23 February 2024

CERT: Make a Difference in this World...

Since the beginning of time, weather has been unpredictable. So has man.

When was the last time you witnessed the aftermath of a natural disaster?

When was the last time you saw the devastation from the Fateh-110 family of short-range ballistic weapons?

The continuous examples of risks to our world could generally be put into two major categories, 1) those we as humans can control and 2) those natural risks that we can’t control and shall have to live with.

Our spectrum of "Operational Risks" across People, Processes, Systems and External Events is vast and endless.

Where do you as a leader in your organization spend most or your time and resources to try and mitigate risks:

  • Natural Disasters and Weather (External Events)
  • People and Processes

Why?

Do you think that you are able to make a difference with those risks that you might be able to control?

Which is it - A) controlling the weather or B) influencing human behavior. Pick one.

What might happen if we devoted more time and resources to “B”.

How might this investment have a risk reduction impact and reduction in annual loss events to your family, organization, community, college or government?

Complacency or ignorance will continue to plague us and will make the world a more dangerous place to work and live.

Just listen to your own local news for a day. What will you learn?

Now, learn what you might do to make proactive difference.

This is one great place to begin: Community Emergency Response Team CERT.

Similar to the Community concept, why not apply this just cause of continuous training and learning to a Corporation, a Church, a Synagogue, a Campus, a Club or a Cinema.

“The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.” Albert Einstein

10 September 2023

Never Forget: Memories & Our Future Resilience Innovation…

On the dawn of September 11, 2023 our United States remembers and reflects.

The day 22 years since the attacks on our country 9/11/01 actualizes so many facets of our “Resilience”:

Emotional.

Educational.

Emergency Management, Transportation, Healthcare, Communications, Information Technology, Financial, Defense, Energy and so many others within our International Critical Infrastructure systems.

In the middle of a 8:30am business breakfast at the Reston, Virginia Hyatt on 9/11, the screams from those watching the bar TV across the restaurant will never be forgotten.

Our USA is so much more “Resilient” than we were over two decades ago and we have much further to reach, in order to achieve total functional resilience across new sectors.

The true commercialization of SPACE is far beyond the knowledge awareness of our average U.S. citizen. Unless of course, they have seen the film Apollo 13 or The Right Stuff.

Our SPACE infrastructure is rapidly growing from the key private sector companies ecosystem who have been in business for years.

More importantly, the new Space ecosystem of private sector companies beyond the traditional government aerospace suppliers to NASA, is currently providing vital resources and new SPACE technology innovation.

The growing supply chains for SPACE missions has already multiplied the requirements for resilience in so many new and different realms of our United States private sector, including academic engineering education and R&D environments.

Therefore, on the eve of this September 11, 2023 we must be even more vigilant to NEVER FORGET.

“Around and within our innovative U.S. Space infrastructure is a growing threat landscape and it requires: securing our space assets, increasing situational awareness, maintaining resilient satellite communications, creating new policy frameworks, expanding workforce development, and creating new emerging technologies.” --Space ISAC

So what?

The United States shall now create a 17th Critical Infrastructure domain, that shall require our resources and continuous innovation for the next 20+ years and beyond.

“Resilience of SPACE infrastructure” has always required key people from vital organizations:

“The Space ISAC (Information-Sharing-Analysis-Center) has launched in Colorado Springs, CO and is the only all-threats security information source for the public and private space sector.

“It is the most comprehensive and single point source for sharing data, facts and analysis on space security and threat to space assets. Space ISAC also provides analysis and resources to support response, mitigation and resilience initiatives.”

Who will we work with side-by-side, to prepare our response in an “All-Hazards” SPACE world that changes by the minute?

These dedicated people can be found solving SPACE problem-sets in our future innovation strategies by utilizing proven methodologies in:

  • Mapping / Targeting

  • Sketching / Solutions

  • Deciding

  • Prototyping / Testing

How shall we continuously work together to provide the correct tools, systems, knowledge and trusted experience to make a proactive global difference? 

It is our purpose and our mission to “Protect Critical SPACE Infrastructure” across our great nation and to ensure the resiliency of our people, systems and our organizations in the Public - Private Sector.

07 May 2023

Volatility: Enemy #1...

Organizations implement Operational Risk solutions to lower "volatility" in earnings growth and return on capital. The focus on volatility is because no institution likes to see peaks and valleys in their earnings or their return on capital.

A steady and consistent growth curve without "Volatility" is the goal by many steadfast organizations.

Contrary to the goal of minimized "volatility" there are also those who feed off of the chaos and the large swings between these highs and lows in the marketplace and with specific companies in vital sectors of the financial economy. Will another Blueprint for Regulatory Reform be the answer?

As a hedge fund investor, can you explain what the strategy is for your investment fund? Do you know what your money is being invested in?

Does your hedge fund manager provide transparency on calculating your return on funds invested? What was the reason you invested in alternative investments to begin with?

Carrying this analogy to the operational processes within your organization, the goal is to keep the processes running smoothly. When people or systems deviate from the agreed upon "Rule Sets" then change ensues along with the volatility of the performance measures.

