Risk is just something that happens in life. We drive, we could crash; we cook, we might burn ourselves. Risk is also something that’s been big in my life, although for me it’s not so much managing the things that could go wrong when I work and travel, but more a lifetime of studying risks in different contexts, and working out how to predict, manage, mitigate, and recover from them (if you’re curious, I’ve worked on everything from transport safety to risk-based command decision making).
Risk isn’t just the bad thing that can happen. It’s thinking about how bad, how…
I swear my best posts come from random conversations on the internet.
The Pyramid of Pain describes the types of indicators you can use to make sense of / detect a cyber attack. In a curious moment, I asked it’s creator, David Bianco, if there was a disinformation version of it yet.
Erm… not yet? And he’s been thinking about it, and I have, so I scribbled down some tweets.
David’s question: “The Pyramid of Pain is about helping analysts & detection engineers make better choices wrt the types of IOCs they use for detection of security incidents. How would…
The cloud is someone else’s computer. Free apps are someone else’s resources.
I relearnt a lesson this morning: never rely on something that someone else owns. We do research at Threet, so we have a set of shared datastores, some paid for, some using free apps. One of these was our shared list of academic references, with our labels and notes on each paper.
The app hosting this deleted our library last month. We lost years of work. …
I got into a twitter thread, and it got big enough to post.
It started with https://twitter.com/QuinnyPig/status/1344467144008863744 — musing that they’re not convinced that anyone in tech has ever been asked “How would you design our products to reduce the potential they’re abused?”
Tech organizations have definitely been asked this question about designing to reduce digital harms. Some tech organizations - @ushahidi, and other organizations that are part of a network of work that connects at @rightscon, @EngnRoom, and similar - have definitely worked on answering it. …
[co-written with Pablo Breuer]
Yesterday talking to someone, mentioned the Disinformation SOC, and they went “yeah, those things”. So it’s mainstream now, and we’re well overdue talking about it (and what we’ve done to run distributed disinformation SOCs).
Questions. When does a group of people tracking disinformation turn into a SOC? What is a SOC? Do I need a SOC? The answer depends on who you are — if you’re a government, it makes sense; if you’re an organisation, it may or may not make sense.
What is a SOC? It’s a Security Operations Center. In summary, it ingests indicators…
I spoke recently at Disclosure — a conference started by Marc Rogers, bringing together interesting systems thinkers across information security. Last year, I spoke about how to adapt infosec to disinformation defense; this year about what the CogSecCollab leads have learnt from running the CTI League’s Disinformation response team.
2020 is where cognitive security, the idea of treating disinformation as an infosec problem akin to malware, really caught on. First, let’s talk about definitions. Misinformation is false content. In disinformation, the content doesn’t have to be false — some of the best disinformation campaigns use mostly-true information twisted out of…
It’s 2020, it’s fire and politics and is it time for the meteors and aliens yet season, and friends have either already evacuated for fires, or are finally sorting out their emergency packing lists for leaving their homes on foot, or by car with notice ranging from none to a day. Nothing quite so drastic here: I’ve been checking emergency supplies, was moving the book overspill pile off the floor, and it was a good excuse to fill my office shelf with the books I’d grab first. Here it is.
Probably no surprise that this is bookended by Marshall McLuhan…
I was honored to speak about disinformation at AI for Good today.
First, my bottom line: disinformation defence is based on data science. It contains the familiar data science elements of people, process, data, algorithms and insights. In my talk, I went through each of these.
Over at CogSecCollab, we’ve been working on distributed disinformation defence: how do we build teams across disciplines, in many different geographical locations, to reduce the incidence, spread and effects of large-scale disinformation, which is itself distributed across groups, locations, platforms, areas of interest etc.
We had two templates for this: we’d seen the Baltic…
I was self-quarantined from 29th Feb to 13th March 2020, as part of trying to stop the potential spread of Covid19 in Washington State USA. These are my daily notes to friends from that time.
We’re likely to have a lot of people inside soon. This is likely to change how we from and act as local and wider communities for a while: here are some of my notes on that.
Thoughts about community. Because a) we’re all about to get a lot more local, and b) community is how we get through the next few weeks/months.
Social data nerd.