28 June 2024

Preface: Growing Up in the USA...

As we approach our 248th year celebration of the country named the “United States of America”, think about it with open eyes as you look at our flag waving in the wind on the morning of July 4th.

One of 193 countries in the United Nations on our globe today, our country has become a sought after destination for so many others in the world to see and to actually experience.

Why?

Being born in the USA, our school Principal at our “Riverside Elementary” would get on the speaker system at 8:30AM sharp. Our “Pledge Allegiance” each morning was sacred as we all would stand in our classrooms:

"I pledge allegiance to the flag of the United States of America, and to the republic for which it stands, one nation under God, indivisible, with liberty and justice for all.”

Little did any of us truly know at that point in our lives, how precious these words would eventually become to us. Some before we were all grown adults.

It would dawn upon us all decades later, as our team was sitting around our tables with other fellow INSA members in a 2nd Floor conference room on North Stuart Street in Arlington Virginia. Our local professionals had a new important project before us.

Our Homeland Security Intelligence Council (HSIC) had started to tackle the definition of “Homeland Security Intelligence” and we would later develop 16 key recommendations in our 20 page White Paper.

It was finally published in September 2011 and ten years since so many Americans had died on 9/11 and so many others who would fight in the wars international and thereafter domestic.

“Homeland Security Intelligence is information that upon examination is determined to have value in assisting federal, state, local, tribal and private sector decision makers in identifying or mitigating threats residing principally within U.S. borders.”

Intelligence to Protect the Homeland...taking stock ten years later and looking ahead...

Now after returning to our USA once again with your own overseas travel behind you, reach into your pocket for that dark blue "US Passport" with the Eagle emblazoned on the front in Gold and read these words once again on page one:

“The Secretary of State of the United States of America hereby requests all whom it may concern to permit the citizen/national of the United States named herein to pass without delay or hindrance and in case of need to give all lawful aid and protection.”

In 2024, this Independence Day, reflect on all that you have learned and now earned, as a US Citizen protecting our country and as a true proud American.

 “Never Forget”…

21 June 2024

Enterprise Security Risk Management (ESRM)

Years ago, “The Gartner Group” has identified three major questions that executives and boards of directors need to answer when confronting information security issues:

> Is your security policy enforced fairly, consistently and legally across the enterprise.

> Would our employees, contractors and partners know if a security violation was being committed?

> Would they know what to do about it if they did recognize a security violation?

In today’s wired world, threats to the information infrastructure of a company or government agency are not static, one time events.

With new ransomware, XaaS, viruses, vulnerabilities, and digital attack tools widely available for download, a “complete information security solution” in place today can easily become incomplete tomorrow.

As a result, a security architecture solution must be flexible, and dynamic.

Presently, news of digital-threat events tends to spread through the computer security world in a “grapevine” manner. Threat information is obtained from websites, e-mail listservs and countless other informal sources.

This haphazard system is incomplete, and therefore raises concern when evaluating the damaging, costly effects of an aggressive, systematic digital attack.

A comprehensive security solution requires the careful integration of People, Processes, Systems and External events.

It shall allow correlation and implementation of a “layered” defense coupled with a firm application of risk-management principles.

To fully protect electronic information architectures, an organization needs current intelligence and analysis that allows constant adjustment and fine-tuning of security measures (e.g., firewalls, intrusion-detection systems, virus protection) to effectively defend against a rapidly changing landscape.

"Threats and vulnerabilities relating to computer networks, websites and information assets must be addressed before an attack occurs. Awareness and the ability to make informed decisions are critical."

How "Proactive" are you?

In short, as the electronic economy plays an increasing role in the private and public sectors, organizations must take advantage of the resulting new opportunities for growth and gains in efficiency and productivity.

Realizing these gains depends on an organization’s ability to open its information architecture to customers, partners and, in some cases, even competitors.

This heightened exposure creates greater risk and makes an organization a more likely target for attack (e.g., information and monetary theft, business disruption).

Furthermore, the cost of critical infrastructure failure climbs exponentially in relation to increasing reliance on increasingly integrated systems.

Your goal into the future is to provide the organization with the following Information Security value propositions:

  1. A System with Best Practices to Establish, Implement and Monitor Compliance.
  2. Early Warning & Awareness for the Entire Enterprise.
  3. Relevant Decision Support.
  4. Trusted Threat Information/Analysis.
  5. Actionable Threat Countermeasures.

