Adam McMath - Crisis Communications in the Time of Plague

okay so uh thanks uh adam first of all welcome to the b-side edmonton uh i know you won the challenge you you impersonated me i owe you a lunch i'm definitely gonna send you something uh but um yeah so um adam uh i would like to make an introduction for you uh for before you let me start your presentation for the b-side edmonton so um adam is a multi-decade information technology and risk management professional who pays large sum of annual maintenance i.t and security organizations an observer of human nature efficiently of elections i hope i pronounce it correct and take taker apart of things i know you are a hacker adam believes that all information

security and technology professional can be amazing communication communicators and respected for their knowledge and expertise so i can tell a lot of things about adam um but you know [Laughter] he's his good friend of mine uh and by professionally he's the general manager of calgary airport uh his title for the talk will be crisis communication in times of plague over to you adam harvinder thank you so much for uh giving me the opportunity to hang out with you guys i do have my my cali box signed in as well so i will do my best to watch the stage chat if anybody has anything they want to you know kind of dive into a little bit

deeper uh i highly recommend that as well in the chat too oh thanks tim that's really sweet uh tim kembong's a good guy um there are a number of people i think that are actually really working hard to try and break into this industry and this is our community this is kind of our seat and it's a fantastic opportunity to uh to really connect to have the the opportunity to network and and do things so if you're willing to dox yourself chuck your stuff into the chat and have some conversations reach out to people have some some conversations uh always um well a wash always i i i apologize i'm probably butching your name and and that

makes me feel like a donkey thank you very much for stepping in early uh your auth and session management was absolutely amazing stuff and for you to step up uh kind of unexpected took guts you did a great job thank you tanya phenomenal view modern security communication should look like jason uh just for you the audience this is what when someone is an expert and he can he can break down incredibly complex concepts into really simple things that was amazing rachel hanny martin tim incredibly valuable uh uh session you guys did again for the audience i i think that that maybe we we often kind of see government as as a as a burden i will offer that what

you just saw was four amazing security leaders and we are quite blessed to have this as taxpayers plus to have this level of talent working for us absolutely phenomenal fireeye fortinet proof point thomas sentinel one concordia university f5 mimecast and ama uh thank you for sponsoring this because you are willing to sponsor this on our terms uh as the b-sides mandate goes thank you for for doing that because it does take some some cheddar to try and pull this off um i did ask carpenter if i could have my own product placements are you a dad have you ever eaten dad's cookies our vendor's just telling me that i don't get my own product placements

okay crisis communications in the time of plague let me dive into that let's talk about that a little bit here uh the obligatory who is adam's slide i'm old i've done things chances are if you're watching this and there are what 205 people connected right now that's great thank you for coming along for this ride um i imagine a bunch of us have actually been in the trenches together that's freaking sweet uh because well since the 1990s i've been fiddling around with risk and technology and making things break and trying to fix them when they aren't um or maybe you just forgot to log off after the cso panel and you'll figure out quickly if i've got anything to say

that'll bring you value i'm here for you you took the time out of your day to hear me yak and i promise to do my best be respectful of your time and attention uh big disclaimer even though i'm on the clock this conversation with adam is totally of my own manufacturer i don't represent anyone but me heck i barely represent myself um so big thank you to harvinder uh teo nakeesha the b-side's empty planning committee it takes a crazy amount of effort to pull these kind of things off and the easier answer would have been to just cancel it but instead they chose to do the hard work and adapt to our ever-changing world um and

who am i not i'm not a lawyer i'm not a psychologist or a physician i'm not a natural leader i'm not a natural communicative presenter writer or magician i'm a nerd from the born in the 1970s like to think of myself as a pretty solid technology delivery professional and decent of hacker but as my career grew i came across some real skill and hackers dudes like tavis almandie marcus hutchins tj o'leary he's in the chat i decided you know i wasn't a good enough nerd to like really get paid i realized it didn't matter if i was the smartest dude in the room or the dumbest i sucked at getting my point across so it didn't matter either way i took

