Showing posts with label Risks. Show all posts
Showing posts with label Risks. Show all posts

July 21, 2022

Watch That Hard Work

Even work is a risky endeavor.  ;-)

(Credit Photo: Andy Blumenthal)


Share/Save/Bookmark

July 27, 2017

When You Need To BLUF

Most professional (and even personal) communications should start with...
________________________

BLUF (Bottom Line Up Front).

This means that you start with the ending--in mind, on paper, verbally, and in digital format. 

You provide the conclusion and/or recommendations right up front.

Rather than first wadding through all the details--context, analysis, considerations, assumptions, risks, etc. 

Let the reader know right away what it is you want. 

Generally, this is different than an abstract or summary that provides a synopsis and leading evidence for the argument put forward. 

Tell me what I need to know and get right to the point! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

April 26, 2015

The Best Cut

So I wasn't sure I wanted to share this, but my wife encouraged me in an effort to help others going through similar things.

Recently, I went to the Surgeon about my other hip to read my MRI...

After having read the report myself before the appointment, I was convinced I was heading under the knife again with the pain I was experiencing, challenges getting around, and the verbiage in the report like: 

"Significant..."

"Advanced."

Anyway, my daughter came along because I wasn't sure I was going to easily get parking in this place...always a challenge there. 

Waiting for the doctor, I asked G-d for a miracle, since after all the hospitalizations this last year, I literally thought that another one at this time could very well kill me.

Low and behold, the doctor comes in and as if G-d is directing his speech for the next 40 minutes or so, he does everything to dissuade me from having the surgery this month, even though he was the one at the last appointment that had already booked me on his surgical calendar. 

So today the miracle unfolded...

First, the doctor read my MRI, but then quickly flipped the screen to an MRI of another patient--a 76 year old--and he showed me the unbelievable progression of the osteoarthritis from near onset to ultimately the complete collapse of the joint over about 9 years time for this lady...the last MRI looked like complete and utter bone devastation--I had never seen anything like it!

Next he opened his drawer and took out a horror basket of used replacement joints parts that he had removed from patients that needed revision--he showed me the wear and breakage and described in horrible detail how he often has to dig these out of the bones of his patients and how each revision--which everyone will need after about 10-15 years or sooner if they become symptomatic--becomes more complicated and dangerous in terms of infection, blood clots, and recovery. 

Then he told how in the field so many replacement surgeries do not go well and that he sees 3-5 patients a week who come to him because they are UN-happy with the replacements their doctors did. 

This went on and on, and bottom line...he said, "I love to do the surgeries--I really do--but wait as long as you can before getting it [on the other hip], since while it can provide for short term improvements, each revision is worse, and at your age you could need three--on each side."

Needless-to-say, from this whole thing, I was in utter shock and some disbelief as I had been told these prosthetics can last 20-25 years with the newer models, and I was not aware of what the revisions really entailed in later years or the challenges they brought. 

As he continued to describe the risks in painful vivid details (note, I was his last appointment of the day and he was talking his time here), my eyes were literally welling up in tears.

I looked over at my daughter and she was sitting mouth agape shaking her head at what he was saying. I was deeply sorry that she had to sit through this (what we had thought was a simple MRI reading and confirmation of the upcoming procedure date). 

I left the doctor's office, of course, canceling the surgery--still in severe pain and with trouble walking--however, "scared straight" to make the best of this for now, but also afraid of what lies ahead. 

I have to have faith that the L-rd who made the miracle to hold off on the surgery for now will continue to guide and protect me through this illness that today has no cure. 

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 25, 2015

Is This A Genuine Partner For WMD Peace?


Everyone was speculating why Iran was building a 202 meter long life-size replica of a Nimitz Class U.S. Aircraft Carrier in the Persian Gulf.

Well today (as we are hear of "progress" with Iranian nuclear talks), we got our answer, as the Iranian military took the opportunity and blew the mock U.S. aircraft carrier to smithereens!


The commander of Iran's Navy stated: "The Americans, and the entire world, knows that the American Navy is one of our targets and it will take us 50 seconds to destroy every US warship."


At the same time, Iran is mulling over the purchase of a powerful anti-aircraft missile system from Russia.


So now Iran is going toward an agreement for a possible lifting of western financial sanctions and a 10-year nuke capability, and we are trusting them that it is for peaceful purposes?


Many of our major Middle East allies are concerned including Israel, Saudi Arabia, Egypt, Turkey, and more, and so much so that an Iranian nuke capability may "spark a nuclear arms race."


Hmm...why the desperation for a deal with "Axis of Evil," Iran amidst ongoing hostility and threats from Iran towards "The Great Satan," America, and all the express concerns of our longtime friends and allies? 


Now we won't just have deadly terrorist organizations like Al Qaeda and ISIS to contend with across the region, but also a nuclear armed Iran--amidst regular threats to sink the U.S. Navy and annihilate Israel (and just 70 years after the Holocaust killed 6 million Jewish men, women, and children!).  


