BC CYBER SECURITY
Saved by @jacobhtml

2 different frames or metaphors for #CyberSecurity

Security as a Quality Management issue thus a problem of robustness

Security as a Safety issue thus a problem of resilience

They’re fundamentally different, may even be at odds but how ?

🧵

 A Quality Management metaphor leads us down elements of testing, predictability and reliability in that we aim to be effective at dealing with predicted threats which represent a finite configuration of what our industries expect. We aim for “maintaining process integrity inside
Of known design, training and procedural parameters” (Dekker) so I prepare for a number of scenarios, ways I can foresee and threat model for and (not just operationally, but also reqs gathering, testing, training,sdlc and even threat intel) increasing the robustness of my system
All well and good, but from Complexity science we know that “robust constraints tend to fail catastrophically when design conditions are exceeded” @snowded
But this is also a cautionary tale. If you don’t have the capacity to deal with expected adverse conditions,
You have no business thinking or prioritising adaptive capacity because the “knows” can get you down and keep you there.
So until you get to the point where your robustness is sound, this is the metaphor that is most appropriate and which can be argued for economically
If and when the robustness of your system is high, meaning you have appropriate mitigations in place to the outcomes of the threat models you build for your apps and platform, then your risk profile starts to change.
The very measure you’ve put in place, which got you this far to achieve a “secure system” by industry and accepted standards, may now be exact things which will contribute to its downfall because “in safe systems the very processes that normally guarantee safety and generate
Org success can also be responsible for org demise” (Dekker) This means that the challenges you’re now likely to faced relate to the relationships & interconnections of your sociotechnical system (scarcity competition, patterns of info to decision makers, incrementalist nature
Of decisions taken over time which can cause drifts into failure, drifts into setting conditions for data breaches.
When you get here, a metaphor of Security as Safety is likely more appropriate. You’ve now dealt with the robustness of components and put in the measures which are
Expected to make you withstand the scenarios you can envision on your threat model. So now a focus on resilience becomes beneficial as you’re building systems which “are effective at meeting threats that represent infinite reconfigurations of - or ones that may lie entirely
Beyond - what the industry could anticipate” and which are “capable of maintaining process integrity well outside the design base or outside training or procedural provisions”

You’re now building for resilience and sustained adaptive capacity

“But can I do both?” You ask
The building of robustness benefits from processes of analysis (breaking things out to smaller parts and secure them to build them back up) while resilience benefits from processes of synthesis (role on the wider system and function within it)
So while you perform both types of assessments, a focus on resilience where there’s limited robustness is of little value. A small punch can knock you down and keep you there. So I would advocate building robustness first as the focus of transition/transformation, potentially
Being attentive to affordances and constraints to identify opportunities for improvement.

Remember that sources of resilience in orgs are in our people. They’re the ones dealing with the variability our systems and automation can’t handle, so applying principles of learning
From incidents, and understanding what our teams were surprised by, and namely any “fundamental surprises” (where their models the system were or what’s possible were challenged or took apart) are learning opportunities that should never go to waste
@threadreaderapp unroll

You May Also Like

Dr Catherine Pemble is #SocialDistancing
Dr Catherine Pemble is...
@CatherinePemble
Right, screw it. Here's a thread on *that* FBLive by Alex Cairnie about #Govanhill. Lets do a watch-through shall we? (Mind, I'm a resident of Govanhill, and a sociologist. I'm also 5'3, and a visibly queer woman so if half his claims are true I should be living in terror)

00:30: Welcomes viewers and uses points out that his videos are only getting attention b/c they're 'horrific'. Directs folk to his Youtube page. So already clout hunting.

1:08: "I've been warned to stay out of Govanhill. I'm a marked man" (proceeds to use a beanie as a disguise)

1:30 "Laughing and joking aside, here's somebodys front garden." Proceeds to show litter and claim its thrown from windows and this is 'common'. I know a handful of streets with litter issues like this, but its neither common nor unique to #govanhill and other deprived areas.

2:10 "Don't be under any illusion I'm only showing you the bad bits" - only shows you the bad bits.