this realization as an opportunity to learn as much as i could about people and there's no better industry than infosec this community to learn about people social engineering right i love hacking but i figured any improvements in my career would require human hacking and mostly hacking myself it was a challenge i really wanted for myself and resulted in many many cringe-worthy events but i'll keep persisting because i think it's important for me and i see venues like this and i've you know learned an incredible amount along the way and if i can offer you something from my learnings for your toolkit great i'll encourage you too there's no more supportive environment than b-sides this is your place to show

us the things that you've learned along the way to help with your journeys too oh yes everybody wants cookies uh i wish we were all together i would share my cookies i would literally bring all the cookies um so anyways in my decades on this planet i've never encountered anything like this worldwide crisis response to covet 19 pandemic but it really did show me that most incident response phases and processes tend to be very similar over time um apt comparison would be something like well 9 11. i remember you know everybody who was alive at the time kind of remembers where they were at the time a couple of jerks or a handful of jerks

slammed a couple of planes into the ground and into a couple of buildings um looking at the bad stuff versus time graph that i made in ms paint as we climbed the dark red the world was starting to react to the report of an attack at the top of the red we kind of know as much as there is to know all the planes are down the towers are down there's a hole in the pentagon an incredible amount of innocent people have died tracking the red down to the right and approaching the orange air traffic has ceased worldwide billions of people are turning into the news in the orange we're trying to make sense of the attacks

uh air spaces are secured around the planet we've got people on the ground looking for survivors as we move into the yellow we're clearing rubble and we're building or adapting to new security regulations for our pandemic it was the third week of march things started to get funny right uh we sent everybody home intersecting which is the kind of the top of the red everybody tried to get used to working from schooling and working from home as we kind of started going down the slope and into the orange again and then as we hit the orange school and work obligations shifted from everybody go home and don't die to uh oh yeah we still have some lives

to live and you know businesses to run uh and eight months later as we circle down the the yellow we're still trying to figure out who we are in this new apoc uh through each of these different phases we feel different levels of stress and different kinds of communication different urgency different needs for for the messages that we need to get across so let me get on with a little bit of that here um oh look i can see my other screen that's fantastic that's really cool um let's take a minute to recognize the complexities of interpersonal communication right there's lots of books on it um i'm kind of picking and choosing some of my favorite parts i i think it's

important to kind of do an analysis of this first just to just kind of put things in perspective of of some of the challenges that we actually face why communication can be hard especially when we're stressed the hell out um in in this case here i'm the sender and i click there okay there we go uh and i'm jumping over a cubicle to chastise dave and we'll call him dave because that's his name beautiful human being actually knows a lot of taekwondo and bjj and could legit destroy me if i actually did climb over the cube in a nasty way i'm the sender and i'm falling into a trap here though i'm always right and

everybody should know the things that i know and value the things that i do right dangers of projecting as a sender well tell more about that in i think two slides if you've heard about me talk about the buckets though part of my coping mechanism during crisis to consider the things tend to fall into one of two buckets things i can control or in one things i can't control on the other if i focus on the things i can control the likelihood of reaching successful communication goals is much higher in this case as the sender so much rides on me uh in my picture i can't control the receiver but i can have hope that dave

is using active listening skills listening with the attempt to understand the messages i the sender intend to deliver it dave doesn't have to agree he doesn't have to agree with me a good listener suspends judgment though and biases until there's any reason to actually have it as a listener we want to do our best to understand what the sender's trying to tell us what am i trying to get across the message there's a message obviously that i'm trying to get across the information i'm flinging at dave and it has a pile of different parts in it encoding even just speaking the sentence i'm encoding a message in canadian english we can encode things in python then for

some reason because an employer told us to re encode it to javascript so consider that kind of thing with empathy when speaking to someone with a heavy accent they're parallel encoding decoding in their head while you're yammering right now we're also using tcp ospf tls and so many opportunities for everything to turn to crap and we haven't even started talking about the the verbals and the verbals are pretty simple it's just the words we choose right um social engineering's famous for studying non-verbals and you'll see all sorts of percentages that people toss around out there to say oh 86 percent of a message i don't know how they're quantifying any of that crap the reality is though that

