Profile picture
, 18 tweets, 8 min read
My Authors
Read all threads
It still boggles my mind that we will have people flock to conferences about the latest and greatest thing, and then come back to their org wanting to do that latest and greatest, but not be willing to invest in the basic work required to share up and mature the org to fix stuff.
"I want to do $buzzword_tech" while not even taking a moment to possibly get all their systems to a maintainable standard, reliable inventory and maintenance cycle, and repeatable and reliable processes. Again, like building the Burj Khalifa on quicksand. gizmodo.com/without-trucks…
...you're doubling down on resources, and creating exponentially larger piles of tech and process debt that, given the tenure or most tech execs, will not be their problem, as they will be gone by the time the shit tankers run out of places to dump... fix this, then modernize
...I had been thinking last week, positing that we do, in fact, have a finite set of vulns and security issues, bounded only by the number of ways people stick code and system together to solve a problem. It's mathematically solvable... but nobody has the resources to solve it...
...but each new company with a security solution finds a new rube to sell something to, hoping it's the giant beanstalk to riches and the easy life... but rarely is good at solving or helping with the basic triage and response to address that finite set of vulns.
This is the vicious cycle until somebody says enough. Again, sort of that "building an airplane while it's taxiing down the runway"... but nobody is often willing to say it's not flight worthy for the sake of being agile or be ahead of a competitor or meeting an unrealistic goal
Metrics and goals set by folks who do not have a grounding in the inertia required to overcome getting things rolling are doing more harm to an org than those who are rapidly trying to rivet on the wings for flight. Because they are the pilot thinking they can get to SFO by 3pm
as @sawaba said, "do the basics" isn't sexy or has no marketing budget, but possibly it's on the vendors to put some prerequisites down to be an actual partner in their client's success... "wins" tend to stay in the memory longer, sort of a "security endorphin rush"...
@sawaba When doing IR/IH, the memory of those incidents usually only last as long as the folks involved are around, and the same lack of investment, process, and strategy exit with them as does momentum. The capitalizing on how to move your security strategy forward needs this accounting
@sawaba How many news stories of note, that are "ZOMG this thing happened" die in the public conscious unless they are localized moments after their reporting. What have we done with Equifax? Those reports were great, but what has actually changed other than staff and stock prices?
@sawaba .So, when do we stop falling into the slick marketing escapades - and actually have tracks that get people to actually fix stuff? Are there tracks and talks on how to responsibly argue for your budget, develop a maturity model that adapts, carry the post-incident advocacy forward
@sawaba These are central questions I ponder about my future in this career... having been toe deep in essentially all three major senior tech leadership roles... and wonder where my influence and techniques resulted in the most positive change... where is the leverage best applied?
@sawaba CIO - budget and resources
CTO - implementation and operations
CISO - validation and authorization

Each need each other and need to be peers and supportive to a core goal and strategy, w/o that, you will ultimately fail. Nobody is the sole owner of the strategy, TBH
@sawaba ...if you're not getting this, or your org isn't and is out of balance (with one exerting too much sway over another) you will fail miserably in these pursuits. Governance helps with some guardrails, but not to limit the work, but to keep you from boiling the ocean too fast.
@sawaba ...many see it as handcuffs... but it can be the best control valve to have your tech org from doing the "ooh, squirrel" on every new request and whim and actually get stuff done. Or as from "The Right Stuff" - "No bucks, no Buck Rogers" (I have a deck on this)
@sawaba ah, found my deck...this was based on some approaches I did at @WaltDisneyCo as well as at @USTreasury and finally put it in a deck for my current employer when I first got there in 2017 (says FOUO, but it was not that, this was my template and my content)
drive.google.com/file/d/1LzIlvj…
@sawaba @WaltDisneyCo @USTreasury ...incomplete deck, but it was brainstorming (which I do a lot)... about what you really need to do to support innovation in any facet of tech... in some cases, remove tech out of it and focus on resources, capabilities, outcomes and processes in use to optimize & deliver on.
@sawaba @WaltDisneyCo @USTreasury Sorry for the rant... had an off-putting day, but needed to brain dump to do a temp check with you all.

Also: "Friends don't let friends say or use AI or ML without a firm grounding in math and potentially computational linguistics, otherwise it's fantasyland of buzzwords"
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Amélie E. Koran

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @webjedi see all

Profile picture
Amélie E. Koran
@webjedi
I figured it was worth a little explainer for the Anti-Deficiency Act and relation to IT operations and shutdown activities. I write as somebody who's been through a few in various roles... (1/12)
To clarify on the “it’s a static site, why can’t they…” comments. Each agency affected typically has a mix of appropriated funding: “no-year” & annual, each with time limits of when and what it can be spent on as well are... (2/12)
...“fee-based” for certain programs. During shutdown activities aligned with a “lapse in appropriation,” agencies and their components will utilize remaining funding to wind down operations to a minimum (hence the “Not Open” signage)... (3/12)
Read 12 tweets

