In the future, Anti-Bribery will come built-in with your Android device!

Bribery is one of the world’s most destructive and challenging issues. With over US$ 1 trillion paid in bribes each year, the consequences are catastrophic, reducing quality of life, increasing poverty and eroding public trust.

Recognizing this, ISO has developed a standard to help organizations fight bribery and promote an ethical business culture. ISO 37001 Anti-Bribery Management Systems, specifies a series of measures to help organizations prevent, detect and address bribery.

Become a Certified ISO 37001 Lead Implementer

The ISO 37001 Lead Implementer training will enable you to support your organization in establishing, implementing, managing and maintaining an Anti-bribery Management System (ABMS) based on ISO 37001.

During this course, you will gain a thorough understanding of the global anti-corruption best practices and effectively prevent, detect and address bribery before it negatively impacts an organization’s reputation and profits.

> See our training schedule

Advertisements

What you get from a $10M security system…

> If you liked this video, check out our resilience in popular culture playlist on Youtube for more!

Edward Snowden and John Oliver discuss password security and it’s hilarious!

Really important tips and advises from Edward Snowden. Will this video motivate you to upgrade your password, or passphrase? It sure did for me!

Watch the complete interview at https://www.youtube.com/watch?v=yzGzB-yYKcc&ab_channel=LastWeekTonight

Browse through our collection of Information Security related publications at https://resiliencepost.com/category/risk-security/security/

Not all security systems fail!

Not all security systems are created equals. We often hear about the ones that fail, but rarely the ones that worked!

> If you liked this video, check out our Resilience in popular culture playlist on YouTube.

 

Is Winterfell a resilient castle?

While in the midst of preparations for an upcoming disaster at Winterfell, Sansa Stark displays true Chief Resilience Officer capabilities. Who would have expected modern day resilience concepts in Game of Thrones?
If you liked this video, check out our Resilience in popular culture playlist on YouTube.

Is this the most secure security code ever?

Do you need to find a code no one could break into? Ask Commander Data for help!

> If you liked this video, check out our Resilience in popular culture playlist on YouTube.

Is Gordon Ramsay a good Data Protection Officer?

Physical security has always been the foundation of any Information Security and Data Protection programs.

Despite this, controls are still being neglected and physical threats are often too often overlooked.

Organizations spend millions on security, but then compromise it by missing out physical controls. Even worst, physical security controls are often cheap and easy to implement!

If you liked this video, check out our Resilience in popular culture playlist on YouTube.

Will we ever have satellites that can control the weather?

What if a hurricane could be defused by weather-controlling satellites? BBC Future investigates why this sci-fi staple is such a tall task.

Posted on BBC | By Peter Ray Allison

In the film Geostorm, weaponised weather satellites cause global mayhem

From Star Trek to The Jetsons, one of the hallmarks of an advanced civilisation is seen as the ability to control the weather. More recently, the film Geostorm portrayed a network of satellites designed to prevent catastrophic storms.

As last year’s devastating Atlantic hurricanes demonstrated, we are at the mercy of the weather. Could we ever manipulate it from space?

The videogame Star Wars Battlefront 2 (2017) also heavily features weaponised weather satellites
The idea of tweaking the weather from afar is not as far-fetched as it sounds. As BBC Future reported in 2014, scientists have been on the case for years, albeit using planes rather than satellites. From 1962 to 1983, the American government ran Project Stormfury, which was an attempt to weaken tropical storms by flying aircraft into a storm and seeding it with silver iodide.

Silver iodide is an inorganic compound used as an antiseptic. The theory was that the silver iodide would cause the supercooled water in the storm to freeze, thereby disrupting the internal structure of the hurricane.

It could be argued that we already manipulate the weather, albeit to our detriment, through climate change.

Read entire article Will we ever have satellites than can control the weather? | BBC

The Generation Game: Where resilience matters

Born in the sixies, I grew up a child of the seventies, when there were only three UK television channels available to watch (if you were fortunate enought to have a TV!).