Errors, Omissions and systemic "glitches" are the catalysts to volatility that creates fear, uncertainty and doubt.

Do you understand the Math? When the process gets to this stage and people don't trust the rules anymore, you are on the brink of a failure and impending loss, in dollars and/or peoples lives.

Operational Risk Management is a discipline that is remerging in our corporate ranks because it has already proven that it saves lives. The regulators and inspector generals are going to raise it’s mandate within our institutional ranks once again.

The "Rule Sets" of playing business in the financial, health care and energy sectors are not the only ones being subjected to this increased scrutiny and renewed focus on OPS Risk as lessons were learned over 15 years ago:

“In March of 2008, the Department of Defense learned that four non-nuclear nose cone assemblies and their associated electrical components for a ballistic missile where mistakenly shipped to Taiwan in the fall of 2006. These items were originally shipped in March 2005 from F.E. Warren Air Force Base in Wyoming to the Defense Logistics Agency warehouse at Hill Air Force Base in Utah. There are no nuclear or fissile materials associated with these items.

Upon learning of the error, the U.S. government took immediate action to acquire positive control of the components and arranged for their safe and secure recovery to the United States. These items have been safely returned to the United States.”

After this event, lessons learned and “After-Action-Reports” were generated in the ranks of the U.S. Treasury Department and the Department of Defense all relating to the failure of People, Processes, Systems and or External events.

Operational Risk is all around us and continuously ready for prime time focus in terms of our leadership strategy execution, implementation and measurement.

Whether you utilize Operational Risk Management (ORM) in the Defense Industrial Base or in another Critical Infrastructure sector in the United States, it’s important to revisit what it is NOT:

Operational Risk is Not:

  • About avoiding risk
  • A safety only program
  • Limited to complex-high risk evolutions
  • A program -- but a process
  • Only for on-duty
  • Just for your boss
  • Just a planning tool
  • Automatic
  • Static
  • Difficult
  • Someone else’s job
  • A well kept secret
  • A fail-safe process
  • A bunch of checklists
  • Just a bullet in a briefing guide
  • “TQL”
  • Going away

The goal of Risk Management is not to eliminate risk, but to manage risk so the mission can be accomplished with minimum impact...

24 April 2023

True Professional: Who Will You Become...

What will you do that is extraordinary and contributes a positive addition in your life that demonstrates your consistent effort and shows your own actual discipline?

It shall demonstrate your devotion and focus on becoming better even though you shall never achieve a level of true perfection.

Continuous skill and knowledge improvement is just that.

The discipline you choose will be so difficult to perfect that even after 2 decades and over 1000 documented examples almost weekly, you are far from the perceived finish line.

1000+ examples / 52 weeks = 19+ years

In September 2003 it all began. Writing words on a regular basis about real topics of interest was a discipline that started a career to become an even better “Operational Risk Specialist”.

Your discipline might be flying aircraft or doing heart surgery and you want to continuously grow your expertise. How do you measure your own consistent effort and show discipline?

Do you measure the number of hours or miles you have on duty in the air or space or classroom or on camera or operating room or court room or missions in theatre using your skills?

Why?

You too may become, a “True Professional”.

Do you measure the quality of your particular skill and/or innovative deliverable on every attempt?

So what?

You see, what ever your discipline may be and to what degree you are practicing consistently to become even better, if you are not measuring it in some way, then is it a real discipline?

What tool do you utilize to capture and measure your accomplishments? A log book, a photo journal, a score card, a web blog, a three ring binder, a digital file folder measured in GBs or TBs?

What are you actually measuring? The Number of attempts. The Quality of completions. The game score?

Maybe it is just a written exam and Two, Three or four letters (_ _ _ _) after your name?

Whether you have become a Doctor, Lawyer, Professor, Pilot, Operator, Specialist, Stylist, Salesperson, Manager, VP, Owner, Driver, Player, Author or Analyst in your life does not really matter to so many.

Maybe it does to you and your specific clients, customers, parishioners and patients and a few of your fellow family, comrades, co-pilots, clergy, operators and other True Professionals.

Yet, when you decide personally that your own professional tenure in this discipline has come to an end and you will stop being measured, then what?

Start a new one and have extraordinary consistent discipline…Godspeed!

18 March 2023

Reliable: Who Do You Have Faith In?

When you think of the person you would recommend for a particular task or to perform defined professional services, who comes to mind?

There are many ways and words to describe a person or the business, yet if you had only one word to choose from, what would it be?

Reliable  adjective

1: suitable or fit to be relied on: DEPENDABLE

2: giving the same result on successive trials

Reliable noun

1: one that is reliable

In many cases, this is the word people really mean to use, as the basis for their recommendation.

Whether a business or a person is reliable, makes all the difference in your world, especially if you must rely on the outcomes of their service or duty.

When someone or something you pay for, does not meet a series of positive results, you begin to question your decision to utilize the service or receive the product for use.

Unfortunately for many people and businesses, this word “Reliable” is not considered or even measured on a consistent or measurable basis.

