When You Need To BLUF

Bottom Line.jpeg

Most professional (and even personal) communications should start with…

________________________


BLUF (Bottom Line Up Front).


This means that you start with the ending–in mind, on paper, verbally, and in digital format. 


You provide the conclusion and/or recommendations right up front.


Rather than first wadding through all the details–context, analysis, considerations, assumptions, risks, etc. 


Let the reader know right away what it is you want. 


Generally, this is different than an abstract or summary that provides a synopsis and leading evidence for the argument put forward. 


Tell me what I need to know and get right to the point! 😉


(Source Photo: Andy Blumenthal)

The Trouble With Our Security

Pope Mobile Fiat.jpeg

So the problem with our security is that we value our openness more than we do our security.


And perhaps, we fear war more than we desire true peace. 


This was a photo from Summer 2015 when the Pope was in DC.


And despite a “massive” security apparatus set up to protect the Pope, the “largest security operation in U.S. history“…


Check out this photo of a colleague who was able to literally run up to the Fiat car where you can see the Pope waving from. 


Our security is full of holes–if this guy had a gun, molotov cocktail, or bomb then the top Christian leader in the world could’ve been taken out, just across the street from the U.S. State Department.


As a democracy, we value openness and freedom to say what we want, do what we want, protest what we want, carry guns as we want, but when is open too open?


Again, whether it comes to cybersecurity or physical security, unless we start to get serious about what massive and large security really means, it is just a matter of time before something really terrible happens, G-d forbid. 


We’ve got to do a better job balancing security and openness. 


No one should be getting right up to the Pope’s car like this!


No one should be smashing windows, burning cars, and attacking police and pedestrians in Washington, DC or anywhere.  


No one should be buzzing our battleships and jets!


No one should be hacking into our sensitive cyber systems, taking down and crippling them and stealing our secrets!


No one should be recruiting, plotting, and carrying out increasing and devastating terrorist attacks right under our noses in this country or elsewhere. 


No one should be using chemical weapons around our red lines in population centers or in airports!


No one (Iran, North Korea, Russia) should be developing, testing, and aiming nuclear ballistic missiles at the West!

War is a last resort, but this is not peace.


It is time to rethink our security posture…it is past time. 😉


(Source Photo: A Colleague)

Countdown To Nukesville

nukes

So I keep reading and hearing about Russia preparations for nuclear confrontation with the West and the overall risk rising greatly:


– Investing in new advanced nuclear weapons, such as stealth nukes that can destroy an area the size of Texas or France


– Adding hundreds of new warheads


– Moving nukes to the European doorstep of Poland and Lithuania


– Flying Russian bombers within 40 miles of California coast


– Pulling out of non-proliferation agreements, including producing new intermediate range nuclear cruise missiles 


– Violating security pacts to destroy plutonium stockpiles


– Skipping the nuclear security summit


– Conducting massive civil defense drills


– Threatening asymmetrical and painful actions against the West, including first strike


– Building new bases in Ukraine, Syria, and now eyeing Cuba and Vietnam


– Building dozens of new underground bunkers


– Entering a new arms race with the U.S. 


Well perhaps this is all just saber-rattling bluster and party-rallying political rhetoric.


The real question is if this is all talk, then why all the costly actions being made?


Self defense experts always say never pull out a weapon unless you seriously intend to use it, so are Russia’s intentions to simply counter the West or is it going to go way beyond that. 😉


(Source Photo: Andy Blumenthal)

The Best Cut

Butcher
So I wasn’t sure I wanted to share this, but my wife encouraged me in an effort to help others going through similar things.



Recently, I went to the Surgeon about my other hip to read my MRI…



After having read the report myself before the appointment, I was convinced I was heading under the knife again with the pain I was experiencing, challenges getting around, and the verbiage in the report like: 



“Significant…”



“Advanced.”



Anyway, my daughter came along because I wasn’t sure I was going to easily get parking in this place…always a challenge there. 



Waiting for the doctor, I asked G-d for a miracle, since after all the hospitalizations this last year, I literally thought that another one at this time could very well kill me.



Low and behold, the doctor comes in and as if G-d is directing his speech for the next 40 minutes or so, he does everything to dissuade me from having the surgery this month, even though he was the one at the last appointment that had already booked me on his surgical calendar. 



So today the miracle unfolded…



First, the doctor read my MRI, but then quickly flipped the screen to an MRI of another patient–a 76 year old–and he showed me the unbelievable progression of the osteoarthritis from near onset to ultimately the complete collapse of the joint over about 9 years time for this lady…the last MRI looked like complete and utter bone devastation–I had never seen anything like it!



Next he opened his drawer and took out a horror basket of used replacement joints parts that he had removed from patients that needed revision–he showed me the wear and breakage and described in horrible detail how he often has to dig these out of the bones of his patients and how each revision–which everyone will need after about 10-15 years or sooner if they become symptomatic–becomes more complicated and dangerous in terms of infection, blood clots, and recovery. 



Then he told how in the field so many replacement surgeries do not go well and that he sees 3-5 patients a week who come to him because they are UN-happy with the replacements their doctors did. 



This went on and on, and bottom line…he said, “I love to do the surgeries–I really do–but wait as long as you can before getting it [on the other hip], since while it can provide for short term improvements, each revision is worse, and at your age you could need three–on each side.”