I was raised on a council estate in a working class family and money was tight. Our TV even had a money meter fixed to it, as did the electric meter too! It was a norm back then. It was a way of surviving and living and we were happy. We were resilient.

A ‘family treat’ happened on Saturday evenings when we would watch the BBC programme ‘The Generation Game’. A TV ‘game show’, then presented by the late Sir Bruce Forsyth who passed away in 2017. The format of the show involved family members, usually two adults, one older, one younger (hence generation link); with the aim to take on tasks and skills and compete against another ‘family team’.

IN YOUR EARS

Paul suggests listening to this song to accompany reading this post!

Light entertainment as it’s called

The family who scored the most points along the way, eventually had the chance to witness a converyor belt, loaded with prizes for a short a time, before having to recall the items one by one a short while later. Only one of the family members did this task.
Whatever items they could remember, they took away with them. The audience shouted to help the person remember what had passed by on the belt. It was indeed… ‘a good game, good game‘ (as Brucie would say!).

Family Matters: Business Matters: Life Matters

I am aware that the BBC is bringing the programme back with new presenters in 2018. There have been a number of different presenters over the years and an absence of the programme from the screens altogether. But the concept of a ‘Generation Game’ should not just be restricted to a TV programme of ‘light entertainment’.

In resilience terms, we share what we see, know and do, with family, friends and work colleagues. Our experiences and our joint working together to take on challenges and tasks; not only to win ‘prizes or rewards’, but often simply to get through life and the business jobs at hand. It matters to us all. We share stories and experiences and we pass the information on.

We work together

Conveyor Belt Principle

In our daily family and working lives, it is a pretty good assumption that somewhere along the journey, you will have been trained by someone more experienced. You may have even trained others who had less experience than you. A generation thing perhaps?

There will be ‘family’ love and protective advice passed down through generations to help you along the way. ‘Don’t go off with strangers’ and ‘don’t play with matches’ are just some examples. All kinds of relevant useful tips and information, sat on a ‘conveyor belt’ we see, receive and pass on, with the aim of being resilient; winning or getting through the ‘game of life’.

If you can think of as a many useful and relevant resilient items and tips today, what would you expect to see on the ‘conveyor belt’ and how many would the next generation be able to understand and recall?

Cyber security, emergency plans, business continuity management, flood water protection, emergency grab bag, mobile phone, pen, paper, stay safe leaflet, fire extinguisher, water, clothing, blankets, personal protective equipment, emergency shelter… cuddly toy?

The Price is Right if you Play Your Cards Right

Ok, so I’m a bit of a ‘saddo’ and I can recall other Bruce Forsyth TV programmes of ‘light entertainment’ over the years. The Price is Right and Play Your Cards Right are pretty universal concepts involving ‘games’ that particpants play to ‘win’.

Modern shows such as The Chase, Pointless, Tipping Point and I suspect, a whole lot more from around the globe, could easily be linked, with the concept of resilience. The taking part that counts or playing to survive, get through to the next heats, playing to win? That is what life and business is about.

We will take on challenges and tasks,
share some knowledge and work together
and be resilient

Everyone’s a Winner?

No, of course there are winners and losers. That is life and business again. For whatever reason, it happens. But resilience is an immensely essential role in the everyday lives of leaders and players. Both in life and in business. The subject should never be totally confined to being compartmentalized into personal and business (organizational) resilience.

Resilience transcends and crosses all walks of life and business, because there is a human, family value to it.

Resilience is not ‘light entertainment’ of course not, but it starts within the family and generations first and then grows with maturity and experience, in the wider business and working life.

We will always be involved in The Generation (Resilience) Game, because we need it.

Paul Kudray

A truly down to earth, grounded individual who is a resilience professional. Helping people and organizations to build and maintain their capabilities to respond to and recover from, crisis, emergencies or disasters. Paul is the ‘resilience maverick’ because he is not like the average resilience professional. Paul wants to help everyone be a bit more resilient because they can! paul@kudrayconsulting.com

Don’t let your Supply Chain be like the Death Star

It seems now that I’ve found a correlation between Star Wars and Supply Chain, I just can’t stop myself from writing another blog on the topic.

