12 October 2024

Resilient Future: Curious Observation...

On this vibrant and chilly Fall day, facing West towards the mountains, as the sun rises behind us a few bright star-like lights shine for just a few minutes.

These reflections are from the bright morning sun shining off home windows near Evergreen Meadows some 40 miles away, yet just perfectly in our vision, starts our day ahead.

The tree leaves are actively changing colors and signals to us to now begin to prepare for the changing environment ahead.

In other work or government assignments, perhaps you and your project team have been measuring your environment. Have you been checking your “Threat Management App” this moment for the detection of more serious anomalies this minute.

Being actively observant in nature and your own organizational environment could be the real difference between loss or growth. In your life, you must “Always Be Ready”.

Your ability to continuously increase your resilience to changing temperatures in nature and also the change in temperament of your organizations beneficiaries, will make a significant difference.

As you think about your role, your position and the current project you are now assigned to, the question remains: Who are you serving?

There is change in the wind and you must prepare now, you shall be proactive in your thinking over the horizon, so that you also can anticipate the future outcomes.

How might you spend more time in curious dialogue with your respective beneficiaries to better understand their point of view, their particular requirements and their current temperament?

The problem-set before you requires valuable time, brain power and resources to determine the validity of your current hypothesis.

In the path forward, most researchers, analysts and scientists would probably say that if you have not changed your hypothesis, then you have not used enough data or time to ascertain the true reality of the problem at this point in time.

How might you analyze more data from various sources faster with little error so that you arrive at a valid “Trust Decision”?

Being proactive is not being forceful. Being proactive is being curious. It is a mission of discovery and building wisdom.

Your future actions are a factor of your problem-set and the ability to accurately solve it with a solution defined by your curious observation.

There is change in the wind before us and we must “Always Be Ready”…

28 September 2024

Pain or Joy: Change Management 101...

Habits are hard to change.  It takes discipline and continuous perseverance.


When was the last time you changed something that increased your revenue?  Your health.  Or your safety and security.


Change and managing change whether in the corporate ranks of your Fortune 500 Global Enterprise or back in your own personal life at home is a true challenge.


Before you even thought about what you needed to change in your business or your own life, you probably have encountered one of two experiences:

    • Pain
    • Joy

Which one of these two experiences have you recently encountered?


You see, our human behavior is quite predictable and it is usually one of these two motivators in life that will change your behavior.


Educating yourself and others you care about requires that you sometimes utilize one of these motivators in order to initiate new change.  Let’s begin with “Pain”.


These realities are exactly what the evil in our world today continues to prey on.  Those individuals who are unable or unwilling to change, and to manage change in their lives.


“It is really very simple. In the foreseeable future, we will not function as a global society without the Net and the immense digital resources and information assets of our society. The addiction is established—commerce, government, education, and our neighbors offer no option other than to require that we rely upon digital information in making decisions. But we will not function successfully if the war for control of those assets is lost. The battlefield, however, is the one on which trust is to be gained or lost—trust in the information we use, trust in the infrastructures that support us, and trust in the decisions we make in a digital world.”  Page 19 - Achieving Digital Trust | The New Rules For Business At The Speed Of Light  - Author Jeffrey Ritter


In your own digital life, these habits may be as simple as using the same password on multiple accounts that each of us rely on, each day or each week of our lives.  You know who you are.


As the continued use of “Ransomware” remains so pervasive across the globe and is utilized by so many criminal gangs and nation states, each one of us must consider our personal and business habits.


At home and at work.


It is now time to change.  It is time to change your digital habits so you may avoid the pain and continue to have even more joy in your life.


Take action.


Start a new habit now of changing the weak password on your bank accounts.  Make it 20 characters, and make it random.  Easily addressed when you "Use a Password Manager App".  Then set a reminder to change it on January 1, April 1, July 1, and October 1 of each year.


“Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets.


The threat actor first emerged in 2021 as a ransomware affiliate for the Sabbath ransomware operation. Later they started to deploy file-encrypting malware from Hive, BlackCat, LockBit, and Hunters International gangs. Recently, they have been observed to deploy the Embargo ransomware.


Storm-0501's recent attacks targeted hospitals, government, manufacturing, and transportation organizations, and law enforcement agencies in the United States.” BleepingComputer


After you have successfully accomplished this simple task in your business and in your own personal life, remember:


The “Pain” of doing this simple “Change Management” step in your life, will help bring you continued “Joy” for so many years to come…:)


Godspeed!

