In every process there needs to be a box marked other.
Start of the unexpected incident, end of incident. Review why this didn’t fit the mould. Review how this can be avoided in future.
Unpredictable things happen, but you can have a process for handling kinds of unexpected things.
An emergency kit.
A library of partial plans and resources.
Don’t just call it random and wait for it to happen before picking up the pieces, and pulling together a solution.
The last stage of the “other” process is to ask “Why was this not covered by the normal process?“
Stop! Hammer Time! by Joriel "Joz" Jimenez via flickr.com
Western Australia’s government agencies are in shock after the Auditor-General’s department exposed their woeful lack of cyber-security over the course of an elaborate two month operation.
Apparently they used a mix of software downloaded from the internet, and social engineering style techniques: in WA, the ‘attackers’ left unlabelled USB drives in reception areas, with staff in eight agencies plugging them into their computers to see what they were.
Fourteen out of fifteen agencies were unaware that they had been attacked.
This naturally raises the question of how often their systems had been compromised in the past, without them noticing.
Not Listening by Yume Photo via Flickr.com
Add “The Backfire Effect” to the number of ‘Internet hoaxes‘ that the more mainstream media are starting to report on, and it’s more of the same that any veteran has known for a long time. Continue reading
Fire Juggler by Drew Leavy via Flickr.com
In today’s marketplace – a global market place, hungry for information – there is a small niche for everything, no matter how obscure.
With the global reach of the internet today, and the all encompassing, all seeing eye of the search engines, even if your area of expertise is yodelling South American fire jugglers, there are more consumers for your content than you could possibly service – if only you can reach them.
Therein lies the rub.
Reaching them.
Forming a community with them, for them, and around them.
If you build it, they will come – if only they can find it.
Computer on fire by Alexmuse, via flickr.com
Prioritising incidents is complex, particularly in a multi-faceted system with a range of users.
This can boil own to a repetitive cycle of “So what?” until the measurable, business oriented impact of the incident can be understood. Once it is understood it can be isolated from the system or support impacts of the incident.
When a support operation becomes too distanced from the actual users they support this chain of “So what?” grows ever longer.
The traditional matrix calculation of impact vs probability must be based on objective, knowledgeable and current information, not on assumptions and outdated historical perspectives.