"Over the course of time in your life, think of one person or business you could say was truly reliable."

Think of this one person or business you have utilized for more than ten years that is reliable.

In any professional capacity, becoming reliable takes many years of practice and substantial learning. It requires the development of people, processes, systems and real innovation.

Now, think about someone or an entity (business, product, government agency) that you have lost faith in.

The people or businesses that you have stopped interaction with, have become “Unreliable” for your particular requirements or expectations of quality of service.

How would our world change for the better if there was more learning and focus on being “Reliable”?

How can you as a person or business become top of mind, when someone is asked “Who would you recommend” to: _________________?

You too, can become truly reliable…

20 February 2023

Human Dialogue: "Decision Advantage"​ of a Trusted Digital Globe...

How will you innovate with your front line team this month and this year to enable more accurate and resourceful “TrustDecisions”?

The ability to make business decisions in a standardized process simultaneously wrapped around our own human intelligence is the real advantage.

A true “Decision Advantage” in a world of constantly changing conditions and data environments is one of the greatest challenges within our global Leadership Management.

Creating innovation around decision making may sound like a lofty goal. It is, and yet for your particular team or organization, it certainly is within reach.

How might your team utilize a process and method for making more rapid and effective “TrustDecisions” across your global enterprise?

While these words are being written by a human-being now and not an Ai such as C h a t G P T, our future lives will encompass a continuous process to gain a digital assets advantage.

“But we will not function successfully if the war for control of those assets is lost. The battlefield, however, is the one on which trust is to be gained or lost—trust in the information we use, trust in the infrastructures that support us, and trust in the decisions we make in a digital world.” Achieving Digital Trust - Jeffrey Ritter

A process that is focused on digital truth will require our continuous application of “Operational Risk Management” combined with our global data governance collaboration.

  • Have you this week in the United States tried to unsubscribe from an e-mail list and did not find a digital link at the bottom of your e-mail to accomplish this?
  • Have you this week scheduled a 45 min Digital Zoom meeting and found yourself at min 44 without a decision?
  • Have you this week been taking depositions in California regarding the use of videos on your platform that are covered by Section 230?

"From the Board Room to our modern day asymmetric battlefield, achieving digital trust will open eyes. It will provide us with a reference model that management and software architects have been seeking for decades.
The survival of the Internet as we know it, is currently at stake. Leadership shall provide a look into the transparency of «Trust Decisions» and how ensuring digital truth will shape our global governance for decades to come."

Innovation with making accurate and resourceful “TrustDecisions” will go far beyond technology or Zeros and Ones.

Our future will require so much more that will not be digital.

Think Human Dialogue.

It will require more “TrustDecisions” that are in person, Face-to-Face, Eye-to-Eye and finalized with a hand shake…

Onward!

31 December 2022

Twenty 23: For All Mankind…

Remember where you were 365 days ago.

2023 is now at our global doorstep. What journey will you embark on this next year to grow your skills and your knowledge?

How might you as an experiential learning enthusiast, leverage what you know to help others on your team, and in your community?

Your mission has always been to improve, to perfect and to deliver results. In 2023, what if you began looking through a different innovation lens?

Look around. What does your personal environment of your own dwelling say about you? Is there any room for change or improvement?

How would you rate your realm of relationships with family, friends and relatives this New Years Eve? Think about it…

Now transition to your community and assess whether you are in the right neighborhood, the correct city and even in the best state in the USA for your profession, and the work you are now inspired to perform.

"2023 will become a pivotal year for you in so many ways."

Our global future is bright and your next focus will be all about your contributions to a greater good in this world.

  • With over 9 billion web-enabled personal digital devices in global circulation, how we learn from the Internet and new quantum Information Technology will continue to amaze all of us.
  • Our Earth is sending us signals on regular intervals that our natural disasters are truly accelerating.
  • Will mass global population growth continuously change our supply chains for food, mining of rare earth elements and sharing our scarce fresh water?

"Look up in the early evening clear blue sky as the sun sets. See all those shining stars beyond our Moon."
“For All Mankind”
have a more meaningful 2023.

19 November 2022

OPS Risk: 7 Revolutions on our Horizon…

The holiday season is almost upon us. One only has to look into the mirror of 2022 to see the trajectory of our world.

Our digital globe is preparing itself for the next major breakpoint in its history of commerce and business.

Our organizations are in anarchy and the consumers of our products and services are shifting before our eyes.

You only have to look back on the past years major headlines of the Washington Post to gain some perspective on where we are headed in the next 12 months.

Social consciousness is seeping into the workplace and management is keenly aware of the accelerating change factors on the corporate doorstep for 2023-24.

Several new waves of incremental change are upon us. As providers of products and services to the consumers of the planet, whether businesses or individuals, the writing is on the walls of the corporate boardroom: Survive.

The tides of change are now upon us. Look no further than the Seven Revolutions Initiative. [See 7 Revs] The social, technological and demographic facets are enough to make anyone wonder where we are all headed in the next 20 years.