What have we learned about appeasement of dangerous foes and the unimaginable risks to millions of innocent lives around the world? ;-)

Share/Save/Bookmark

January 8, 2012

A Race To The Future

This last week, we learned of the new defense policy that shifts the U.S. from a full two war capability to a "win-spoil" plan, where we have the ability to fight one war, but still disrupt the military aspirations of another adversary elsewhere.
While we would all like to have unconstrained capabilities for both "guns and butter", budget realities do not permit limitless spending on anything or anytime.
The Wall Street Journal (7-8 January 2012) had an interesting editorial that cautioned against reduced military spending and latched on specifically to focusing too much on the Asia-Pacific region and somehow neglecting other danger spots around the globe.
Basically, the author says it is dangerous for us to put all our proverbial eggs in one basket. As he writes, this single-focus approach or "strategic monism" is predicated on our ability to accurately predict where the trouble spots will be and what defensive and offensive capabilities we will need to counter them.
In contrast, the author promotes an approach that is more multifaceted and based on "strategic pluralism," where we prepare ourselves for any number of different threat scenarios, with a broad array of capabilities to handle whatever may come.
What is compelling about this argument is that generally we are not very good at forecasting the future, and the author points out that "the U.S. has suffered a significant surprise once a decade since 1940" including Pearl Harbor (1941), North Korea's invasion of the South (1950), the Soviet testing of the Hydrogen bomb (1953), the Soviet resupply of Egypt in the Yom Kippur War (1973), the Iranian Shah's fall from power (1979), the Soviet Union collapse (1991), and the terrorist attacks of 9-11 (2001).
Similarly, Fortune Magazine (16 January 2012) calls out "the dangers inherent in...long-term forecasting" and points how almost comically "the 1899 U.S. patent chief declares that anything that can be invented has been."
The Fortune article goes on to say that a number of the experts interviewed for their Guide To The Future issue stated that "cyberterrorism, resource shortages, and political instability around the world are all inevitable."
In short, the potential for any number of catastrophes is no more relevant now in the 21st century, than at any other time in history, despite all our technological advances and maybe because of it.
In fact, Bloomberg Businessweek (19-25 December 2012) actually rates on a scale of low to high various threats, many of which are a direct result of our technology advancement and the possibility that we are not able to control these. From low to high risk--there is climate change, synthetic biology, nuclear apocalypse, nanotechnology weaponry, the unknown, and machine super intelligence. Note, the second highest risk is "unknown risks," since they consider "the biggest threat may yet be unknown."
So while risks abound and we acknowledge that we cannot predict them all or forecast their probability or impact accurately, we need to be very well prepared for all eventualities.
But unfortunately, being prepared, maintaining lots of options, and overall strategic pluralism does not come cheaply.
In fact, when faced with weapons of mass destruction, threats to our homeland, and human rights abuses is there any amount of money that is really enough to prepare, protect, and defend?
There is no choice but to take the threats--both known and unknown seriously--and to devote substantial resources across all platforms to countering these. We cannot afford to be caught off-guard or prepared to fight the wrong fight.
Our adversaries and potential adversaries are not standing still--in fact, they are gaining momentum, so how much can we afford to recoil?
We are caught between the sins of the past in terms of a sizable and threatening national deficit and an unpredictable future with no shortage of dangers.
While everyone has their pet projects, we've got to stop fighting each other (I believe they call this pork barrel politics) and start pulling for the greater good or else we all risk ending up on the spit ourselves.
There is no option but to press firmly on the accelerator of scientific and technological advancement and break the deficit bounds that are strangling us and leap far ahead of those who would do us harm.
(All opinions my own)
(Source Photo: here)

Share/Save/Bookmark

February 25, 2009

Security Architecture Q&A

Recently, I was interviewed on the subject of Security Architecture and was given permission to share the Q&A:

In general, what kinds of information security issues does an organization face?

The overarching information security issue in any organization is one of communication, collaboration and the need for transparency vs. the need to protect information from being compromised. Information security is about more than just "stopping leaks." It is also about making sure that people don't intercept, interject or otherwise manipulate agency information for their own ends.

A related issue has to do with protecting the agency's critical IT infrastructure from physical or cyber attack. It's the age-old conflict: If you lock it down completely, then you're protecting it, but you also can't use it. And if you open yourself up altogether, then obviously it won't be long before somebody takes aim.

Finally, the largest threat to an organization's information is clearly from insiders, who have the "keys to the kingdom." And so one must pay great attention to not only the qualifications, but also the background, of the employees and contractors entrusted with access to IT systems. Additionally we must institute checks and balances so that each person is accountable and is overseen.

How do leaders demonstrate security leadership?

Leadership in the area of security is demonstrated in a variety of ways. Obviously the primary method for demonstrating the importance of this function is to formalize it and establish a chief information security officer with the resources and tools at his or her disposal to get the job done.

But security leadership also means building an awareness of risk (and countermeasures) into everything we do: education, awareness, planning, designing, developing, testing, scanning and monitoring.

When new applications or services are being planned and rolled out, does security have a seat at the table?

I can't imagine any organization these days that doesn't consider security in planning and rolling out new applications or services. The real question is, does the organization have a formal process in place to provide certification and accreditation for IT systems? By law, federal agencies are required to do this.

Would you say that information security is generally tightly integrated into organizational culture?

I think that a security mindset and culture predominate in professions where security is paramount, such as law enforcement, defense and intelligence, for obvious reasons.

But the larger question is, how would other organizations make the transition to a culture of greater information security? And this is actually a really important question in today's age of transparency, social networking, Web 2.0, etc., where so much information is freely flowing in all directions. One approach that I have adopted as a culture-changing mechanism is to treat key initiatives as products to be marketed to a target audience. The IT security professional needs to be a master communicator as well as a technical expert, so that employees not only grudgingly comply with necessary measures, but are actively engaged with, and support, their implementation.

At the end of the day, the organization's information security is only as strong as its weakest link. So security has to be as deeply ingrained into the culture and day-to-day operations as possible.

Is information security an inhibitor to new initiatives?

Information security is one of many requirements that new initiatives must meet. And of course there will always be people who see compliance as an inhibitor. But the reality is that security compliance is an enabler for initiatives to achieve their goals. So the key for IT security professionals is to keep educating and supporting their stakeholders on what they need to do to achieve success and security at the same time.


Share/Save/Bookmark