21 September 2024

RENS: Growing Your Enterprise...

 There he was, in the early morning light, prancing along outside the fence line just seventy-five feet away.

The young “Buck Deer” with his adolescent antlers stopped and glanced over at the house, just to acknowledge that he saw us sitting on the deck.

As Fall arrives and kids are back in school, it seems as if the pace of work and the demands on peoples time starts to take its toll. Be aware.

Years ago, as some wise people developed the systems and programs around the acronym RENS, they knew from years of experience on the front lines of true battle why it was so vital to success:

  • Recruiting
  • Education
  • Networking
  • Sharing Information

This is the high level context for what your daily activities shall be focused on each day, of each week of each month this year.

"How might you design your program, your systems, your time allocations towards these four key components of your enterprise?"

The original designers knew that each organization is unique and therefore, provided an acronym to keep you on track. Easy to remember, harder to implement effectively on a consistent basis.

If you advertise as one example, for a particular event and you ask people to RSVP, how do you respond after they fill out your form, full of personal contact details?

If they actually attend the event and take the time to see and hear all about your X or Y, how do you respond after they leave and think about what they heard and experienced at your event?

Do you follow-up or do nothing?

At a recent weekly event the guest speaker and very wise man broke down the Recruiting part of RENS to further to three simple steps:

  • Belong
  • Believe
  • Behave

First, if you haven’t created an event where people immediately feel like they belong there, that you too believe in many of the same things they do, you will have a rough time ever getting to the last “B”.

How might you get other people to behave in a certain way?

The tough part about RENS is, that if you are not executing 100% on the effectiveness of your “Recruiting”, how will you ever get the opportunity to Educate, Network and then Share truly vital Information?

Perhaps even more difficult, how will you ever get good people to join your "Just Cause"?

As the “Young Buck” glanced back at us one more time as he went around the tall Spruce tree, we smiled and waved…

31 August 2024

Critical Infrastructure: OSINT to the Rescue...

Over the past decade our U.S. Critical Infrastructure has become even more vulnerable.

Why?

In the early days of the commercial Internet 2000-2001, there were several dozen of us working in a Rosslyn building on Wilson Boulevard in Arlington, Virginia to answer our growing Fortune 500 and government clients questions of “Who”, “What”, “Where and “How”.

We already knew the answer to “Why”.

The 24/7 Internet crawler algorithms our techies engineered were doing their intended tasks and retrieving Terabytes of data on a 24/7 basis for our further human analysis.

All of this was well on its way before the more sophisticated use cases of the Internet for the implementation of the Banking infrastructure, Retail transactions and Telecommunications were in place.

The systems and infrastructure we now call “Critical”, was just in its early stages of iP maturity.

Remember, the iPhone was not invented until around 2007!

Afterwards and yet even more vital to this day, you might think about your own organizations “Operational Risk Management” (ORM) objectives and tasks into three key categories:

  • Human
  • Physical
  • Cyber

Over the course of your companies legal, compliance and security organizations conducting regular “Threat and Hazard Identification and Risk Assessment” (THIRA) activities and rules, the reality begins to set in.

The Board of Directors are still asking, "How can we as people address the exponential growth, change and remediation without more automation, software and systems?"

"This is when new companies were born to build the software to help humans keep a better eye on the risk management of our growing Critical Infrastructure."

As new software companies were born to address THIRA applications, some people began to feel like it all had NOT been solved.

Asymmetric Warfare today, not only includes our “Nation States” across the globe, but also Black hat “Hacktivist” organizations and individual people. In every country with the Internet.

Evidence of these individuals and groups growing existence are still the “Why” for your own organizations THIRA activities.

This also includes the “Why” for our US Homeland Security organizations such as CISA and others in the National Intelligence and Law Enforcement arenas.

Perhaps even more vital, are the private organizations who are still in the business today of “Open Source Intelligence” (OSINT) since the dawn of the Internet…

17 August 2024

Remember: Imagine Our Resilient Future...

Where were you on the morning of September 11, 2001?

In the middle of our mutual “Information Security” and data privacy dialogue over breakfast on the ground floor restaurant of the Reston Hyatt, we both suddenly over heard the peoples commotion and muddled cries.