Our Critical Infrastructure industries are putting the building blocks in place to sustain a dramatic shift in who their customers are today and whom they will be tomorrow.

2023 will be another year of corporate malfeasance, seeded with wondrous accounts of incivility. Spawned by the empowered employee to become a whistle blower and a bold new generation of inside crime fighters.

Our generations of young workers and consumers on this planet will pay for something they can believe in, rather than something that is socially and morally bankrupt.

They will work all day in the global banking software development department and work late into the night, developing the next binary code to impress their peers on the other side of the world developing the latest ransomware on the Internet.

They will design the new marketing campaign for the next gas guzzling 4-wheel drive SUV by day and ride home that same evening in their brand new foreign hybrid using electric power.

2023 will be a year of heightened sensitivity to security and exponential asymmetric warfare.

Our dated processes and systems will be adjusted and tweaked to accommodate the planets morphing threats by a new force of true “Innovation Navigators.”

The Board Room Buzz will be more about how to protect those vital corporate assets and simultaneously how to survive our next crisis.

What may be most interesting, is how the governments of the world now cooperate to become more of a global partner on this front.

We sense already a growing cooperation among world leaders to deter and defend our citizens from the spread of a tyrants fear and uncertainty.

Finally, 2023 will be another year we find greater appreciation for:

  • The evening glimmer of sunlight across a body of clean water. The wave from the neighbor who lives next door or across the street.
  • Our faith in what or whomever we believe in. Those who serve, so we can remain free of threats or illness, to our loved ones and our own well-being.
  • The signs that our bodies are healthy. The hope that exists in all of us, for finding a greater peace of mind.

In 2023 and beyond, look with fresh eyes on everyday things…

05 November 2022

Teams: "Innovation Navigators"​ Across America...

As our four teams of two, finished their final presentations of the prototypes they had designed and developed over the past month, we could all see the smiles of accomplishment. Of the pride on their faces, as the sun begins to set on the West coast.

This small patriotic group of “Innovation Navigators” were now ready for the next phase of their National Security Cohort methodology. To implement and test their outcomes in our respective geographic metro areas of the United States.

Sector Teams from Chicago, Denver, Los Angeles and San Diego. All major centers of our economic force and with substantial Critical Infrastructure entities to protect and increase their resilience to a spectrum of Operational Risks.

"Building Awareness of the need to change is now their primary mission. Their opportunity to recruit, educate, network and share vital information."

The people in their Areas of Responsibility (AOR) will soon have greater awareness, of the need to change.

Soon thereafter, they will have the desire to participate and support the change. They will gain knowledge on how to change.

They will learn the process to implement desired skills and achieve new behaviors.

Our “Team of Teams” will embark on their mission of reinforcement to sustain the change.

The journey they have just completed over the past 30 days has provided them new insights. It has created new relationships.

The outcomes are just the results of their purpose for joining the team, yet the new dialogue, challenges and new colleagues are what is most rewarding.

Creating something “New” as a small team that helps to solve a “National Security” problem-set is the true outcome.

What endures are the trusted relationships. This becomes the most valuable asset we attain together.

How might you and your team become “Innovation Navigators” to make a difference and serve a vital purpose in our nation?

November in the United States is always a renewed focus on our Veterans, on our National Security and Defense including our domestic Critical Infrastructure Protection.

As you gaze at our U.S. Flag and say the “Pledge of Allegiance” or listen to Taps, wipe that tear from the corner of your eye. 

Now get out there and make a difference…Onward!

15 October 2022

Complacency: Zeros & Ones of Safety...

How might you increase your own resilience to known potential risks in your business operations or even personally this week, or this month?

We all know that growing up, Mom and Dad would teach us, “Don’t talk to strangers”. “Don’t play with matches”. “Wear your seat belt”. Why?

Even a U.S. President is famous for his quote: “Trust But Verify”.

Our life long history of financial transactions and your own personal biometric identity, has made its way online and into the Zeros and Ones digital realms of the U.S. government, Google, Amazon, Apple, Nordstroms and even Netflix.

The single phone number and the e-mail address you have retained for a decade or more, tells almost your entire life story. Where, What, When. How.

In the years past, as you were experiencing all the new mobile technologies and digital services available to you, remember that so too, are the “Nation States” and the “International Criminal Syndicates.

You, the “Human Being” operator, are the single greatest risk to your business and your family safety.

Is it possible that your own personality traits are being exploited by commercial enterprises? Yes.

Is it conceivable that every time you provide a phone number at your retail check out stand to gain rewards, that this contributes to your profiling by Artificial Intelligence (Ai) algorithms with Data Brokers? Yes.

Your business organizations safety and your own families potential vulnerabilities to a spectrum of Operational Risks, are continuously at stake.

When will you make a commitment to change your behavior and to build a discipline that endures and increases your resilience at work and at home?

So what?

If you as a Mother or Father, or Brother or Sister have ever said, “You can’t have a phone until you are 13,” then you have a personal and vital life opportunity before you.