non-verbals are are very very key um it's a lot of the message and they're key more so because of the consistency required between verbals non-verbals and encoding uh if you can see my face if you're if you're watching the stream let me try this

i'm not mad or i'm not mad it's inconsistencies are are they stick out with a blinking light to most people they're often read as lies which they may or may not be but they do indicate that something is abnormal that something is not not the way it should be uh and i tried to keep my voice flat in that that that little example there too because paraverbals is how we say our words my favorite example from my cousin finney uh at arrest the protagonist says i shot the clerk i shot the clerk whoa but in court the police chief says and the defendant said i shot the clerk i asked him again and he said i shot the

clerk so consider carefully how our emotional state especially in stress our mood our exhaustion our excitement our defensiveness all can have an effect on how we say things uh there's also a media medium person so person to person telephone spider phone sms chat radio teams meet zoom unidirectional simplex on the directional half duplex your communication will be more abrupt and at higher velocity in a burning building than in the comfort of a beach chair after beer number two context is always important too right she slapped hard is a very different statement when discussing a bass player than a domestic disturbance interference all the barriers between a sender and a receiver with their message their medium

things like fans and loudspeakers and douchebags with open headers on mustangs calgary southeast calgary seems to be you know the uh i'm all one for for loud exhaust i'm a car guy i like cars but southeast calgary where i live is the uh the hotbed of douchebags with open headers who like to roll around at you know 9 p.m at night through playground zones um also the the building you're in right you can have noise cancellers you can have you know happy uh echo canceling tiles etc um from a ham radio days i always talked about trying to optimize in our personal lives the signal-to-noise ratio too we seem to have an awful lot of

noise all the time and so little signal so little actual important information dang it's hard sometimes uh what we also have you know technology we're all talking over technology now if anybody tries to call me on the phone i don't answer it because chances are somebody claiming to be from canada revenue agency sending a share of tourists but packet loss could also be interference and what have we all done recently more so than anybody else ever at any time we're sticking masks on ourselves now and then having to yell at the poor lady from tim hortons going i would like a double double double so yeah okay it's hard we really hope that at some point we have some feedback

in the loop too that uh uh and and as a sender you can ask for some of that feedback as a a good active listener you can uh deliver some of that feedback using reflexive listening tools paraphrasing summarizing questioning my favorite of covie's habits so seek first to understand then to be understood again no port does this mean we have to agree but as long as we understand each other we have that mutual respect so my point communication it's just as complex as bgp and just as prone to screwing off if you found interpersonal communication hard as a computer technology professional as a security professional well heck you're not alone especially like when the world is legit

on fire all around you and i have no idea how my little animated gif is coming through i stole this idea from robert falzone of checkpoint because he always has the most brilliant slide decks um i stole so i've the next three slides are are my advice for ways that you can form your communications i stole this particular one from the emergency response world the situation report the sit rep etched in stone as the can report conditions actions need conditions what's the current status of my piece of the incident response actions what are me and my team currently doing what do we have in motion needs what do i need from you the audience when you're good

and it takes some time we'll talk about that too you should be able to relay what you know what you're doing and what you need from any audience in a very short period brief and organized uh the folks in the last session talked about that brief be good be brief be gone uh but what you need is last working on the theory of primacy serial position effect from thorndike's laws google it if you're looking for some really interesting ideas on you know occupational psychology uh great wikipedia article thorndike uh t-h-o-r-n-d-i-k-e especially in terms of high stress everyone already is barely hanging on and your audience is personal fifo buffers the first and first note buffers

are already overloaded people can't absorb a whole lot more so just say what you're up to with the intention of filling other people's needs and get a commitment for what you need this can be part of a formal roundtable or just making a request of another person or team and you need to listen to the info you might need when you're asking for need somebody else might already have delivered that in their report so get off your your phone during the round table and and and pay attention um so okay heat is on here's some examples i cooked up uh from the firefighting world i'm actually going to read this one command there's a search team one inside

