This page is under constant construction. It was started in March 2019, and was last updated in May 2019.
I try to list the entries chronologically, but this does not necessarily indicate the order I've read them.
Pieces that are interesting and/or valuable
"Bots Down Under", Kasada, April 2019
- Quote, "Bots Down Under reveals aspects of the threat landscape, distinct to Australia, that local businesses need to know. Kasada kicked off in Australia and we’re uniquely placed to see and comment on the threat of malicious automation."
- Disclaimer; I have no financial interests in Kasada. But I'm an unashamed fan of their work.
"Cyber Indictments and Threat Intel: Why You Should Care", Katie Nickels, February 2019.
- Quote, "So, why should we as cyber threat intelligence (CTI) analysts and network defenders care about cyber indictments in the first place? Others may have different reasons, but here’s why I cared about making this list in the first place. For this blog and list, I’m focusing on indictments from the US DOJ, but legal documents from other countries could serve similar purposes."
- Quote, "Today, however, the biggest risk to our privacy and our security has become the threat of unintended inferences, due to the power of increasingly widespread machine learning techniques. Once we generate data, anyone who possesses enough of it can be a threat, posing new dangers to both our privacy and our security."
- Quote, "That kind of patriotism, linked to bigger ideals about democracy and the common good, is important to think about right now. It might be an antidote to the polarization that social media accentuates; to anger, the emotion that travels most rapidly online; to the cynicism that dominates the Internet more broadly."
"‘Superstars’: The dynamics of firms, sectors, and cities leading the global economy", McKinsey, October 2018.
- Quote, "By our definition, 50 cities, including Boston, Frankfurt, London, Manila, Mexico City, Mumbai, New York, Sydney, Sao Paulo, Tianjin, and Wuhan, are superstars (Exhibit 5). The 50 cities account for 8 percent of global population, 21 percent of world GDP, 37 percent of urban high-income households, and 45 percent of headquarters of firms with more than $1 billion in annual revenue. The average GDP per capita in these cities is 45 percent higher than that of peers in the same region and income group, and the gap has grown over the past decade."
- (I added the bold for Sydney.)
"Women in the Workplace 2018", McKinsey, October 2018.
- Quote, "This early inequality has a profound impact on the talent pipeline. Starting at the manager level, there are significantly fewer women to promote from within and significantly fewer women at the right experience level to hire in from the outside. So even though hiring and promotion rates improve at more senior levels, women can never catch up—we’re suffering from a “hollow middle.” This should serve as a wake-up call: until companies close the early gaps in hiring and promotion, women will remain underrepresented."
"Ransomware Attacks Topped List of Cyber Insurance Claims", Fred Donovan, June 2018.
- Quote, "Ransomware has become increasingly commoditized with the creators of recent variants offering revenue-sharing agreements to partners. There is no guarantee that victims will get their data back, even if they pay the ransom, AIG observed."
"20 years on, L0pht hackers return to D.C. with dire warnings", Rob Pegoraro, May 2018.
- Quote, "“Where’s the equivalent of the National Transportation Safety Board crash test results for the software that you’re consuming?” Zatko asked Tuesday."
"Army researchers find the best cyber teams are antisocial cyber teams", Sean Gallagher, April 2018.
- TL;DR - the title is clickbait. The message was that good leadership plus clearly defined roles and responsibilities within a team enabled more effective teamwork.
- Quote, "'Functional specialization within a team and well-guided leadership could be important predictors of timely detection and mitigation of ongoing cyber attacks,' they write."
"Cyberinsurance tackles the wildly unpredictable world of hacks", Josephine Wolff, April 2018.
- Quote, "“Typically in insurance we use the past as prediction for the future, and in cyber that’s very difficult to do because no two incidents are alike,” said Lori Bailey, global head of cyberrisk for the Zurich Insurance Group."
- Abstract, "The Center for Strategic and International Studies (CSIS), in partnership with McAfee, present Economic Impact of Cybercrime – No Slowing Down, a global report that focuses on the significant impact that cybercrime has on economies worldwide. The report concludes that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year, which is up from a 2014 study that put global losses at about $445 billion. The report attributes the growth over three years to cybercriminals quickly adopting new technologies and the ease of cybercrime growing as actors leverage black markets and digital currencies."
- Quote, "I've come to appreciate that hiring decent folks who can get along with others is far more important than trying to recruit conference-circuit superstars. In fact, hiring superstars is a decidedly hit-and-miss affair: while certainly not a rule, there is a proportion of folks who put the maintenance of their celebrity status ahead of job responsibilities or the well-being of their peers."
- Quote, "Cyber attack does not threaten crippling surprise or existential risk. This means that the incentives for improvement that might motivate governments and companies are, in fact, much smaller than we assume. Nor is cyber attack random and unpredictable. It reflects national policies for coercion and crime. Grounding policy in a more objective appreciation of risk and intent is a first step toward better security."
- Quote, "So what was the most important factor contributing to a team's effectiveness? It was psychological safety. Simply put, psychological safety refers to an individual's perception of taking a risk, and the response his or her teammates will have to taking that risk. Google describes it this way: 'In a team with high psychological safety, teammates feel safe to take risks around their team members. They feel confident that no one on the team will embarrass or punish anyone else for admitting a mistake, asking a question, or offering a new idea.' In other words, great teams thrive on trust."
"How a half-educated tech elite delivered us into chaos", John Naughton, November 2017.
- Quote, "It never seems to have occurred to them that their advertising engines could also be used to deliver precisely targeted ideological and political messages to voters. Hence the obvious question: how could such smart people be so stupid?"
"Leading in complex environments", Sophie Stone, June 2017.
- Quote, "Despite this, we often try to make these implementations fit, by imposing on to these problems our own logical lens. Complex problems need complex solutions; they need leaders who can help others adapt to complexity. Further, we need leaders that can use this uncertainty to think and be creative, and be innovative with change. We need to move past wanting to control or minimise complexity, to wanting to leverage it. Complex situations don’t disappear once solutions are put in place. Instead, they move and adapt, hence controlling complexity, or hoping to ‘deal’ with complexity, will not succeed. "
"Your Company Culture is Who You Hire, Fire, and Promote", Dr. Cameron Sepah, March 2017.
- Quote, "Your company’s employees practice the behaviors that are valued, not the values you believe."
- Quote, "The use of technology in facilitating financial crime is particularly attractive as it enables criminal groups and individuals to identify and target significantly larger groups of potential victims from any location in the world, while expending few resources. Similarly, the use of technology in financial crime can obscure the identity and location of criminal groups and individuals, which makes it a low risk activity with a potential for high return. "
"The Line between Confidence and Hubris", Tim Laseter, November 2016.
- Quote, "Four early signals can help in navigating these muddy waters. The first two, narcissism and dismissiveness, are warning signs of hubris. The other two, humility and inquisitiveness, are promising signs of justifiable confidence."
"Computer-based personality judgments are more accurate than those made by humans", Wu Youyou, Michal Kosinski, and David Stillwel, January 2015.
- Introduction, "This study compares the accuracy of personality judgment—a ubiquitous and important social-cognitive activity—between computer models and humans. Using several criteria, we show that computers’ judgments of people’s personalities based on their digital footprints are more accurate and valid than judgments made by their close others or acquaintances (friends, family, spouse, colleagues, etc.). Our findings highlight that people’s personalities can be predicted automatically and without involving human social-cognitive skills."