If our own society that is visible in our own cities and geography, has evidence of rising risk and lower levels of personal safety, you might think of our vast searchable World Wide Web as just the top of the “Iceberg”. 

However, 90% as you may know, is below the surface and not visible, also known as the “Dark Web”.

"Yet most average users of corporate business networks have little insight into the growing losses from ransomware. A review of 2021 8-K filings with the U.S. Securities and Exchange Commission reveals a more complete picture of the financial damage from ransomware." CSO Online by Cynthia Brumfield

It all begins with a click in an e-mail or text message, from those behind the curtain, or below the surface, utilizing their “Social Engineering” processes across millions of users profiles, purchased somewhere on the Dark Web.

Personal Profiles built and donated as a result of your own activities and actions. Why do you think that the “Digital Forensics” industry is booming?

So what is the solution? How can the growing threat ever be minimized?

It begins here. Less complacent attitudes and behavior in the Board Room and the Family Room is our only hope. It is our only proactive solution towards true resilience.

Just Remember. Don’t play with matches or digital unknowns. Teach someone else the same...

13 August 2022

Mechanisms: For Continuous Risk Monitoring...

One of the systemic problems at large institutions including organizations like your own Fortune 500 Global company is keeping your finger on the pulse of "Risk Indicators".

Unfortunately for SVP's and other executives in the corporate hierarchy, your middle managers are creating the layer that impedes the best "Early Warning System" you may have at your disposal.

When problems surface on the front line or over in the "Cube City" in some Telephone Call or Information center on the other side of the globe, or across your new "Work-From-Home" (WFH) team, the normal agenda is for the employee to go to their direct supervisor to raise the "Red Flag" or disclose the incident. Perhaps the first behavioral response by the Middle Manager is to keep it quiet. Fix it before anyone else finds out. Keep it under wraps until damage control can be implemented.

When you are the Head of Enterprise Risk Management, you need mechanisms to bypass and eradicate the barrier holding your intelligence, incidents and overall hunches for ransom. There is no magic system or process that will solve it all. Yet, the only way to attempt at breaking through this layer of social and organizational dysfunction is to circumvent it.

A continuous risk monitoring system has to be implemented and operating anonymously 24/7 in concert with the Security Operations Center (SOC) if the upper echelons of executive management are ever going to "Feel the Pulse" of risk hotspots in the company.

These hotspots translate into true "Risk Indicators" from the sources themselves, people who know what's going wrong and know the ground truth. An internal Continuous Risk Monitoring System (CRMS) is an automated human feedback and problem identification mechanism for detecting insider risks. It allows leaders of large organizations to quickly identify problems and incidents of all kinds in their company. Call it a sophisticated whistle-blower system or even suggestion box but that is exactly what it is, on steroids.

The ideal CRMS system would emulate communication patterns in small groups which is often a major ingredient in successful teams. It would also run on the existing computers and networks of the organization or from home by logging in via an internal VPN. The soldiers on the front line know what is going on far sooner than the commanders in the Joint Operations Center just as the employee or supplier does and they need a way to communicate the issue, concern or threat in a rapid and efficient manner.

"The system provides the executives with instant or trend based intel that is actionable. It provides the "Insight" as well as the pertinent facts that you need to make more quick effective decisions."

Think about how long it takes for data and information to percolate and bubble up from the places in your organization that are considered "Current Risk Hot Spots". The point is that for far too long we have been playing the old telephone game.

You know, the one that you played as a kid sitting around the kitchen table or on the floor in a circle. One person starts and whispers into the ear of the person to there right. Just a sentence or two. By the time the message gets around to the 3rd or 4th person, now the data is dramatically different than the original. It's been interpreted, edited and sanitized.

Walk down and visit the person who is in charge of the anonymous 800# or “electronic suggestion box” or perhaps the official whistle-blower program at your organization.

Ask them for an activity log. Ask yourself how you could get this mechanism to perform better and then work with your front line to develop something that middle management can't filter, change or delete. That is when you will be well on your way to getting TrustDecisions in real time…

23 July 2022

Innovation: The Speed of Exploration...

Why does your organization encounter Operational Risk events that have caught you off balance, off guard or created substantial losses to shareholders and major stakeholders?

There are people in your organization right now that are still without the tools, the training or the methodology to solve new significant problem-sets.

More vital, is that your organization is not proactively generating new innovative ideas, new solutions and new answers to your own operational risk issues.

innovation - noun
in· no· va· tion | \ ˌi-nə-ˈvā-shən
Definition of innovation
1: a new idea, method, or device : novelty
2: the introduction of something new

To truly innovate a new product/solution, you must first do your research. Your field study. You must get out of the building and ride in the field.

Show up on the front lines of your business unannounced. This is nothing new, yet it works and it is amazing on what you will learn.

You have the awareness of why this method of discovery is the basis for better understanding the problem-set(s).

So why as the leader in your small business or Fortune 500 Global enterprise do you ignore or delegate the true innovation mechanisms in your company to just a few people.

Why have you loss sight of the mandatory Recruiting, Education, Networking and Sharing metrics by your front line teams?