the structure light smoke is visible with no heat we're completing the primary search of the main floor and requesting the results the exterior suite before entering the basement pretty simple hey what's up it's me i'm search team one i'm inside the building there's a little bit of smoke but no you know real heat or anything um we're just finishing up our primary search for the main floor we want to go in the the the basement which is known as the firefighter killer so maybe let me know if you see any puffing smoke from the outside conditions actions needs all right from physical security uh control bravo zero an unexpected person has just been located in the data center

bravo two's taken up station at the exit and we'd really like a supervisor to come down here and review the individual's credentials and maybe call the cops if necessary conditions actions needs got a whole lot through there pretty quickly uh okay adam yadanki let's apply this to information technology then ransomware was discovered on our data share two it staff members are currently focused on isolating any infected system one staff member is attempting to identify the point of entry so we can limit the spread we really need somebody with email system expertise to assist with the point of entry work a team to prepare file restorations and system imaging and if you've got it somebody can translate

russian to see how truly screwed we are if we can't get this under control not bad i like that i don't know i wrote it so i guess i'm biased conditions we have ransomware actions we have three people working on it needs we need a recovery team to say hi to cozy bear yeah good times when you get good at it feels really organized crafting your message so conditions actions needs i stole from the emergency response emergency services kind of community uh this one care uh where are we or precision clearance objectivity i heard this on a podcast once and i pulled over my car on the side of the anthony henday um i i can't remember who i stole this from

and i feel really bad i've googled it and i've never been able to come up with it again so if anybody knows where i stole this from i'd love to give them credit um but thinking back to our time versus bad stuff graph once you kind of get out of the need for those those really quick sit reps right and you can start you know actually crafting your messages a little better the can report still works but you can focus on crafting your message a little more carefully uh another triumph of cleverness that i like precision clarity and objectivity and this goes back on you the sender encoding your message precision i don't care about your filler words use

um ah like all you want what no one wants when more storage is undergoing ransomware attack every second is a 20-minute diatribe and crap that it's going to make a difference we don't need a dump of everything you've been working on we're assuming you got it handled unless you need something to help me along this path i've also been playing with adapting the i love emergency services stuff the five rights of of of of administering medication in first aid if you've ever taken a first aid course uh through st john ambulance or canadian red cross highly recommend that stuff by the way the right drug the right dose the right route the right patient at the right

time yeah i got that right um so i've been trying to re-adapt that into solving some of my precision communication needs get the right information the right volume of it through the right medium with the right context at the right time it's a little big i know it's a work in progress just no matter what you're delivering just do your best to make it precise clarity is about your audience um the reality is uh tanya said it this morning too you're b-sides i expect that you know about security and you know about technology that you're on top of this that you're good um so just be super careful not to fall into the trap of jargon acronyms insider

knowledge that your audience might not actually know about one of my pet peeves is the word obviously and sometimes i use the word obviously myself and i chastise myself for it maybe it's obvious to you but maybe it's not obvious to everyone in the conversation and even if it's kind of an attempt to self-depreciate it comes across as arrogance of belittling and the last thing that you want is is resistance in the listener um so besides i'm making this assumption that you're technical you know how to use google and jargon assumptions that i'm tossing out here are things that either you can google or you already know um but that's the danger for us as technology

professionals is that somebody might not know what ospf is or code injection or root hints or any of those other lovely things we talk about maybe 99 of our audience does in a crisis situation though with that one percent that doesn't understand us has the potential to be our one roadblock or maybe it proves our spending request then it's time to move on to no name brands uh an old adage and i talk about it with jason maynard did such a great job of it if you can't if you call yourself an expert and you can't explain the concept in terms that that the sender can or sorry that the receiver can understand then i as a sender probably don't know