Posted on 21st Century Supply Chain Blog
By Alexa Cheater
My earlier post, May the Force Be With Your Supply Chain, explored how you can use the force (aka attunement to market fluctuations) to realize value by developing a demand-driven supply chain. In this blog, I’m going to cover another topic – why under no circumstances should you let your supply chain be like the Death Star.

That’s no moon, it’s your supply chain! While your supply chain may at times seem as large and complex as a super weapon the size of a celestial body, the one thing you don’t want them to have in common is the propensity to be brought down by one small oversight.
In the case of the original Death Star, that oversight was failing to see the risk a single X-Wing fighter could pose to their thermal exhaust shaft. Luke Skywalker was able to destroy the entire space station with a pair of well-placed proton torpedoes. While that threat likely isn’t going to strike your supply chain, what does pose a very real risk is the failure to see potential areas of weakness.
In other words, not having end-to-end supply chain visibility. If you can’t see all the way up or down your supply chain, how can you possibly spot those X-Wing fighters taking aim at your operations? To avoid total annihilation, or in your supply chain’s case, an unanticipated disruption, ensure you have an appropriate plan of attack, including implementing tools that give you the best chance at success.

Don’t wait for Rebel forces to take down your supply chain. Develop a solid risk management plan before catastrophe strikes!

Read complete article
Don’t Let Your Supply Chain be Like the Death Star | Alexa Cheater | 21st Century Supply Chain

Become a Certified ISO 28000 Lead Implementer
Find out more about the ISO 28000 Supply Chain Management System training and certification

How to be a tech security Jedi: 5 lessons from the original Star Wars movies

This article was previously posted on 2017-05-04

Pop-culture can teach us a lot about computer security if we’re willing to dig a bit beneath the surface.

1. R2-D2 hides important data in plain sight

During the opening scene of A New Hope, we see Princess Leia quietly interact with a random R2-unit on a rebel ship that has just been captured. R2 and his companion C3PO then get away in an escape pod, and land on Tatooine where they meet a young Luke Skywalker.

While poking around the R2 unit, Skywalker stumbles upon a secret distress message. We later learn that Leia planted the Empire’s Death Star plans—valuable intellectual property—in plain sight, hiding them in an unassuming astromech droid.

That scenario perfectly illustrates what InfoSec professionals call, “security by obscurity.” In general, experts don’t really consider security by obscurity a good thing. While “obscurity” does make things harder to find, it doesn’t really fully protect them the way, say, encryption does.

However, I think there’s value to obscurity when used as an additional layer of security, and this Star Wars scene proves it. None of the Empire’s troops suspected that two lowly droids held the plans to their ultimate weapon.

These ordinary droids made the perfect cover for Leia’s stolen data. Granted, if the Empire had caught our hero droids, we’d also see the flaw in security by obscurity.

2. Little vulnerabilities can blow up the biggest Death Star

Everyone remembers the exciting conclusion to A New Hope. Skywalker was able to perfectly launch a pair of X-Wing proton torpedoes into a little thermal exhaust port in the Death Star, blowing it to smithereens.

This concept applies to cyber security as well. Sometimes the smallest vulnerabilities in the most niche software can lead to the chain of events that allow malicious attackers to gain complete control of a network.

Many IT professionals have stories about finding old, unpatched, and forgotten servers on their network, which were exposed to the public.

Hackers might take advantage of little vulnerabilities in these forgotten servers to gain a foothold into the network, and leverage them as a stepping-stone for gaining complete control. Don’t end up like the Death Star.

3. Jedi mind tricks are used by the Dark AND Light-side hackers

In A New Hope, we also see Obi-Wan Kenobi perform a Jedi mind trick. Using The Force, he guiles Storm Troopers into not seeing something that’s right in front of them.

