Contrast the RSA Conference’s theme of the Human Element and the vendors’ theme of AI/ML appliances. This debate between intelligence augmentation and artificial intelligence has a long history, going all the way back to Douglas Engelbart versus Marvin Minsky. Let’s look at the history and look at the use cases for AI/ML in today’s security operations.
Watch more videos on my YouTube channel.
The staring red camera and chillingly calm voice of HAL 9000 inspired and unnerved a generation of IT people. It’s well known that Arthur C. Clarke drew inspiration from IBM to name HAL. But where did the 9000 come from? This traces back to the first Italian mainframe: the Elea 9000. Look at photos of the Elea 9000 and the HAL 9000 in Discovery One, and you will see some visual similarities too. The Elea 9000 had a certain beauty, owed in part to Ettore Sottsass.
Ettore Sottsass was a design consultant for Elea 9003 in the 1950s. In the 1960s, Sottsass would design the iconic Valentine typewriter. From the heights of technology, Sottsass turned his talent to furniture. Chairs. If you’re thinking that’s an odd choice, you’re not alone. Many asked him about this shift. “A chair must be really important as an object, because my mother always told me to offer my chair to a lady,” Sottsass reportedly said. And so he focused on chairs.
There is a lesson here for security. A fundamental is evaluating the value of an asset to determine what is at risk. Of the ways to determine this, the most common are what the asset generates for the organization and what it would cost the organization to replace it. Both measured in dollars. That’s great for computers and typewriters, but what about chairs? Put a different way, quantitative approaches overlook the significance people put on our tools. Securing by what we can measure in dollars leads to decisions which are blind to the human factors.
“I’m sorry, Dave. I’m afraid I can’t do that.” I get chills every time I hear that line. There’s something cold about mechanically making decisions based purely on numbers. When introducing human-centric design to our security programs, we must consider all the ways people determine value. Remember the subjective. Remember the chairs.
This article is part of a series on designing cyber security capabilities. To see other articles in the series, including a full list of design principles, click here.
During the Windows login process, a cleartext password will get shared with the password filters. Sure, this can be used for defense. But it can also be used by criminals to steal passwords.
Watch more videos on my YouTube channel.
A shout-out to one of my favorite typography designers, and a warning about a 0-day exploit in Microsoft Windows.
For more information, visit:
https://ift.tt/3brmQK2
https://ift.tt/2xoAwa8
Watch more videos on my YouTube channel.
One of my favorite stories of the early days of Silicon Valley is Bill Moggridge and the Grid Compass. Here’s how to apply it to building a security capability.
Watch more videos on my YouTube channel.
Security leaders have a bold vision. Leaders have a grand strategy. Leaders excite and engage people to get things done. Along the way, leaders make decisions.
This blog series is about making better decisions. IT security is a new discipline. But creativity and ingenuity are as old as humanity. Week by week, we’ll look to artisans, to architects, and to designers. We’ll uncover principles we can apply to lead and to design security capabilities.
Pilot with chaos. Cyber security is complex. The proverbial butterfly flapping its wings in Brazil producing tornado in the United States. Thankfully, we have chaos theory and security chaos engineering.
– Read the latest design article –
Finally: Here are some of my folksy sayings on cybersecurity leadership and design.
New data from FireEye shows malware authors are waiting days before detonating and executing. Why is this, and what does this mean for the defense?
Watch more videos on my YouTube channel.
The Design of Everyday Things, By Don Norman (W)
The Art of Innovation: Lessons in Creativity From IDEO, America’s Leading Design Firm, (2001) By Tom Kelley and Jonathan Littma (W)
Design and Marketing of New Products, Prentice-Hall, Second Edition 1993, By Urban, G. L. And J. R. Hauser
Designing for Growth: A Design Thinking Tool Kit for Managers, By Jeanne Liedtka, Tim Ogilvie, Columbia University Press
Designing for The Digital Age: How to Create Human-Centered Products and Services, By Kim Goodwin
The Principles of Product Development Flow: Second Generation Lean Product Development, By Donald G. Reinertsen
User Experience Revolution, By Paul Boag
User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play, By Cliff Kuang and Robert Fabricant (W)
Service Innovation: How to Go from Customer Needs to Breakthrough Services, By Lance A. Bettencourt
This Is Service Design Thinking: Basics-Tools-Cases, Kindle Edition, By Mark Stickdorn
The Handbook of Service Innovation, By Renu Agarwal, Willem Selen, Göran Roos, and Roy Green
Design Research: Methods and Perspectives, By Brenda Laurel
Research Methods for Product Design, By Alex Milton And Paul Rodgers
Well-Designed: How to Use Empathy to Create Products People Love, By Jon Kolko
Paper Prototyping: The Fast and Easy Way to Design And Refine User Interfaces, By Carolyn Snyder
Product Design and Development, By Karl Ulrich, Steven Eppinger, and Maria C. Yang
Product Roadmaps Relaunched: How to Set Direction While Embracing Uncertainty, By C. Todd Lombardo, Bruce Mccarthy, Evan Ryan, Michael Connors (W)
Design for The Environment: Creating Eco-Efficient Products and Processes, By Joseph Fiksel, Mcgraw Hill, New York, 1996
Integrating Environment and Technology: Design for Environment, In The Greening of Industrial Ecosystems, By B.R Allenby, National Academy Press, Washington, DC, 1994