my message well enough to be trying to explain it as an expert uh objectivity out-of-body experience uh i love my homer there um try to understand your listeners motivations to drill down to what's really important for everyone in a crisis folks don't want to hear you flexing they want to hear how you've made an impact on their priorities or lessened their noise and given them more signal uh if you need some leverage try thinking of this is empathy for your listeners bernay brown has lots of great talks on empathy i found them really helpful in describing how no matter what the situation you may agree with me or not but in this pandemic in particular we're all in this

together across the planet uh if we're going to get through it together we have to let go of some of our own views and try to understand the bigger pictures even if it's a crappy picture like how we're all supposed to achieve new normal on the time of plague is a business or you know a five-year-old's finger painting of a fire truck with dinosaur arms

oh water is great um and as crises stabilize and we're really starting to focus on things like business continuity can you remember we went up and then we kind of did it down then we did another up and we're kind of going down again we could start focusing on business continuity communications continue to have less urgency and more formality we can aid people in understanding our message by focusing on storytelling instead of fact rattling grinding our way through white papers reports policies corporate public document broadcasts it usually sucks storytelling and again brevity is is nice for sure but sometimes you need to hit people the the simon cynic stuff the start with why why how what really comes

into play here too and you can do it i stole this one this one is is stolen with license from michael santarcangelo um if you google security catalyst he runs leadership and uh and vendor education and consulting uh his straight talk program has been incredibly influential to me i encourage everyone to seek out as training if you want to be a real leader or if you want to have a really healthy sales pipeline in security great stuff um so yeah storytelling makes for communications that people actually want to read and that they'll take with them and for sean you were asking about some of this too how about security awareness and cyber security education for our

users characters conflict resolution the three parts to every good story um the characters are the people responsible for and affected by this incident hey besides calgary thanks for coming along for the ride with me characters pretty simple it doesn't have to be easy or in case of my funny pictures there ten thousand we could almost buy our own ship for that but who's gonna fly it could you yeah conflict the common goal or objective that we're addressing right doesn't actually have to be a fight i was kind of hoping for a city of edmonton versus city of calgary ciso grudge match um i'm pretty sure hannie can hit harder but tim is a good runner so i'm not really sure

how that would have worked out that would have been a hoot um with martin in the middle or or maybe rachel no rachel would be the judge martin would be the referee i think that would have been awesome sorry squirrel uh conflict the common goal or objective that we're trying to address with in this particular story darth vader i've been waiting for you obi-wan we meet again at last i made you some toast it's a little on the dark side don't you think um and resolution here's how we're working together to achieve our common goals can not just your goals not just my goals our common goals or how we're measuring success and how we can all achieve it it might feel

silly but it works and if we look at all media it's kind of the standard formula everything follows hobbits like many meals we have to destroy the one ring mount doom i'm the doom guy oh those imps or and floating eyeball things need to get splattered with the bfg9000 i reached the end roll credits uh real world my buddy we'll we'll call him norman because that's his name um he told me that his dropbox app disappeared from his work computer one day and so he went to the help desk and said hey why'd my dropbox disappear all he ended up was getting the cyber security group said it's been removed because of policy do you think that satisfied them no it

just made them think of cyber security teams a bunch of aminos could have been much different um so if we try it with the storytelling mentality again it's not i am a rambler but characters conflict resolution so i'm going to read this one off here well here's the thing our security team flag dropbox is a risk and our company is cash strapped and our help desk is already overwhelmed but we recognize you have a business need for a cloud storage tool we can't use dropbox in the manner you've been doing it the potential for you to put intellectual property in a personally managed tool and lose access to it could be super impactful to us

but we have onedrive for business activated with our office 365 accounts please grind through that with the online learning portal and see if it'll do the same stuff because uh then the files stay under the company's protections and and and our custody and we all come out looking pretty suave okay sure it's simplified but i believe it works so much better than because policy um if you want in the words of tim mcright get people to do what you what you want to do get people to do what you want to do because they want to do it too and that's what this is about

so we've done the conditions actions needs precision clarity and objectivity characters conflict resolution that's how you can actually start building your messages and and and find ways to actually bring people along for the ride how do you actually get that work and and and you know the reality is this is real leadership stuff um you might just think you're not a leader you're not a boss you know you know i'm just a pen tester but the reality is you are leading people along a path to you know sean's earlier question the the the reality is we're asking people to get better at cyber security sure cyber security can be all about technology if we want but the humans the