Discovering, researching, prototyping, practicing, refining your methodology to more rapidly respond to threats, to your competition, to possible opportunities.

You see, you and your organization have become complacent. You have not changed your onboarding experience of new employees or new customers in over a decade.

Why is it true, that most people and organizations don’t focus on innovation and new solutions to a problem, until there is a significant loss event.

An incident that hits the local headlines. A risk event so damaging to the bottom line it could mean closing the business forever.

How might you design the methodology and the system in your enterprise to have continuous problem and threat monitoring, new innovation?

It begins with the right people working on the initial prototype together with the correct tools. It means getting senior management on board with facilitating the process to insure the prototypes are tested in the field or Area of Responsibility (AOR).

Next, those individuals who are in charge, in command, at the field level must have the resources and the authority to test, to learn and to gather new data continuously.

Your organization is slowly decaying right before your eyes. Your adversaries are winning.

It has lost its initial purpose because you have not been continuously innovating on the front lines. In the geography and in the organizations of your own neighborhood.

The next time someone in your organization sends you or presents to you a Powerpoint funding proposal with more than 5 pages, with more than 4 bullets on each page without any true graphical data, you know you have to engage.

Filling in the standard forms in your CRM or your word.docx template on a monthly basis might be OK, if it calls for truth and relevant data from the front lines, yet is it focused on the real problem-sets?

How might you and your team change the way you are working on the front lines of your organization? Soon.

Why will you engage differently, before it is too late. What is the Speed of your Exploration?

26 March 2022

Human Behavior: Witnessing Salvation…

When you accelerated through the career ranks of your organization and you achieved all of the goals and challenges in front of you for a year or two, what typically happened?

You were promoted.

Now, when you were given this new title or rank this usually included new responsibilities, new relationships to be managed and in some cases a feeling of additional power within the organization.

Then what happened to your self-esteem?

This confidence and satisfaction in oneself is a valuable topic for dialogue in developing great leaders. Especially when together we witness a leader whose behavior is unjustified and abuses their given power.

Human behavior will not ever stop surprising us, even after we think that we have seen it all:

  1. Just when we think we have witnessed all of the good in life, we see an act of kindness and good will that we never saw before. We stand there in amazement as we watch salvation in real-time.
  2. Then there is the daily news. You read a story about an act of pure evil and you ask yourself, how could another human being actually do something like that?

Whether the truth is on the front page of the Washington Post or from a witness who tells the story from their first hand experience in the room, or on the front lines, how will you act? More of #1 or #2.

The self-choice of actions you take next and the demonstrated evidence of your own behavior is an indicator of your true character. Of who you really are as a human being, operating in your organization.

Over the course of your tenure with that logo on your business card or the patch on your shoulder, never forget your true character.

You have the opportunity to continuously perform and who your colleagues will follow, that your organization is proud of each day for all of your excellent actions.

“As you build your own “Self-Esteem” and confidence and satisfaction with oneself, remember #1.”

Your team or organization as a whole, will rise together to acknowledge your kindness, empathy and yet your faithful ability to accomplish so many important milestones.

Thank you for being #1. Onward!

29 January 2022

Cyber Reality: Quest for the Digital Castle...

On this Saturday morning the prayers are silent. For family, friends and also for the subject matter experts in business and the U.S. government.

They have been waking us up again to the reality of the Operational Risks we now face, to our ubiquitous digital-based economic infrastructure.

The message is clear to those insiders, who have been trying to defend our "Digital Castles" against tremendous odds of these seemingly invisible threats. Is it really, game over?

The short answer is yes. The current mindset should be, that every major business of valuable interest in the eyes of the enemy has already been compromised or soon to be. It is already too late. The stealth digital code is currently waiting in the shadows of your organizations hundreds or thousands of digital assets.

Whether it is the aging Dell Tower Desk Tops still running on Windows XP somewhere or the latest Android PDA/Apple IOS devices tethered to the corporate network does not matter. Your adversary has control of when and where to begin the attack on you and your organization.

So if this is the reality of the global state-of-play, in both the business world and also to government, what should the risk management strategy consist of going forward? How could we ever get to a point of advantage over those who seek to do us harm?

So internally, the prudent corporate business strategy should be for your General Counsel and the CIO of your organization to be already preparing themselves for the day that they will step before the press conference microphone to disclose the material breach of the companies intellectual capital or theft of assets.

They should already know, that it is just a matter time and not a denial that it will ever happen on their watch. If you are a Board Director and you still have not had "The Talk" with management about this stark reality, then you too are complicit in the scheme to present your stockholders and stakeholders with a false sense of confidence that you are safe and secure.

The new normal for forward thinking organizations is already being implemented for adverse events. The Crisis Management Team has already exercised the "Data Breach" scenario numerous times.

Your General Counsel and Chief Information Officer have rehearsed and practiced their testimony before opposing and adversarial questioning of your organizations information security processes.