In the adjacent bar area others were watching the morning television news and were witnessing the continuous replay of an airliner crashing itself into one of the New York City World Trade Center Twin Towers.

We jumped up to walk around the corner into the room and saw the growing shock on peoples faces, as they hurried out the door to pick up or go check on their loved ones.

Then we saw the 2nd plane hit.

Walking back into pay our bill a few minutes later, both of us looked at each other and realized what this meant. Or did we?

Like some other days across your life, this particular morning in America was full of confusion, emotion, tears and fears.

Soon thereafter, driving away from the Reston Town Center near Dulles (IAD), in the distance to the East as the morning sun was rising, you could now see the billowing black smoke rising from the Pentagon burning.

Over the next decade, much of our thinking on our true vulnerabilities as a nation would come before us to solve.

Before 9/11, there were few aviation engineers thinking about reinforced and secure cockpit doors on commercial airliners.

The evolution of “Homeland Security” over the next decade included new buildings and technologies up and down Chain Bridge Road in Northern Virginia.

Predictive Intelligence and Color-Coded warning levels was now focused more on peoples thinking and behavior, not just about flying objects over a country boarder.

Asymmetric Warfare would become a National focus.

Certain kinds of fertilizers such as "Ammonium Nitrate" would soon be taken off the shelf of local gardening centers and wholesalers in our farming communities and locked up.

Information Technology was now to become a force multiplier. Business Continuity Planning (BCP) was now a mandate. What if?

Operational Risk Management (ORM) was the new normal.

After 9/11, there were new travel innovations like TSA PreCheck. Where even to this day, only one photo ID is required to apply in pre-enrollment, as they take your fingerprints and your photo to match up with vast government databases.

In using another ID travel service years before, CLEAR, even a retina scan was taken in order to back up fingerprinting and two photo IDs.

As we approach our next 9/11 ceremonies around the United States this September 2024, take a few minutes yourself to “Never Forget”.

Acknowledge the vital missions of all those serving who are in uniforms, all those in semi-formal suits, ties and dresses sitting around the conference table and the tireless shifts of analysts and tech people behind the screens who are on continuous watch.

24x7.

Now just 23 years after that historic morning in New York, NY, Arlington, VA and Shanksville, PA, we shall all continue our next year of Citizen Vigilance, our National Resilience and our continuous Freedom as true Americans.

And on this Wednesday September 11, 2024, sitting outside on your own back deck or patio watching another sun set or the moon rise, think about how you too will achieve a more resilient journey into the Future…with those you love.

Godspeed!

11 August 2024

Volatility: Enemy #1...

Organizations implement Operational Risk solutions to lower "volatility" in earnings growth and return on capital. The focus on volatility is because no institution likes to see peaks and valleys in their earnings or their return on capital. A steady and consistent growth curve without "Volatility" is the goal by many steadfast organizations.

Contrary to the goal of minimized "volatility" there are also those who feed off of the chaos and the large swings between these highs and lows in the marketplace and with specific companies in vital sectors of the financial economy. Will a Blueprint for Regulatory Reform be the answer?

As a hedge fund investor, can you explain what the strategy is for your investment fund? Do you know what your money is being invested in? Does your hedge fund manager provide transparency on calculating your return on funds invested? What was the reason you invested in alternative investments to begin with?

Carrying this analogy to the operational processes within your organization, the goal is to keep the processes running smoothly. When people or systems deviate from the agreed upon "Rule Sets" then change ensues along with the volatility of the performance measures.

Errors, Omissions and systemic "glitches" are the catalysts to volatility that creates fear, uncertainty and doubt. Do you understand the Math? When the process gets to this stage and people don't trust the rules anymore, you are on the brink of a failure and impending loss, in dollars or peoples lives.

Operational Risk Management is a discipline that is emerging in corporate ranks because it has already proven that it saves lives. The regulators and inspector generals are going to demand it.

The "Rule Sets" of playing business in the financial, health care and energy sectors are not the only ones being subjected to this increased scrutiny and renewed focus on OPS Risk.

Lessons learned are being discussed in the ranks of the U.S. Treasury Department and the Department of Defense all relating to the failure of people, processes, systems and or external events.