Believe it or not, both good guy and bad guy hackers leverage technical “Jedi mind tricks” to get computers or programs to miss important details as well.

Looking at the Dark-side of hacking, many advanced malware samples include Something called a rootkit, which is a component that helps malware hide inside operating systems.

For instance, when a security program uses a Windows function to list the files in a folder, in hopes of scanning for malware, the rootkit might perform a technical “Jedi mind trick” on Windows, telling it, “This isn’t the file you’re looking for.

4. Master or Padawan, never underestimate training and preparation

One of Skywalker’s biggest philosophical dilemmas in The Empire Strikes Back was whether or not to ditch his Jedi training and leave to save his friends. His experienced teachers encouraged him to complete his training so he’d have the skills he’d need to actually help. However, Skywalker choose to delay his training and save Han and Leia. Perhaps if he finished his training he could have helped more?

Information security professionals cannot underestimate the importance of training, either. The ISO 27001 ISMS training and certification can help you to become a security Jedi.

5. “Ewok” Tactics Can Defeat Sophisticated Attacks

Love them or hate them, few can forget the Ewoks, or the Endor forest scene where they fought alongside the Rebel Alliance against the Empire. Yet, the Ewoks were effective; their giant trees, rocks and guerrilla warfare were incredibly successful against a more sophisticated opponent.

In the same way, basic security practices can still be effective today. Though more advanced attacks can bypass some of our older security measures, additional layers of security can still save you when the previous layer failed. Learn from the Ewoks, and make sure you’re implementing basic security practices like layered security.

Read complete article How to be a tech security Jedi: 5 lessons from the original ‘Star Wars’ movies | Geekwire

A future sustainable and resilient urbanism according to Blade Runner?

It’s not every day that Harrison Ford features in discussions about urban planning, but for the second time, Han Solo née Indiana Jones née Rick Deckard is at the center of futuristic visions for urban design. Ford plays the main character in Ridley Scott’s 1982 cult classic Blade Runner. The film is based on Philip K. Dick’s 1968 novel Do Androids Dream of Electric Sheep?, and both the film and novel take a dark, apocalyptic spin on the ideals of urban futurism. Set in a dystopian Los Angeles in 2019, Blade Runner is both a sci-fi inspired action film and a look forward at the potential future of cities.

On the surface, Blade Runner‘s appeal to the science fiction community is not hard to see. Understanding its relevance to the urban planning community, however, takes a more nuanced approach. We’re not the first ones to note Blade Runner’s bold urbanist vision. Urban critics as well as the mainstream media have commented on the role of urban space and the city’s “neon-laced decay” in shaping the mood of the film. Los Angeles, in all its futuristic grit, plays the sidekick to Harrison Ford’s steely protagonist.

The 1982 film Blade Runner sparked an interesting dialogue on urban planning and the future of our cities, which is still relevant today.

The density of Los Angeles, and other oxymorons

The Los Angeles of Blade Runner is notable for its stark contrast with the Los Angeles of today. Set 30 years in the future at the time of release, the city is all but unrecognizable save for iconic landmarks like the Bradbury Building. Blade Runner’s Los Angeles has a dense urban core with towering skyscrapers piled next to one another. It features street-level open air markets and restaurants. Freeways are conspicuously absent and the streets are for pedestrians only.

Granted, cars fly through the sky instead of on the ground and it’s hard to call a city laden with toxic waste and murderous robots walkable, but it’s still a far cry from the sprawling, car-centric Los Angeles we know today.

The city as a machine

Blade Runner offers a profound, and in many ways alarming, vision of the city of the future. Scott, who directed the film in the context of discussions about post-industrial society, used industrialist imagery to convey the city as an enormous machine. The replicants central to the film’s plot, the metal and glass exteriors of the city, and the constant presence of smoke and pollution reaffirm the exaggerated industrial qualities of the film’s Los Angeles.

Furthermore, the only animals in the film are fake, signaling a heightened dichotomy between the built and natural environments.

Read entire article: Urbanism According to Blade Runner | SmartCitiesDive