Needless-to-say, from this whole thing, I was in utter shock and some disbelief as I had been told these prosthetics can last 20-25 years with the newer models, and I was not aware of what the revisions really entailed in later years or the challenges they brought. 



As he continued to describe the risks in painful vivid details (note, I was his last appointment of the day and he was talking his time here), my eyes were literally welling up in tears.



I looked over at my daughter and she was sitting mouth agape shaking her head at what he was saying. I was deeply sorry that she had to sit through this (what we had thought was a simple MRI reading and confirmation of the upcoming procedure date). 



I left the doctor’s office, of course, canceling the surgery–still in severe pain and with trouble walking–however, “scared straight” to make the best of this for now, but also afraid of what lies ahead. 



I have to have faith that the L-rd who made the miracle to hold off on the surgery for now will continue to guide and protect me through this illness that today has no cure. 



(Source Photo: Andy Blumenthal)

Yes, I Mean No

This is a hilarious video of a social experiment.

This girl–a complete stranger–goes up to random guys and asks “Would you have sex with me?”

On the top there is a running counter–thumbs up or down–for how many of these guys say yes or no.

The final count for this girl and the complete strangers is 50-50!

The reactions of the guys who stumble all over themselves ranges from “Are you crazy?” and someone who actually calls the police on her to “Why not?” and “I will definitely have sex with you!” or how about this guy who offered up a middle of the road approach of “Would you like to hang out with us first?”

In a companion video, they reverse the social experiment, and a guy propositions random girls with the same cavalier question.

In 100 cases, he was rejected!

So are women more discriminating? Are they looking for intimacy while men are looking for a physical hookup? Or are men just driven by their chemistry, evolution, and species preservation to procreate far and wide?

While the girl chosen for this experiment is undeniably attractive, given the risk of STDs and AIDS and also broken relationships and even families, you still have to ask yourself are men’s brains fully wired on right? 😉

Go Safe or Go For It?

In_it_to_win_it

I came away with some thoughts on risk taking watching this scene from the movie “Lies and Alibis.”

The girl says: “Simple is boring.”

The guy answers: “Boring is safe.”

The girl responds: “Safe is for old people.”

(Note: nothing personal here to the elderly. Also, hope I didn’t get the who said which thing wrong, but the point is the same.)

Take-a-way: Very often in life we aren’t sure whether to take a risk or not. Is it worth it or is it reckless? And we have to weigh the pros and cons, carefully!

– We have to ask ourselves, where’s the risk and where’s the reward?

We have to decide whether we want to try something new and accept the potential risk or stay stable and go safe with the status quo that we already know.

At times, staying with a bad status quo can be the more risky proposition and change the safer option–so it all depends on the situation.

– We also have to look at our capabilities to take chances:

For example, in terms of age appropriateness–it can be argued that younger people can take more risk, because they have more time to recover in life, should the situation go bad.

At the same time, older people may have more of a foundation (financial savings, built-up experience and education, and a life-long reputation) to take more chances–they have a cushion to fall back on, if necessary.

– In the end, we have to know our own level of risk tolerance and have a sense of clarity as to what we are looking for and the value of it, as well as the odds for success and failure.

It’s a very personal calculation and the rewards or losses are yours for the taking. Make sure you are ready to accept them!

Finally–always, always, always have a plan B. 😉

(Source Photo: Andy Blumenthal)

Understanding Risk Management

Managing_risk

Information Security, like all security, needs to be managed on a risk management basis.

This is a fundamental principle that was prior advocated for the Department of Homeland Security, by the former Secretary Michael Chertoff.

The basic premise is that we have limited resources to cover ever changing and expanding risks, and that therefore, we must put our security resources to the greatest risks first.

Daniel Ryan and Julie Ryan (1995) came up with a simple formula for determining risks, as follows:

Risk = [(Threats x Vulnerabilities) / Countermeasures)]  x  Impact

Where:

– Threats = those who wish do you harm.

– Vulnerabilities = inherent weaknesses or design flaws.

– Countermeasures = the things you do to protect against the dangers imposed.

[Together, threats and vulnerabilities, offset by any countermeasures, is the probability or likelihood of a potential (negative) event occurring.]

– Impacts = the damage or potential loss that would be done.

Of course, in a perfect world, we would like to reduce risk to zero and be completely secure, but in the real world, the cost of achieving total risk avoidance is cost prohibitive. 

For example, with information systems, the only way to hypothetically eliminate all risk is by disconnecting (and turning off) all your computing resources, thereby isolating yourself from any and all threats. But as we know, this is counterproductive, since there is a positive correlation between connectivity and productivity. When connectivity goes down, so does productivity.

Thus, in the absence of being able to completely eliminate risk, we are left with managing risk and particularly with securing critical infrastructure protection (CIP) through the prioritization of the highest security risks and securing these, going down that list until we exhaust our available resources to issue countermeasures with.

In a sense, being unable to “get rid of risk” or fully secure ourselves from anything bad happening to us is a philosophically imperfect answer and leaves me feeling unsatisfied–in other words, what good is security if we can’t ever really have it anyway?

I guess the ultimate risk we all face is the risk of our own mortality. In response all we can do is accept our limitations and take action on the rest.

(Source Photo: here with attribution to martinluff)