Whether you utilize Operational Risk Management (ORM) in the Defense Industrial Base or in the Financial Services sector it's important to revisit what it is NOT:

Operational Risk is Not:

  • About avoiding risk
  • A safety only program
  • Limited to complex-high risk evolutions
  • A program -- but a process
  • Only for on-duty
  • Just for your boss
  • Just a planning tool
  • Automatic
  • Static
  • Difficult
  • Someone else’s job
  • A well kept secret
  • A fail-safe process
  • A bunch of checklists 
  • Just a bullet in a briefing guide
  • “TQL”
  • Going away

The goal of Risk Management is not to eliminate risk, but to manage risk so the mission can be accomplished with minimum impact. We manage risk to operate, not avoid risk as a means to prevent loss.

Operational Risk is all around us and now ready for prime time focus in terms of strategy execution, implementation and measurement...

04 August 2024

Always Be Ready: Follow Your Heart...

Waking up to a glorious sunrise in any new town across the USA is inspiring. Today is another one of those days.

The long journey you have been on all these years is full of hardship, yet full of faith.

“Never Forget” the Americans and true professionals that have endured our asymmetric threats and continuous vulnerabilities.

People, Processes, Systems or External events. We must continuously and “Always Be Ready”…

After all of these years of hard work, to many hours standing or waiting in airports and now seeing the finish line, or the minutes winding down on scoreboard clock.

Even just the smile this morning from a cherished loved one after hours of research and keyboard time, you know why.

Before you were old enough, the reasons for the early mornings or the significant travel did not seem worth it.

The journey was constantly in question. The competition too challenging.

"Yet in our America, most anything is possible. With hard work and dedication. With the right colleagues, coaches, mentors and instructors you too are well on your way."

You are here for a reason and all the years, days, hours and minutes devoted to your own particular journey are soon to be known.

Maybe it is that smile when she wakes up and sees you. Maybe it is that laugh when he is watching “Paw Patrol”.

Or maybe it is walking hand-in-hand with your wife or husband on another early morning in your new neighborhood, or somewhere else in the United States of America.

On this Sunday in America, say another silent prayer looking at our flag waving in the wind, while the birds are chirping and a dog is barking with a siren in the distance.

Are you going to compete today? Will you be ready?

After you make it to your own finish line, look up…

26 July 2024

Enterprise Resilience: Compete or Die...

Enterprise Resilience is the road to competitiveness. It is the global answer to many of the Chief Security Officers (CSO) who have faced the troublesome battle of selling more "Fear and Doubt" to the Board of Directors.

When Deborah Wince-Smith stood up on the stage at the 21st Annual Security Briefing at OSAC November 16th, 2006, her words were music to our ears:

“It is undeniable that the world has gotten more risky. Businesses now function in a global economy characterized by increasing uncertainty, complexity, connectivity and speed. Managing this rapidly changing risk landscape is an emerging competitiveness challenge—a challenge that demands resilience: the capability to survive, adapt, evolve and grow in the face of change.”

“Globalization, technological complexity, interdependence, and speed are fundamentally changing the kind of risks and competitive challenges that companies— and countries—face.”

“Failure, whether by attack or accident, can spread quickly and cascade across networks, borders and societies. Increasingly, disruptions can come from unforeseen directions with unanticipated effects.”

“Global information and transportation networks create interdependencies that magnify the impact of individual incidents. These types of risk demand new methods of risk management.”

Thinking back to those days, was this a way for the Chief Security Officers (CSO) of the Fortune 500 to finally shift their thinking from just security protection to something less macho?

How could "Resilience" become a platform for a mind set shift to justify new funding?

"After all, now we aren't trying to scare people into the low probability high impact incidents anymore and are focusing in on the high probability incidents, that may have enough impact to cause a significant business disruption."

What are the incidents and areas of risk that insurance won't touch these days?

If the insurance companies can write the policy to give you peace of mind, then is this necessarily an area that you can ignore because you have transferred the risk to someone else? Maybe not.

Being agile, ready and capable of a quick recovery is what competitiveness is all about, on the field, on stage or around the table in the Board Room.

Working towards control and protection while fear builds in the back of your mind makes you stiff, depletes your energy and creates doubt.

And when you are operating a business or standing on the tee of your first sudden death hole on any PGA weekend, you better have resilience.

The business equivalent to homeland security and critical infrastructure protection is Operational Risk Management (ORM)—a domain that many executives see as the most important emerging area of risk for their firms. Increasingly, failure to plan for operational resilience can have “bet the firm” results.

We all know that it costs lot's of money to have any systems downtime, that's why so many dollars have been invested in Disaster Recovery (DRP) and other Business Continuity Planning (BCP). Delta?