Related threads

Profile picture
Emily Deans MD 🦃
@evolutionarypsy
1/5th of the way through the Anonymous book. No surprises so far. Anonymous says he/she remains anonymous because they don’t want their identity to be a part of the message. They note that the Federalist papers were published anonymously.
Interestingly a lot of the book so far is couched in the style of who we are, as Americans, what our democracy means, what the history is. What Teddy Roosevelt said about criticism of the presidency.
I don’t think Anonymous serves this theme by remaining anonymous.
Read 37 tweets
Profile picture
Secret SoSHHiety
@sandboxtactics
Reincarnation
by Mike Oppenheimer

(Thread)

Reincarnation seems to be a prevalent view in our society today. Mankind has continually searched for answers about life & the afterlife, & there are various religions that promote differing views.
Hinduism, which is one of the oldest in the world, has influenced our culture more than any other, with the exception of Christianity. Its view of pantheism, that theirs is a god who is nature itself & lives in all things, the trees, the water, the air.

He's not a personal being, but an encompassing all. This is called monism, all is one.

en.wikipedia.org/wiki/Monism
Read 229 tweets
Profile picture
Truth STILL Matters
@TruthMatters333
@Oprah @ABC @NASA @netflix @OffsetYRN @ava @johnlegend @NBCNews @RonanFarrow @oprahmagazine @danwootton @TheSun @rupertmurdoch @piersmorgan @ZerlinaMaxwell @UN_Women @billboard @KeirSimmons @BritishVogue @vmas @nytimes @TVLine @usweekly @OfficialTCA @Trevornoah @POTUS44 @BarackObama @foxycar @IndieWire @OWNTV @amkwindsor @TheEllenShow @akstanwyck @Telegraph @CharlesMBlow @GayleKing @VanityFair @Patriots @thedailybeast @CEThomson @meghanpedia @JuddApatow @voxdotcom @MissyElliott @chrissyteigen @HBO @RAINN ❤️
@Oprah @ABC @NASA @netflix @OffsetYRN @ava @johnlegend @NBCNews @RonanFarrow @oprahmagazine @danwootton @TheSun @rupertmurdoch @piersmorgan @ZerlinaMaxwell @UN_Women @billboard @KeirSimmons @BritishVogue @vmas @nytimes @TVLine @usweekly @OfficialTCA @Trevornoah @POTUS44 @BarackObama @foxycar @IndieWire @OWNTV @amkwindsor @TheEllenShow @akstanwyck @Telegraph @CharlesMBlow @GayleKing @VanityFair @Patriots @thedailybeast @CEThomson @meghanpedia @JuddApatow @voxdotcom @MissyElliott @chrissyteigen @HBO @RAINN Ahem ⬇️👑🥰
@Oprah @ABC @NASA @netflix @OffsetYRN @ava @johnlegend @NBCNews @RonanFarrow @oprahmagazine @danwootton @TheSun @rupertmurdoch @piersmorgan @ZerlinaMaxwell @UN_Women @billboard @KeirSimmons @BritishVogue @vmas @nytimes @TVLine @usweekly @OfficialTCA @Trevornoah @POTUS44 @BarackObama @foxycar @IndieWire @OWNTV @amkwindsor @TheEllenShow @akstanwyck @Telegraph @CharlesMBlow @GayleKing @VanityFair @Patriots @thedailybeast @CEThomson @meghanpedia @JuddApatow @voxdotcom @MissyElliott @chrissyteigen @HBO @RAINN Tell it 🙂
Read 507 tweets
Profile picture
Richard James
@RichJamesBits
I have reached a whole new level of #PISSEDOFF.

I didnt think such a #dark and #scary state, or level, could be reached. It may top 12-14-17's causation. It's. That. Bad. So, I've prepared a statement...

docs.google.com/document/d/1_J…

#PascoSheriff #HaveYouAllNoShame @CigarCityBeer
Dear @FBI,
I must implore you ask your colleauges in @FBITampa to help research this new level of #PISSEDOFFNESS. As locals, they may offer a special indepth knowledge of this new level I have reached. This is not fair & law enforcement must #investigate. No one deserves this.
This is my #apogee of #Pissedoffness.
If #motherfuckers & #tears werent a noticable level.
If #HUSH or #INTIMIDATION tactics being deployed didnt strike a chord.
If #EVIDENCE, PROOF, or 30k Bonds didnt #WOW YOU.
If posting mom with no shred of investigatable value wasnt enough...
Read 463 tweets
Profile picture
Cleolinda Jones
@cleolinda
Later today I want to do at least a little of The Last Jedi, after I have reviewed the deleted scenes. I also have excellent news: I have discovered @threadreaderapp and can give you all umpteen movies in a readable format: #sithmas
Full Attack of the Clones thread (I did not have Phantom Menace on hand): #sithmas threadreaderapp.com/thread/9768109…
Full Revenge of the Sith thread #sithmas threadreaderapp.com/thread/9769825…
Read 146 tweets

Trending hashtags

#transphobe #SquareOneMJ #SICK #profoundly #QB #cultures #dirtyjudges #PascoCourtHouse #LIE #lies #experience #6thJudicalCircuit #DepressionIsReal #badguy #Fanar #LindseyGraham #Things #DIRTY #LookItUp #HIDDEN #TakeTheKnee #DIRTYCOPS #challenges #notalone #depravity
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!