And remember, a Single Enterprise Security Risk Management System (ESRM) will not solve the operational risk problem without the right processes and the correct people to implement such a solution...

15 June 2024

Shared Mission: Look to Your Left, Look to Your Right...

Into the future, how will you decide to operate your business, manage your important projects or run your life?

Will it be well thought out or chaotic? Will it be on time and within budget or delayed and asking for more funds?

How often do you find yourself disappointed? Frustrated. Even questioning why you are spending time on this project?

Working with and managing people begins with setting expectations, mutual goals and shared responsibilities. Is your project or life at stake?

Look around your work environment. What do you see?

Is it all in order and does it look tidy and clean? Or, are you wondering who will be doing what next as you operate with clutter across your workspace and wonder where your iPhone is?

So what!

“At every turn, you can sense that, somehow, the critical fabrics of trust that have been woven together for thousands of years and that allow us to live in social systems are unsteady, trembling, and fragile. It is as true in our national governments, corporate boardrooms, and compliance programs as it is in our interactions with sales clerks and neighbors.

Decisions you take as a leader are questioned more intensely. As a team member, business analyst, armchair investor, or family financial officer, you have become more reluctant to accept the decisions of others. Blind faith is no longer an acceptable justification to lead others in a charge over the hill, or a basis on which you choose to follow others. Why is trust under attack at so many levels, across so many economies, and in so many routine, ordinary decisions through which we live our lives?”  —Achieving Digital Trust: The New Rules for Business at the Speed of Light. ©2015 by Jeffrey Ritter

Before you decided to change your future ways, this was your life.

Over the course of your particular future time line, how will you improve? Are you meeting your deadlines and the expectations of those you choose to operate with?

Do others trust you?

This is your opportunity to now answer yourself, “Yes” or “No”.

Again, look around you and what do you see?

The future of your life will continuously depend on “Who is to your left and “Who” is to your right.

Do you trust your fellow team mate with your particular mission today? Will you give them the trust to accomplish their work and their tasks towards achieving success?

Now, you have the true opportunity ahead of you. Continuously “Build Trust” with those you love and those who are on your shared mission…

08 June 2024

Organizational Integrity: Trusted Relationships...

Before 9/11, almost all of our countries and organizations current day vulnerabilities were in existence.

Whether you focused on increasing protection from other nations states, the growing regional terrorist sects or the online dark net criminal syndicates, their growing presence and actions were all visible.

What has changed in the past two decades in the continuous and pervasive strategies to provide greater Critical Infrastructure Protection and security and safety to our United States and our citizens?

If there was a simple bullet list of items to address the answer to this question, it would seem:

  • Incomplete.
  • Short sighted.

Today, our adversaries have substantial new speed and stealth due to technology innovation, such as encryption, 5G and various levels of Aerial/SAT imaging or video.

They have new highly-trained human assets who are continuously recruited online and in-person to travel and impersonate roles in the private sector to attend our key events and meetings.

To get more perspective, one only has to watch the entertaining and educational movie “Duplicity” to learn and remember how our organizations intellectual property and new inventions are under constant assault.

Yet the “Infinite Game” continues across old and new frontiers of our globe, in some of the most unexpected places for the average U.S. citizen, who might not even know the answer to some of our standardized U.S. History 101 questions.

In our Farm lands. In our Schools. In our Private Equity firms. In our Financial institutions. In our Healthcare organizations. In our Utility companies. In our Defense Industrial Base (DIB). In our Global Fortune 100.

How might we improve our abilities to increase our resilience?

We must step up our learning from what has worked more than two decades ago.

Many have forgotten integrity or never experienced what can be accomplished with even more trusted relationships.

You see, it might take your valuable time to make a phone call on that little rectangular camera box in your pocket.

It might take your time to get on a plane or in your car to drive across miles of a freeway to meet someone in person at a coffee shop or for a club sandwich.

The trusted old "One-to-One", "Face-to-Face" ability to build a relationship from a personal introduction to a lasting intellectual and learning experience is our only future hope.

It remains the chance to see and feel another persons true ambition, real emotion or innovative intellectual excellence.

You might think that our world has changed tremendously over the past two decades.

In reality, "Building Trusted Relationships" has a formula that has lasted over centuries…