Yet is this the kind of resilience that is going to make you more competitive to seize more opportunities? The economics of resilience are more than investing for the likely or unlikely information systems incident that will attack your organization tomorrow.

The threat of “Tort Liability” and the loss of reputation remains top of mind these days with every major global company executive.

The threat is real and increasing at a faster rate than many other real operational risks to the enterprise.

Litigation from regulators, class actions and competitors has given the term Legal Risk new emphasis and meaning.

Once corporate management understands the need for a "resilience" mentality in place of a "protection" mental state, a new perspective is found.

Investing in the vitality, agility and competitive capabilities of the organization sounds and is more positive.

It alleviates the fear of doom and gloom and inspires new found innovation.

The future of your organizations longevity and in it's adaptability can be achieved with a new perspective. Compete or die.

Enabling Global Enterprise Business Resilience is just the beginning...

19 July 2024

Operational Risk: People, Process, Systems & External Events...

When was the last time your team presented their plan to execute your next major milestone in your important project?

As you lean back in your chair and hear the “What”, “Why”, “Where”, “How” in the bullets and pictures on each of their presentation slides, you might be pleased with what you see.

Now, what is the alternative plan for this particular operation? Just in case.

The more you experience change and the real setbacks of your intended goals, achievements or anticipated outcomes, the realization occurs that you will need a “Plan B”.

You know, a back-up plan. Perhaps you even may need a fail-safe:

fail-safe

adjective

1: incorporating some feature for automatically counteracting the effect of an anticipated possible source of failure.

What is your universal unlock code? What is your alternative plan? How will you ensure the safety, security and service of your intended game plan today?

Unfortunately in business and in any other highly engineered or sophisticated operation that is vital to your growth and success, you will need to create an alternative plan.

Operational risk is defined as the risk of loss resulting from inadequate or failed processes, people, and systems or from external events. These risks are further defined as follows:

* Process risk – breakdown in established processes, failure to follow processes or inadequate process mapping within business lines.

* People risk – management failure, organizational structure or other human failures, which may be exacerbated by poor training, inadequate controls, poor staffing resources, or other factors.

* Systems risk – disruption and outright system failures in both internal and outsourced operations.

* External event risk – natural disasters, terrorism, and vandalism.

The definition includes Legal risk, which is the risk of loss resulting from failure to comply with laws as well as prudent ethical standards and contractual obligations. It also includes the exposure to litigation from all aspects of an institution’s activities.

How will you ensure the safety, security and service of your intended game plan today?

The teams who incorporate comprehensive Operational Risk Management (ORM) into each daily process, shall achieve their goals and will outperform the competition…


Add a comment…

No comments, yet.

Be the first to comment.

11 July 2024

Breakpoint: Mastering the Future...

In the early days of any startup business, be prepared. You as an innovator, entrepreneur, or just plain engineer, designer and project manager know what being prepared means.

Or do you?

The pace of change, communications and human emotions reach their extremes in the early stages of most business growth.

Are you ready and prepared to deal with the amount of new challenges you shall now face as each day unfolds before you?

Before you understood what starting and running a new business is really all about, you may have thought for a moment how exciting it would be.

Then one day it begins to dawn on your colleagues, your investors and your potential customers that this idea has some flaws.

The business marketplace you have chosen has not yet arrived at what the real problem-set is, that your particular solution truly solves.

Or is it something else?

You see, it all comes back to the pace of change and the ability for some people to master the new skills, the new vision or the new outcomes unfolding before you.

The more rapidly you and your startup team accelerate upwards and forward to achieve that breakpoint, the sooner you will hit that next part of your own particular growth curve:

Breakpoint and Beyond: Mastering the Future Today

“Assists in predicting and mastering industrial, social, political, and personal change by tracking the pattern of major "breakpoints" in human history and revealing the great truths hidden in them”

As you now stare at the gallery of people on your next “Teams” or “Zoom” session, remember that you are on a real mission together.

After you understand that running a new business involves a tremendous amount of time and resources to get people to perform the way you imagined they would, this is when the breakpoint in your “S” curve takes place.

Are you there yet?

When you and your team start exploring the changes around your startup hypothesis then you are now utilizing the new data, the new feedback and the new human factors into your future achievement.

Keep your chin up.