The company subject matter experts are more than prepared to submit evidence of their best practices, industry standards compliance and previous tests of due diligence. The stage is set for the court room battles ahead:

The quest for the "Digital Castle" has been going on for years. Are you awake now or still living in a dream of denial on your state of achieving a Defensible Standard of Care…

05 December 2021

Managing Operational Risks: On the Wall at 100 Ft...

 After days taking in the magnificent sights at 100+ feet below the surface off Grand Cayman Island, we were reminded how Operational Risk Management is prevalent in even remote places like this.

Take for example the mandate for using dive computers, as a guest of Wall to Wall Diving. For those not initiated with Scuba Diving, you might not realize that "sensors" are utilized in measuring potential threats to your life from something called "The Bends", or decompression sickness.

Giles Charlton-Jones and his wife Deanna from Wall to Wall Diving use a combination of proven Operational Risk Management processes and tools to reduce the risks to their clients. They do this because their small business is no different than that of a Fortune 500 company. As the owners and primary shareholders of any organization, it is the law in most cases to provide Duty of Care.

Decompression sickness, (DCS), diver's disease, the bends, or caisson disease is the name given to a variety of symptoms suffered by a person exposed to a reduction in the pressure surrounding their body. It is a type of diving hazard.

Dive computers perform a continuous calculation of the partial pressure of gases in the body based on the actual dive profile. As the dive computer automatically measures depth and time, it reduces the need for the diver to carry a separate watch and depth gauge and is able to warn of excessive ascent rates and missed decompression stops.

Many dive computers also provide additional information to the diver, for example, the water temperature, or the pressure of the remaining breathing gas in the diving cylinder.

The key point is, that these sensors attached to each diver, help Deter and Detect potential threats associated with decompression sickness. This even includes a calculation when it is safe again to fly on an airplane.

Like other manufacturers in the high technology systems sector, SCUBA (Self-contained Underwater Breathing Apparatus) has it's own champions of companies who focus on the latest tools and solutions to help you manage risks. Who plan for future threat scenarios based upon collected intelligence over years of experience.

Suunto is just one example of a Finnish company, who have been developing instruments for measurement and sensors for various outdoor pursuits. Whether it be on the mountain at 20,000 ft. or underwater at 125 ft..

Weather and our Earths environment will always play a part in the daily risks mountaineers and divers face and who are proactive with the use of the correct tools, so they can operate in a more safe and secure manner.

Yet without the investment with “True Professionals” who have years of the relevant training, decades of experience and brilliant intuition, all the best tools will never be quite enough.

“How often do you encounter situations where the new threat intelligence collected and the automatic warning alerts have not been enough, to keep you out of harms way?”

As a global Fortune 500 company, the Board of Directors represents the interests of shareholders, as oversight owners of the company, in optimizing value by overseeing management performance on the shareholders' behalf.

The Board of Directors responsibilities in performing this oversight function include a Duty of Care and a Duty of Loyalty.

A Director's Duty of Care, refers to the responsibility to exercise appropriate due diligence in overseeing the management of the company, while continuously making OPS Risk decisions and performing other vital mitigation actions.

It remains refreshing to witness that even on a small island in the British West Indies, that the owners/operators are true professionals who are applying the practice of “Operational Risk Management” (ORM) in their own small employee-owned business.

First, they utilize it each day because they are Professionals. Second, they do it instinctively, because they know that it can mean the difference between life and death or predictive harm in an organizations daily operations.

As we near the end of another year of growing risks in 2021, we say congratulations to all of you who have found the science of “Operational Risk Management”.

Thank you to all of you, who have applied your own professional services “Art”, to make our world, more safe and secure in 2022! Godspeed!

20 November 2021

Metadata: Guardians on the Front Lines...

Continuous Continuity (C2) in your particular enterprise is a priority you shall not just focus upon during our U.S. Infrastructure Security Month.

Last week here, we reviewed Ten Steps your organization can practice on a regular basis to enhance your focus on Continuous Continuity and simultaneously your overall Operational Risk Management (ORM).

Let’s circle back to a few vital areas to emphasize as we increase our production and consumption of corporate or organizational “Data”.

Of Metadata. “Data that provides information about other data”.

The details on the creation date, time and application generating these words as they were originally written, is just one small example. What about the actual platform and the browser that was used:

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0
Screen Resolution: 1680 x 1050 (pixels)
Browser Dimensions: 1005 x 853 (pixels)
Cookie Status: Enabled

You understand that the data you can’t see on your screen and the data you may not even care about, is present, and that the metadata is being collected by some entity somewhere.

The amount of data and the speed of data is now overwhelming our global digital world we live in the year 2021 and beyond. The question remains, So What?

If you are a seasoned General Counsel (GC) today with a Fortune 1000 organization doing business on a global basis, your Blackberry :) must be "buzzing" every few minutes. Just the legal risk alone being encountered will always be a factor of the number of deals, the number of employees and the growing number of countries you are operational.

As a corporate GC of a global enterprise, you have a fiduciary responsibility to protect the enterprise from all adversaries, such as the rogue employee, the government regulator, competitors, digital hackers, nation states and all of the plaintiff class actions.

