Week ending 092516

Quick hits as I re-ramp up my Week Ending posts.

  • Holidays in Japan while I’m back in the States.
  • Great feedback from the client about our work.
  • Wish I’d attended @Derbycon.
  • I’ve been back in Detroit on my return from Tokyo. Spent time with my kids, fun time talking about Tokyo and getting sushi (their idea) and my impending move.
  • A great guest joined us on @pvcsec – Marcelle Lee.
  • Professionally I connected with some new folk and a bunch of friends & colleagues.

A Bit of Travel

On my way to Tokyo as I write this, taking a break from a lengthy client report due in a few weeks.

I’m appreciative of some things:

Economy+ (or less an exit or lesser a bulkhead seat) makes a big difference for me when on a flight longer than two hours. Detroit to Tokyo and the return make it mandatory for me.

An unoccupied middle seat is wonderful.

A friendly and smaller than me person in the aisle seat makes getting out of my window seat (needed for potential naps, elbow protection, and no cart pummeling) outright delightful.

The 747: my favorite airplane. The 787 and 380 are swell and all. For my money there is nothing like flying this beautiful double-decker. I will fly the lower and upper decks in business/first class before they’re retired.

My new travel kit bag pleases me. Tom Bihn’s customer service is matched by the quality of their products.

Audible books and podcasts onĀ @pocketcasts make the trip entertaining and educational while I write.

Engagement Zen: Transforming IT & the Business through Security for Fun + Profit

Recently I presented a talk at BSides Detroit 2014. It was a fantastic experience. The organizers were excellent. The audience was great. I loved standing up on stage in front of people for the first time in almost two years. The feedback was constructive and wonderful. I look forward to continuing the conversation and presenting this talk at other events.

What’s the talk about? It’s about how Security is a different entity inside of any business, assuming Security’s role persists in-house and not out-sourced. Security Professionals cross all the silos that a traditional IT organization creates and isolates themselves with (DBAs, AppDev, Linux SysAdmins, Windows SysAdmins, Network, etc.). Security Professionals see and interact with parts of the business that IT typically doesn’t (HR, Legal, Finance, R&D, etc.). This provides Security with a unique perspective.

Security must leverage their unique position to make a positive and memorable impact with IT and the business. Spreading Fear, Uncertainty & Doubt (FUD) isn’t the way. Conveying the message that the sky is falling isn’t the way. Constantly saying “no” isn’t the way.

What is the way? Talk with IT & the Business. But don’t talk with them about what you want, which is Security. Talk with them about what they want. Ask them about their fears and concerns and problems and what they wish they could do but don’t know how to do.

I wanted to come up with an approach that wouldn’t need approval or bureaucracy or some management intervention. I wanted something anyone could do at zero cost at any time with little to no gear needed.

And thus: Interview them. See the slide deck for how to go about this.

If you can solve a problem of IT &| the Business, one that leverages Security’s unique view inside of the organization, then they will want to engage with Security in the future. If done properly they will seek you out, accept when you engage, and consider you a trusted advisor.

It also has the benefit of action. That is much preferred versus waiting for someone to realize that security is important.

Several people have asked where to get my slide deck for the talk. You can get it from Dropbox here.

Buenos Aires, EZE to ATL to DTW

[ed: if this is a repeat post, my apologies.]

The Aerolineas Argentinian lounge was really nice once I found it. They had snacks, drinks of various varieties, free wifi, and comfortable seats. I grabbed some sandwiches and a beer and camped out. The occupants were me and one other guy all the way at the other end of the lounge. It was 2 hours to boarding.

Just as I settle in a family from the US came in, louder than a flock of geese. The spread themselves out across seating for twice the number then proceeded to talk with each other. They’re obviously southerners, and not accustomed to the lounge scene. I snacked some more, but eventually I just packed up and left.

Yes, they were on my flight.

After buying some chocolate I headed to the gate. The area was crowded and poorly laid out. The boarding lanes were basically right up to rows of seats. There was a lot of staff there but no one seemed to run the show. They started letting some folks board before they made the boarding call. Then they did pre-boarding. Finally they did business class.

Flights originating overseas for the US requires yet another review of your papers and riffle through bags before you board the plane. As usual this is cursory and I few through.

Once on board it was clear the cabin crew was no better organized than the gate crew. They kept getting in each others way. They came around with coffee and tea before anyone had any cups, and it took that guy a few minutes to realize it. Different parts of the business class cabin got fed before others, or drinks before others, but in no rhyme nor reason I could fathom other than randomness.

I tried to give the cabin crew a box of chocolates but I couldn’t get and keep anyone’s attention long enough, so I gave up.

The plane itself was an old-style 767-300ER. The overhead bins were the old flat small kind. The seats were not lay flat. I don’t fit those seats very well when trying to sleep. It’s like I’m both too tall and not tall enough. Shen I shift to make my legs and knees have good support it hurts by back. When I shift down to help my back my feet hang over the end making them hurt. And forget about turning on your side. And it was warm in the cabin for the whole flight. Turning the air vent on did little to ameliorate.

I got maybe two hours of sleep on the plane.

The food and wine were great. I’ll do a write up and post pictures later.

A good illustration of the disorganized flight was as we were about to land. I don’t mean as they announced that we’d started our descent. I mean we were a few hundred feet off the ground and one of the cabin crew shouts, “Sir! You have to take your seat for landing!” The fellow dropped into his seat two beats before the wheels hit the tarmac.

I saw the flight attendants walk down the other isle twice, but no one walked down ours.

In ATL, the Global Entry/Global Traveler worked better than it ever has. There are 10 to 20 of the kiosks ready to go when you hit the immigration section. This was great because several other oversees flights arrive just before and just after our plane. I was through and waiting for the bags when our carrouselĀ  kicked in.

My bag came off early, so I went to the transfer point, checked in for my flight, and tried to drop my bag where the woman told me to. Another staffer said, “You can’t do that here”. She said it while handing other peoples’ bags.

“You have to take it to the counter over there”, pointing to where I had just checked in.

The check-in kiosks are cordoned off in such a way that intuitively anyone would do the same thing I did. There was no direct path from the machine to the counter. And when I walked up no one was at the counter.

Anyway, I dropped my bag off and wandered in. I asked how to get to the new international terminal and was pointed up the escalators.

Terminal F looks nice. Nothing much was open at 6 AM yet, but I followed the signs up another escalator the the new Delta Sky Club.

This place is nice. There is a lot of room, a lot of light, and it is all brand new.

After I checked in I made my way to the showers. An agent was there to check me in to one of the rooms. She loaded me up with toothbrush and paste and mouthwash and a razor (much needed) and shaving creams and lotions and stuff. Shampoo and conditioner and body wash were waiting for me in the room, number 8.

As a note, number 7 apparently is the biggest one since it is made for handicapped use.

I took a shower, shaved, cleaned my teeth, and redressed. I felt so much better! I found a place to sit then grabbed some oatmeal and yogurt from the counter, some coffee from the machine, and a New York Times.

After that the lack of sleep started to catch up with me so I moved into the “Beats Lounge”, some co-branding thing that I think isn’t fully up and running yet. The chairs are big and recline somewhat with swivel work tables. I plugged in then took a 2 hour nap.

I woke to the sound of a loud southern woman talking. She sat with her friend just outside of my area. She talked on the phone, she talked to her friend, then the other friend, and her husband, and more on the phone.