Now that you have changed your design/prototype, changed your people, changed your market analysis and even changed your purpose for existence, you are mastering your future success…

Godspeed!

28 June 2024

Preface: Growing Up in the USA...

As we approach our 248th year celebration of the country named the “United States of America”, think about it with open eyes as you look at our flag waving in the wind on the morning of July 4th.

One of 193 countries in the United Nations on our globe today, our country has become a sought after destination for so many others in the world to see and to actually experience.

Why?

Being born in the USA, our school Principal at our “Riverside Elementary” would get on the speaker system at 8:30AM sharp. Our “Pledge Allegiance” each morning was sacred as we all would stand in our classrooms:

"I pledge allegiance to the flag of the United States of America, and to the republic for which it stands, one nation under God, indivisible, with liberty and justice for all.”

Little did any of us truly know at that point in our lives, how precious these words would eventually become to us. Some before we were all grown adults.

It would dawn upon us all decades later, as our team was sitting around our tables with other fellow INSA members in a 2nd Floor conference room on North Stuart Street in Arlington Virginia. Our local professionals had a new important project before us.

Our Homeland Security Intelligence Council (HSIC) had started to tackle the definition of “Homeland Security Intelligence” and we would later develop 16 key recommendations in our 20 page White Paper.

It was finally published in September 2011 and ten years since so many Americans had died on 9/11 and so many others who would fight in the wars international and thereafter domestic.

“Homeland Security Intelligence is information that upon examination is determined to have value in assisting federal, state, local, tribal and private sector decision makers in identifying or mitigating threats residing principally within U.S. borders.”

Intelligence to Protect the Homeland...taking stock ten years later and looking ahead...

Now after returning to our USA once again with your own overseas travel behind you, reach into your pocket for that dark blue "US Passport" with the Eagle emblazoned on the front in Gold and read these words once again on page one:

“The Secretary of State of the United States of America hereby requests all whom it may concern to permit the citizen/national of the United States named herein to pass without delay or hindrance and in case of need to give all lawful aid and protection.”

In 2024, this Independence Day, reflect on all that you have learned and now earned, as a US Citizen protecting our country and as a true proud American.

 “Never Forget”…

21 June 2024

Enterprise Security Risk Management (ESRM)

Years ago, “The Gartner Group” has identified three major questions that executives and boards of directors need to answer when confronting information security issues:

> Is your security policy enforced fairly, consistently and legally across the enterprise.

> Would our employees, contractors and partners know if a security violation was being committed?

> Would they know what to do about it if they did recognize a security violation?

In today’s wired world, threats to the information infrastructure of a company or government agency are not static, one time events.

With new ransomware, XaaS, viruses, vulnerabilities, and digital attack tools widely available for download, a “complete information security solution” in place today can easily become incomplete tomorrow.

As a result, a security architecture solution must be flexible, and dynamic.

Presently, news of digital-threat events tends to spread through the computer security world in a “grapevine” manner. Threat information is obtained from websites, e-mail listservs and countless other informal sources.

This haphazard system is incomplete, and therefore raises concern when evaluating the damaging, costly effects of an aggressive, systematic digital attack.

A comprehensive security solution requires the careful integration of People, Processes, Systems and External events.

It shall allow correlation and implementation of a “layered” defense coupled with a firm application of risk-management principles.

To fully protect electronic information architectures, an organization needs current intelligence and analysis that allows constant adjustment and fine-tuning of security measures (e.g., firewalls, intrusion-detection systems, virus protection) to effectively defend against a rapidly changing landscape.

"Threats and vulnerabilities relating to computer networks, websites and information assets must be addressed before an attack occurs. Awareness and the ability to make informed decisions are critical."

How "Proactive" are you?

In short, as the electronic economy plays an increasing role in the private and public sectors, organizations must take advantage of the resulting new opportunities for growth and gains in efficiency and productivity.

Realizing these gains depends on an organization’s ability to open its information architecture to customers, partners and, in some cases, even competitors.

This heightened exposure creates greater risk and makes an organization a more likely target for attack (e.g., information and monetary theft, business disruption).

Furthermore, the cost of critical infrastructure failure climbs exponentially in relation to increasing reliance on increasingly integrated systems.

Your goal into the future is to provide the organization with the following Information Security value propositions:

  1. A System with Best Practices to Establish, Implement and Monitor Compliance.
  2. Early Warning & Awareness for the Entire Enterprise.
  3. Relevant Decision Support.
  4. Trusted Threat Information/Analysis.
  5. Actionable Threat Countermeasures.

