Mornings With Mark // Week 001

It took me a really long time to write my “About” page. I find it really difficult to describe what I see as my role within the community.

My day-to-day role with Trend Micro is to research security and privacy as it applies to cloud with a focus on artificial intelligence and operational technologies (think robots, vehicles, cities, etc.). With that work, I get to think about a lot of different technologies and solutions.

Expanding out, I end up creating for two audiences; the public and builders.

My goal is;

  1. To help educate the larger community about security and privacy issues in a manner that’s approachable & understandable
  2. To help builders make the right choices and build security and privacy into their technology

This week I started a new effort to document and solidify my thinking. Each morning (Monday―Friday), I take a few minutes in a Facebook Live broadcast to share a bit of what I’m working on at the start of my day.

The idea is that after the broadcast, I would end up fleshing out the idea in some other form but more often, something else comes up and I pivot midday. Here are the results of the first week.

no. 001

Perspective is a continuing theme for me. I regularly see teams on red alert reacting to the latest research when then still can’t patch their critical systems in under a month. I didn’t follow up on this directly as (of course) other things popped up during the day.

Lots of lessons to be learned from the first broadcast! The wrong microphone was selected, lighting was meh, lot’s of fix.

no. 002

Reacting to the cyberattack on the Winter Games, I had spoken to Peter Armstrong on CBC’s On The Money about the issue which lead to me bringing it up on the show.

Attribution comes up time and time again. I get it. It really drives the story. The problem is that proper attribution is extremely difficult. More at that in this video, “Who’s To Blame? The Trouble With Attack Attribution”.

no. 003

Building on the theme of attribution (it’s apparently all big themes this week), I dive into the how to assess risk. Right now we’re almost entirely basing assessments on anecdotal evidence because we just don’t have the right data to make quantitative assessments.

no. 004

Ugh, I hate buzzwords. Still, I felt it necessary to tackle blockchain in this episode mainly because of the work Microsoft announced digital identities backed by a blockchain architecture. This is a good use of the technology. Can’t wait to see where this goes.

no. 005

Apple had a critical issue that needed to be addressed. Sending a simple Telegu character to an Apple device causing most applications that processed that character to crash continuously. This brings up the bigger issues of software quality and integrating security into your technology and teams.