Let's talk cybersecurity #hysteria.

1/8
Four days ago, Chris Krebs confirmed cyber terrorists had remotely shut down the east coast's lifeblood.

His tweet is why I fueled my pickup that very day with $140 of diesel at $2.67/gal at Dodge's gas station on Rt 49 in Gulfport MS.

2/8
Cybersecurity #hysteria has done amazing things over the last three decades.

And I do mean "amazing"!

It led us the knee-jerk idea for a "precautionary disconnect," which is when we shut down our operations to prevent a computer attack from shutting down our operations.

3/8
Of course we now know it was #ColonialPipeline who shut down their own operations, not the cyber terrorists--

--because they don't trust their own cyber security team.

And why should they?

I've railed for two decades on the *true* purpose a CISO serves to a company:

4/8
To whit: CISOs must capitulate to policy & waiver demands they literally can't refuse.

Things no CISO in their right mind would allow.

Too many CISOs are like the bandleader who was forced at gunpoint to sign away his rights to a great singer:

5/8
A *big* problem with many (most?) CISOs is that ... once they put their signature to each bizarre policy ... or sign a bizarre policy waiver...

...their egos convince them "that was MY policy" or "that was MY waiver decision."

Their egos make them #own piles of shit!

6/8
So it's no wonder #ColonialPipeline didn't trust their own cybersecurity team.

They know what they forced the CISO to do!

I imagine right now their CISO is slunched in a stupor, staring at allllllll those signatures he (she?) (probably "he") put on paper. Wondering aloud:

7/8
"Why would I ever put my signature to this? Why did I sign off on that?"

It's because you had no damn choice, sir. ("ma'am"?) (probably "sir")

Somebody must earn your salary and sign those idiotic #cyber policies #ColonialPipeline demands. If not you, then someone else.

Others among us will independently come to the same conclusion