed.] or civil disobedience or anything like them. It lies in this dumb sheep-like submission to Authority, “the drinking of the vanity of office.”

One need not subscribe to all of the man’s ethics or morality, but have anything of non-temerity to see the truth.

Fittingly:
Photo20 (2)
[Again a tossing out of Codes…; Racine WI]

Bow the Stork Tie

When analyzing the Stork methodology for EU-wide federated eID- and authentication methods and technology, again one stumbles (rather, ‘ they’ do) over the bow tie of CIA, mostly C, controls. Too bad. Usually, ENISA(-involved) stuff is Great quality. Now, quite too much less so.
Which is too bad. To note, we already commented on the classical CIA rating (incl the bow tie fallacy) before. Now, the CIA seems to have something to bring to bear on CIA as well. Better study hard …!

Oh well …:
DSCN9668
[Weaving transparency and stability, Cala at Hoofddorp again]

Mobile vision

Twas bryllyg, and ye slythy toves / Did gyre and gymble in ye wabe
The brilly side has deteriorated, unfortunately, due to the great many that don’t avail themselves of the proper tools for the proper usage. [A CEO with you, is still a CEO]

No, really: when the ultrahyperventilating crowd decided to warp-speed run after the ‘any platform’ and subsequently ‘mobile first’ crazes (duly so identified), they forgot that when something’s meant to be visually interpreted, all the visual clues need to be clearly enough visible in the first place. Which goes better on a large screen than on a little one, unescapably. In the same way that the humongously dumbed-down ‘models’ that bankers and like w…kers use, are over by a stretch in their simplification of reality (and, stupidly, then taken as normative, prescriptive rather than descriptive in intent), visual interfacing for the mob-ile users are oversimplified to the uselessness side. Why??

Because [ I say so ] and [ hypes go that way ]. Lazy evaluation.
Which leads to: Not one size is too small to fit any, but all sizes are made fit for the content purpose. Maybe not even display when the deep message can’t be captured in too small a message display ..?

A bit deep, or dense, maybe. Hence:
000005 (2)
[Circus, b/c you need bread; Oak Park old analog pic]

Prediction16

Yawn. Or not. The following will get real serious in 2016. Like,

Well, for the list with everything and their dog:

  • Some Exits: Green Egg, ‘Cyber’everything, disruption/uberization, privacy, and, certainly and very much hopefully, “Like us on Facebook” … and very, very certainly hipsters let alone their ‘beards’ (quod non).
  • Entrat to replace the latter, hopefully, some actual non- or anti-bureaucratic frameworks of mind.
  • Also out, to be replaced by … [as yet unknown]: Vlogging or what have we, in socmed space, with 100k-1M+/++ followers as being he thing to aim for. As it becomes clearer and clearer in 2016 that only the 10M+/++ leaders (??) can make a dime from it, or barely a living. Who are the big winners, in all of this? User data / experience farmers?
  • Risk Management 3.0 will grow to be the Next Thing in managementspeak. If you’d need any proof, go read back the ton of posts on your perennial Truth site.
  • Also, we might get a last blip from SMAC(T) as a trend summary.
  • All of the points made by The (some) Man. Obviously. And some of this as well though this may all show to be overblown.
  • Still a wave of interest in Rise of the Robots. Combined with AI through and through, like in this. With support at an angle, from this.
  • A further blend of cloudsourcing and deperimetrisation putting your infra and all of your data naked and out there in the cold.
  • Oh almost forgot: A lot more on APTs, 3D printing (when will we finally get 4D printing …!?), MehhDrone stuff, blockchain, IoT, et al.
  • But we may hope, the latter two get much more innovative applications; one the one hand with simpler explications, on the other, truly innovating e.g., into the DAO realm.
  • Ah, DAOs; let’s first see more of this in 2016.
  • Offering a simple list copy from HBR:
    • Algorithmic personality detection: Yes
    • Bots: Yes
    • Glitches: Mwah; we indeed will see scores of them, ever bigger and more impactful (also b/c complexity explosions of the mixed e and physical worlds), but they’re somewhat of the mehhh category for the purpose of Here.
    • Backdoors: See APTs et al; much more of them yes but again, mehhh
    • Blockchain: As mentioned
    • Drone lanes: Hmmm, interesting…
    • Quantum Computing: Probably hung in there from previous (many) years’ lists; mine, too. May, might, but for the same token may not
    • Augmented knowledge: Definitely. Hopefully, in a good way. But maybe even hopefully, steered towards safe use, after a hopefully indicative but small-enough dystopian-style mishap ..?
  • CloudIAMming. IAM, renewed, for federated use in ‘the’ cloud. Yes, this will have a whole new lease of life, as a management field, and a consultancy field as well.
  • This just in: Forgot to mention VR as a thing in 2016. Definitely.
  • I may want to do an update halfway through the year…
  • Oh, and of course our motto for 2016: A CEO with you, is still a CEO.
    #gosubstitute[ _X, _Y | fool, a tool ]

