ja_mageia

Crisis management professional love acronyms, the easier to remember the better. Thus the simplest is appropriately one of the most important, STPA (Stop, Think, Plan, Act).

When you are in the heat of an emergency, all you need is STPA. STOP, and take a deep breadth, stop doing anything, have everyone be quiet for a second and mentally slow down. THINK, about what happened, is there still an imminent threat? Let everyone quickly float their ideas. Then, PLAN. What are the specific steps you could follow to solve this crisis? List them, which is first, second, and so on. Only then with a written plan, and a single person coordinating the actions of everyone else, should you finally ACT.

Data Analysis is a powerful tool to enable business decision making. It can also be a dangerous way to misunderstand your business, as Mark Twain said, “There are three kinds of lies: lies, damned lies and statistics". The most common failure in data analysis and visualization lies in confirmation bias ; meaning you start with a hypothesis and work to confirm it. In exploratory data analysis, you should always start with a clean slate, work to find structure in your data and then analyze its root cause. This gives you a working hypothesis which you can then work to disprove. If you cannot, then you may have a useful business metric.

The need for effective endpoint security has never been stronger in our ever-increasing mobile workforce. No longer are people merely reading internet news and content, they are actively posting new articles, modifying and providing feedback to existing content. A more dynamic, user-generated Internet combined with the increased mobility of computers and smart devices has created a paradigm shift known as Web 2.0. With this shift in the way we all use the Internet comes interesting security challenges, particularly enterprises struggling with endpoint security.

As part of OS X 10.5, Apple has included a sandboxing feature, supposedly similar to systrace in OpenBSD or AppArmor on GNU/Linux. As an early adopter of Leopard, I was interested in testing this feature to lock down applications. Unfortunately, I discovered that Apple's sandboxing technology is less than mature when compared to competing technologies.

Today, our economic growth engine is in the Small and Medium Business market, or SMBs. All of these businesses are primarily focused on a core competency or area of expertise. Hence, most SMBs do not have dedicated IT Security professionals to minimize the threat and risk to their businesses. Implementing an IT Security plan and policy for an SMB need not be complex or costly. The “industrial strength” IT Security solutions implemented by large multinational corporations may not be necessary for smaller and more nimble companies. In addition, the leading Managed Security Service Providers (MSSPs) offer standardized, one size fits all, services that frequently miss the mark on cost and flexibly.