BC CYBER SECURITY
Saved by @jacobhtml

2 different frames or metaphors for #CyberSecurity

Security as a Quality Management issue thus a problem of robustness

Security as a Safety issue thus a problem of resilience

They’re fundamentally different, may even be at odds but how ?

🧵

 A Quality Management metaphor leads us down elements of testing, predictability and reliability in that we aim to be effective at dealing with predicted threats which represent a finite configuration of what our industries expect. We aim for “maintaining process integrity inside
Of known design, training and procedural parameters” (Dekker) so I prepare for a number of scenarios, ways I can foresee and threat model for and (not just operationally, but also reqs gathering, testing, training,sdlc and even threat intel) increasing the robustness of my system
All well and good, but from Complexity science we know that “robust constraints tend to fail catastrophically when design conditions are exceeded” @snowded
But this is also a cautionary tale. If you don’t have the capacity to deal with expected adverse conditions,
You have no business thinking or prioritising adaptive capacity because the “knows” can get you down and keep you there.
So until you get to the point where your robustness is sound, this is the metaphor that is most appropriate and which can be argued for economically
If and when the robustness of your system is high, meaning you have appropriate mitigations in place to the outcomes of the threat models you build for your apps and platform, then your risk profile starts to change.
The very measure you’ve put in place, which got you this far to achieve a “secure system” by industry and accepted standards, may now be exact things which will contribute to its downfall because “in safe systems the very processes that normally guarantee safety and generate
Org success can also be responsible for org demise” (Dekker) This means that the challenges you’re now likely to faced relate to the relationships & interconnections of your sociotechnical system (scarcity competition, patterns of info to decision makers, incrementalist nature
Of decisions taken over time which can cause drifts into failure, drifts into setting conditions for data breaches.
When you get here, a metaphor of Security as Safety is likely more appropriate. You’ve now dealt with the robustness of components and put in the measures which are
Expected to make you withstand the scenarios you can envision on your threat model. So now a focus on resilience becomes beneficial as you’re building systems which “are effective at meeting threats that represent infinite reconfigurations of - or ones that may lie entirely
Beyond - what the industry could anticipate” and which are “capable of maintaining process integrity well outside the design base or outside training or procedural provisions”

You’re now building for resilience and sustained adaptive capacity

“But can I do both?” You ask
The building of robustness benefits from processes of analysis (breaking things out to smaller parts and secure them to build them back up) while resilience benefits from processes of synthesis (role on the wider system and function within it)
So while you perform both types of assessments, a focus on resilience where there’s limited robustness is of little value. A small punch can knock you down and keep you there. So I would advocate building robustness first as the focus of transition/transformation, potentially
Being attentive to affordances and constraints to identify opportunities for improvement.

Remember that sources of resilience in orgs are in our people. They’re the ones dealing with the variability our systems and automation can’t handle, so applying principles of learning
From incidents, and understanding what our teams were surprised by, and namely any “fundamental surprises” (where their models the system were or what’s possible were challenged or took apart) are learning opportunities that should never go to waste
@threadreaderapp unroll

You May Also Like

\u2745\u1710\u170b\u1713\u170e
❅ᜐᜋᜓᜎ...
@uglyluhan
First thread of the year because I have time during MCO. As requested, a thread on the gods and spirits of Malay folk religion. Some are indigenous, some are of Indian origin, some have Islamic


Before I begin, it might be worth explaining the Malay conception of the spirit world. At its deepest level, Malay religious belief is animist. All living beings and even certain objects are said to have a soul. Natural phenomena are either controlled by or personified as spirits

Although these beings had to be respected, not all of them were powerful enough to be considered gods. Offerings would be made to the spirits that had greater influence on human life. Spells and incantations would invoke their


Two known examples of such elemental spirits that had god-like status are Raja Angin (king of the wind) and Mambang Tali Arus (spirit of river currents). There were undoubtedly many more which have been lost to time

Contact with ancient India brought the influence of Hinduism and Buddhism to SEA. What we now call Hinduism similarly developed in India out of native animism and the more formal Vedic tradition. This can be seen in the multitude of sacred animals and location-specific Hindu gods
RELIGION
Sara Benincasa
Sara Benincasa
@SaraJBenincasa
Spent a quaint half hour in a cafe listening to a guy yell at his dad after his dad said that the women Trump molested wanted it: "Dad, that's like saying the Jews who died in the Holocaust were asking for it!" ENJOY YOUR TERRIBLE FAMILIES THIS WEEK!

"Mom, has a man ever touched you without your consent?"
"Of course."
"Did you report it?"
"No."
"Dad, your WIFE has been through this!"

Dad was unmoved and told the guy to stop arguing with him.

At this point we learned the boy child has allergies.

I forgot to remark upon the presence of the very cute grandson, who was very small and gave not one shit about the yelling. I believe a sister or aunt was present and feeling very stressed. I wanted to hand her a Xanax or seven.

It was really hard to not jump in and say, "Sounds like you guys are going to have a fun meal tomorrow!" so they could unite in hatred against me, the outsider, and stop squabbling. Instead I exchanged glances with a nearby fellow lady patron, who also emotionally ate a cookie.

Anyway, I want to thank the random family for yelling about rape and the Holocaust in an Israeli cafe in the US of A today because it reminded me that while this country isn't the greatest, it is inevitably my stupid favorite and I am never, ever bored.
SOCIETY
Advertisement
Anu Satheesh
Anu Satheesh
@AnuSatheesh5
Sri Mridanga Saileswari Temple Muzhakkunnu, Kannur KERALA

The temple is established by Parasurama and it is one among 108 Durga temples.
Devi will answer all the prayers of her devotees who pray to her with utmost devotion lighting the ghee deepam.


It is the family diety of Kerala Varma Pazhassi Raja.
Devi is present in three forms Kali, Saraswati and Lakshmi.

Legend...👇
Once a Mridungam ( musical instrument) shaped rock fell from heaven here.
@SriramKannan77


Devi originated in the form of Mridangam and Parasurama captivated the essence of Devi into a Vigraham. Vigraham is made of Panchaloham.
Kathakali, an art form of Kerala originated here.


Temple Vigraham was stolen 3-4 times, but because of power of Devi all the attempts were failure. Police records says that Whenever the thieves try to steal, they lose their senses, and they will be in a confused state. So they will abandon the idol.
🕉
ALL
Professor
Professor
@DillikiBiili
Some ofthe biggest breakouts occur after Volatility Contraction, the analogy is that more a spring is pressed, higher it jumps whenever it gets released.

There is a VCP Scanner on chartink (Not mine). This may also be used to find potential Breakouts.
SCREENERS , TA SCREENERS
sriram
sriram
@SriramKannan77
'Treasure Gods' - Sangha Nidhi' and 'Padma Nidhi', Tirumala, Tirupati.

------------------------------------

These are the two guards guarding the Wealth and Treasure of Lord Sri Venkateswara.

They are representatives of two treasures of Kubera, the God of Wealth.


One guard who is holding shangam (conch) on both the hands is known as Shanka Nidhi ('nidhi' means wealth).

On the other side, the guard who is holding Lotus flowers on both the hands is known as Padma nidhi.

Shangu is from the ocean which includes all types of wealth like pearls and corals.

Why shagam in his hand? Because shangam only gives the sound of 'omkaram'.

'Padmam' is the symbol of water sources in land like river, lakes, tanks etc. which is very important for all living beings.

As per the tradition, these guards are installed at the third entrance of the temple.

One enters the holy shrine after saluting the first protection threshold - Sankha Nidhi and Padma Nidhi.
ALL