After which there’s only:
DSCN7943
[Purposefully unsharp. Berlin, some years ago.]

Game season

Sooo… We have a new game console on the block. Let’s see whether the new boy will persist.
This, after:

But which may translate to a double jump, from classic TV via Netflix to this new blended thing where even much more than nowadays, categories (like ‘news’ or ‘nature documentary’) no longer apply. Where will the Authoritative (news) Sourcing community go, even when it may shrink and dwindle into little if any size or significance? Juvenalis’ bread and circuses the world will be.

Well, anyway, we’re storming towards that. And this:
DSC_0042
[Gloomy, waving your Freedom goodbye; still at NY]

One-sided mirror

Hopefully just in time for your last-minute (huh?) holiday season shopping: This masterpiece; excellent for edukaizjionel purposes and general divertissement, including Be-ing Warned…

Because, it spans so much of interest; from humble (?) ‘computer’ components all the way up till Topsight.
Read, learn and weep over humankind’s future.

Now then, for a short departure:
DSCN7994
[Unk Berlin]

IoThreat level rising

Oh the waxing and waning of the security (or not) that we understand and can see. In, traditional, actual security versus stupid’s attacks with AK-47s.
Oh the failure to see that the vulnerability surface grows much quicker, unseen, out of sight; and only partially, backlogging style, being managed somewhat. This surface expansion being in IoT, as the current implementations (in two ways, labelled such or not…!) are spreading much faster than the awareness, let alone proper implementation of, security is.

And oh yes, some are concerned. But their concerns appear to remain Boy Cried Wolfs compared to the clear and present dangers, that may be much smaller, qua chance and/or impact, than IoT risks. As in the physical, the class break aspect seems to be considered and covered reasonably well, by natural countering culture, the same may not be said about B/Society-CM planning for class breaks in the IoT sphere. Maybe already WWIII would be fought with sticks and stones (Einstein’ish).

Oh well. This post will not change the world. But still, be warned, and/or Be Prepared. And:
DSC_0158
[Maybe pray. For luck. Or salvation. Not your common altar piece; Noto]

Common meltdown

Ah, indeed a meltdown is approaching; maybe not even of the common kind of just something breaking down in ‘IT’ — the inverted s… hits the fan scenario — but a larger-scale one. Being the lack of budget / approval for IT staff to do continuous education of all sorts. [As in here, in Dutch.]
Which will inevitably lead to ever larger of the small- to midsize collapses mentioned, possibly one triggering the other till past the critical point where the chain reaction feedback loop switches from negative to positive.

By which time it will be too late, much too late, to hyperventilatingly engage in counteractions. Both against the root cause problems in IT, as in the edjucayzional category within those. Because, au fond, so many of IT’s ails were and are, increasingly, driven by lack of (continued) education. Causing problems in the user’s specs (at the highest levels) and subsequently, 2nd Law of thermodynamics, spawning all of the subsequent complexity developing into unmanageability, and error stacking that breeds like viruses.

Even more poignantly in InfoSec corners. You know, the outposts of IT — yes, yes, I know that the I is of so much greater import than the T but get real, instead of 20% InfoSec is 85-95% T still, these days ..! — where the real commandos and fancy-dancy ‘Delta teams’/SEALs operate.

Can we all please get our act together ..? If we don’t turn this supertanker around quickly, we don’t even need to bother about global warming because we’ll have no industrialised world to worry about…

Après nous la deluge …
DSC_0196
[Mosquito hunt; Edinburg]

Maverisk / Étoiles du Nord