3:45: He's had offers of help, but hes said no because hes not responsible for 'anybody elses safety' Good lord.

5:01: "Its not that bad. But its not all good either" -Correct

6:00: TW: child abuse - He starts claiming to have been contacted by a health professional and told about child abuse 'in the area'. Huge ethical issues here as the 'professional' who has 'been in the game a long time' is reporting to Facebook Dude and not authorities.
HEALTH
Shalini Singh Sengar
Shalini Singh Sengar
@Maverickmusafir
Post Independence, Army wanted to select the most experienced Indian commander as Army chief. But Nehru without consulting anyone appointed Gen Rob Lockhart, a senior British Army officer as the Commander-in-Chief (C-in-C) of the Indian Army.


Most people were shocked to know that Nehru selected a British Man after fighting for independence for over 200 years! Major Gen A A ‘Jick’ Rudra of the Indian Army was completely upset with the decision.


One day Lockhart met Nehru with a strategic plan and proposed many government directive defence policies for the country. He placed it on the table and explained the point to PM Nehru. After a while Lockhart walked out of the room and met AA Jick Rudra,+

Lockhart looked shell shocked and stunned. When asked what happened he said “The PM took one look at my paper and blew his top. Rubbish! Total rubbish! We don’t need a defence plan. Our policy is ahimsa (non-violence). We foresee no military threats. Scrap the army!”

One year after the incident the Kashmir crisis had increased and Gen Lockhart used to exchange ideas with the Gen Douglas Gracey who was commander in chief of Pakistan Army.There were many infiltrations along the border which Lockhart knew and took no action. But Lt Gen Cariappa+
HISTORY
Advertisement
\U0001f1ee\U0001f1f3
🇮🇳
@Aamani_03
॥ॐ॥
अस्य श्री गायत्री ध्यान श्लोक:
(gAyatri dhyAna shlOka)
• This shloka to meditate personified form of वेदमाता गायत्री was given by Bhagwaan Brahma to Sage yAgnavalkya (याज्ञवल्क्य).

• 14th shloka of गायत्री कवचम् which is taken from वशिष्ठ संहिता, goes as follows..


• मुक्ता-विद्रुम-हेम-नील धवलच्छायैर्मुखस्त्रीक्षणै:।
muktA vidruma hEma nIla dhavalachhAyaiH mukhaistrlkShaNaiH.

• युक्तामिन्दुकला-निबद्धमुकुटां तत्वार्थवर्णात्मिकाम्॥
yuktAmindukalA nibaddha makutAm tatvArtha varNAtmikam.

• गायत्रीं वरदाभयाङ्कुश कशां शुभ्रं कपालं गदाम्।
gAyatrIm vardAbhayANkusha kashAm shubhram kapAlam gadAm.

• शंखं चक्रमथारविन्दयुगलं हस्तैर्वहन्ती भजै॥
shankham chakramathArvinda yugalam hastairvahantIm bhajE.

This shloka describes the form of वेदमाता गायत्री.

• It says, "She has five faces which shine with the colours of a Pearl 'मुक्ता', Coral 'विद्रुम', Gold 'हेम्', Sapphire 'नील्', & a Diamond 'धवलम्'.

• These five faces are symbolic of the five primordial elements called पञ्चमहाभूत:' which makes up the entire existence.

• These are the elements of SPACE, FIRE, WIND, EARTH & WATER.

• All these five faces shine with three eyes 'त्रिक्षणै:'.
ALL
.
.
@oyevivekk
THREAD:

80 Films with the biggest Plot Twists that will blow your mind.

1. Fight Club


2. Predestination


3. Seven


4. Requiem for a Dream
MOVIES , ALL , LIST OF MOVIES
Marina Amaral
Marina Amaral
@marinamaral2
Rio de Janeiro, 1920. 🇧🇷


São Paulo, 1910. 🇧🇷


“Arpoador”, Rio de Janeiro, 1900. 🇧🇷


“Avenida Paulista”, São Paulo, 1902. 🇧🇷


Recife, 1885. 🇧🇷
HISTORY