And remember, a Single Enterprise Security Risk Management System (ESRM) will not solve the operational risk problem without the right processes and the correct people to implement such a solution...

15 June 2024

Shared Mission: Look to Your Left, Look to Your Right...

Into the future, how will you decide to operate your business, manage your important projects or run your life?

Will it be well thought out or chaotic? Will it be on time and within budget or delayed and asking for more funds?

How often do you find yourself disappointed? Frustrated. Even questioning why you are spending time on this project?

Working with and managing people begins with setting expectations, mutual goals and shared responsibilities. Is your project or life at stake?

Look around your work environment. What do you see?

Is it all in order and does it look tidy and clean? Or, are you wondering who will be doing what next as you operate with clutter across your workspace and wonder where your iPhone is?

So what!

“At every turn, you can sense that, somehow, the critical fabrics of trust that have been woven together for thousands of years and that allow us to live in social systems are unsteady, trembling, and fragile. It is as true in our national governments, corporate boardrooms, and compliance programs as it is in our interactions with sales clerks and neighbors.

Decisions you take as a leader are questioned more intensely. As a team member, business analyst, armchair investor, or family financial officer, you have become more reluctant to accept the decisions of others. Blind faith is no longer an acceptable justification to lead others in a charge over the hill, or a basis on which you choose to follow others. Why is trust under attack at so many levels, across so many economies, and in so many routine, ordinary decisions through which we live our lives?”  —Achieving Digital Trust: The New Rules for Business at the Speed of Light. ©2015 by Jeffrey Ritter

Before you decided to change your future ways, this was your life.

Over the course of your particular future time line, how will you improve? Are you meeting your deadlines and the expectations of those you choose to operate with?

Do others trust you?

This is your opportunity to now answer yourself, “Yes” or “No”.

Again, look around you and what do you see?

The future of your life will continuously depend on “Who is to your left and “Who” is to your right.

Do you trust your fellow team mate with your particular mission today? Will you give them the trust to accomplish their work and their tasks towards achieving success?

Now, you have the true opportunity ahead of you. Continuously “Build Trust” with those you love and those who are on your shared mission…

08 June 2024

Organizational Integrity: Trusted Relationships...

Before 9/11, almost all of our countries and organizations current day vulnerabilities were in existence.

Whether you focused on increasing protection from other nations states, the growing regional terrorist sects or the online dark net criminal syndicates, their growing presence and actions were all visible.

What has changed in the past two decades in the continuous and pervasive strategies to provide greater Critical Infrastructure Protection and security and safety to our United States and our citizens?

If there was a simple bullet list of items to address the answer to this question, it would seem:

  • Incomplete.
  • Short sighted.

Today, our adversaries have substantial new speed and stealth due to technology innovation, such as encryption, 5G and various levels of Aerial/SAT imaging or video.

They have new highly-trained human assets who are continuously recruited online and in-person to travel and impersonate roles in the private sector to attend our key events and meetings.

To get more perspective, one only has to watch the entertaining and educational movie “Duplicity” to learn and remember how our organizations intellectual property and new inventions are under constant assault.

Yet the “Infinite Game” continues across old and new frontiers of our globe, in some of the most unexpected places for the average U.S. citizen, who might not even know the answer to some of our standardized U.S. History 101 questions.

In our Farm lands. In our Schools. In our Private Equity firms. In our Financial institutions. In our Healthcare organizations. In our Utility companies. In our Defense Industrial Base (DIB). In our Global Fortune 100.

How might we improve our abilities to increase our resilience?

We must step up our learning from what has worked more than two decades ago.

Many have forgotten integrity or never experienced what can be accomplished with even more trusted relationships.

You see, it might take your valuable time to make a phone call on that little rectangular camera box in your pocket.

It might take your time to get on a plane or in your car to drive across miles of a freeway to meet someone in person at a coffee shop or for a club sandwich.

The trusted old "One-to-One", "Face-to-Face" ability to build a relationship from a personal introduction to a lasting intellectual and learning experience is our only future hope.

It remains the chance to see and feel another persons true ambition, real emotion or innovative intellectual excellence.

You might think that our world has changed tremendously over the past two decades.

In reality, "Building Trusted Relationships" has a formula that has lasted over centuries…