The Rule of Law in your organization is in your hands. How you transfer the "Talking Points" on ethics, compliance and legal messages to your employees, partners, suppliers and adversaries is ever more critical.

The true effectiveness of your relationship with internal partners such as your CEO, CFO, CSO, CISO and Internal/External First Responder leadership could mean the survival of the company itself.

When was the last time you as a GC took the “Ethics," “Compliance” and "Rule of Law" program directly to your employees in face-to-face sessions?

How might you provide your employees, partners or 3rd-Party suppliers with the first hand opportunity to meet, greet and engage with the General Counsel of your particular enterprise?

By doing this, you are directly engaging with the people on the front lines, to be our "Guardians" for your company and to build trusted relationships with all of them.
Get out There.

11 September 2021

11 September 2021: What is True...

When these words found their way from pen to paper seventeen years ago today, the truth of what was written was unknown:

-------------------------

11 September 2004

Third Anniversary of 9/11

As We Mark The Third Anniversary of 9/11 one can imagine how the world will be in the next three years. A globe pock marked by terrorist incidents. Russia, Malaysia are of recent headlines. How soon will the terror strike the US again? Many say before the election and only then will we have what we need to reinforce what work has already been accomplished, and will never be completed.

The people of the free world know in their hearts that the struggles of real estate and religion will continue for decades to come. Only those who are proactive, preventive and aware of the continuously changing threat will survive.

God bless us all.

Posted by Ed at 9/11/2004 10:49:00 AM

-------------------------

Today on this morning of 11 September 2021 at 8:46 AM, as our fellow loved ones gather around our 9/11 Memorial in the World Trade Center plaza of the former Twin Towers, the Pentagon or Shanksville and they read the names of the fallen that day, tears come to our eyes. Once Again.

For those who died that day. And for those who will have died decades afterwards.

And for all of those Americans who roll out of bed each day in our United States and Overseas, to raise our American Flag and to work until the stars are out to defend everything that it stands for.

Who we really are, as Americans, each day as we pray and every day the musical notes of “Taps” plays.

"The Only Thing Necessary For Evil To Triumph Is For Good Men To Do Nothing."
--Edmund Burke

On this 9/11 day as we remember again. Each of us knows where we were, when we heard and saw the news unfolding before our very eyes.

The smoke rising from the WTC in New York City, the Pentagon in Arlington, Virginia and the fields near Shanksville, Pennsylvania. What we witnessed on 11 September 2001, was pure “Evil” at work.

"How much do you let what you wish to be true stand in the way of seeing what is really true?"

Today, as these words are written, we know the truth…Never Forget!

28 August 2021

Never Forget: The Prescience of our Risks…

Historical facts and real time data will remain an empirical reminder of our mistakes in the past, of our “Lessons Learned”. Those who study the why and the how from only our past 20 years of history, will be able to adapt, can proactively improve outcomes and will over time increase our respective levels of resiliency.

“The 19 men who hijacked and crashed the four planes were all trained by al Qaeda. Three of the suspected pilots—Mohamed Atta, Marwan Al-Shehhi, and Ziad Jarrah—were part of an al Qaeda cell based in Hamburg, Germany. All four pilots took flying lessons in the United States.

Fifteen of the hijackers came from Saudi Arabia, two from the United Arab Emirates, one from Egypt, and one from Lebanon. The oldest was 33; the rest were between 20 and 29. The group also included two sets of brothers: Wail and Waleed Al-Shehri on American Flight 11, and Nawaf and Salem Al-Hazmi on American Flight 77. The hijackers began entering the United States in January 2000 to advance the plot. All 19 were in the country by early July 2001.”

Yet are we simply repeating the same behavior and forgotten our lessons of the true data?

A proactive set of activities are continuously required to sense the unforeseen. We shall continue to devote our time, new resources and growing intelligence towards the heartbeat of our emotions.

The hope is, that we do not lose sight of the foundations and the continuous requirements for our Operational Risk Management.

The prescience of our risks, are based upon the past and the history already laid down before us. The continuous ability for you to become even more reliable, more consistent and to hedge against significant loss is in your own hands.

How might you become more resilient to the change events that still lie ahead of us:

Operational risk is defined as the risk of loss resulting from inadequate or failed processes, people, and systems or from external events. These risks are further defined as follows:
* Process risk – breakdown in established processes, failure to follow processes or inadequate process mapping within business lines.
* People risk – management failure, organizational structure or other human failures, which may be exacerbated by poor training, inadequate controls, poor staffing resources, or other factors.
* Systems risk – disruption and outright system failures in both internal and outsourced operations.
* External event risk – natural disasters, terrorism, and vandalism.

The definition includes Legal risk, which is the risk of loss resulting from failure to comply with laws as well as prudent ethical standards and contractual obligations. It also includes the exposure to litigation from all aspects of an institution’s activities.

How might we gain the foresight required in an evolving physical and virtual environment with:

  • More Threats.
  • More Data.
  • More Speed.
  • More Decision Makers.
  • More Competition.

We shall “Never Forget”…