people who use the computers are the piece of the puzzle that we still are really really struggling with isn't it so you have the opportunity in every interaction with humans to to help be a leader uh introspect like spider-man check yourself before you wreck yourself lots of us have talked about uh dunning-kruger effect or illusory superior or superiority over the years the idea that you know people get a little bit of info and they think they're experts on a subject um and then we point at them and laugh at them and say ah you're not actually an expert in anything uh the reality is is that we are all kind of subject to it all of us

so recognizing our own weaknesses take a peek inside recognize our own weaknesses and use those as motivation to keep educating and improving ourselves if you can and do this carefully so as you don't break any wiretapping laws i think it's like part six of the criminal code i can't remember um but consider recording yourself during your own sit reps or participating in a meeting or record your side of a phone call be careful not to break any wiretapping laws please uh it's it's amazing what we can learn about ourselves with that little bit of separation too is that if i've recorded myself and then i go back and and listen to it later i can

see where i communicated best when i was when i was doing the firefighting thing um and anytime that i was in a command situation all of our radio communications were actually recorded uh after all the adrenaline was gone and all the stuff was cleaned up i would go back and i would listen to my recordings and i would actually say well how did i sound on the radio and sometimes i sounded good sometimes i didn't but i take the times that i didn't to learn from that um prioritizing really uncover with objectivity what's a priority again a really important leadership thing here um everybody cringes at the sound of the person for whom everything is an emergency um if

if the blood isn't going round and round and the air isn't going out you know life safety stuff that's a real problem your seat got moved take a chill pill avoid being that catastrophizer put things in a real bucket of what's really a priority and in the incident command system we prioritize through the big three life safety instant stabilization protection of assets property environment star dot star so one two three life safety take care of the incident and uh protection of all the things afterwards something that's super helpful are predefined incident severity levels with built-in accountabilities um i don't know maybe we could talk about that besides 2021 or something and own things care make a conscious choice to be that

leader um so i've learned an incredible amount i learned so much from my own kids my middle kid 13 years old she's been the captain of a couple of sports teams already um and not because she's always been the fastest skater or the takes the hardest shot or scores the most gold she's always chosen by her peers and her coaches because she wants to help she in her own words she wants to help bring out the best in in everybody else she wants to bring bring out the best get people to bring out the best in themselves those kind of attributes no matter where you are if you have them and if you espouse them

if you hold them dear to your heart you become known as the people to be relied upon when stuff goes south um the people who get talked about like dang that colton dude he's always so good in the crisis um actively choose to improve yourself and actively choose to bring out the best in everyone around you again besides this is a fantastic opportunity for anybody that if you're looking for a place to help this is it this is a great opportunity uh and then the last question that i have this is my last slide before my my kind of exit which i think i'm trying to get us back on track which would be lovely

and i'm gonna go back to the chat and see if there's any uh any cool things if anybody's got any cool uh cool questions or anything pop them in the stage there and i'll try to sneak back to them afterwards how do we get there how do we become great security communicators when plague hits the planet or the north koreans are all up in our stuff well do you get precise and accurate slap shot by reading about it no um can you beat leader arlo and pokemon go when you're only level 15 no you get good from being in the trenches so engage engage practice plan engage stuff goes off the rails every day find

ways to participate even if it's not your stuff especially if it's not your stuff oh my goodness i'd far rather be part of someone else's emergency than my own say yes uh catch when something's going crazy float the can float the question i can report hey alan i heard that storage is completely offline and everyone is dead in the water across the entire company tell you what the comms department is right around the corner from me can i be your liaison for company-wide broadcasts and take that off your plate right conditions actions needs i heard everything's broken um i'm physically located near the comms department and we need to you know just in case you forgot we kind of need

to tell everybody that everything's broken and i can handle that for you can i take that off your plate ask him permission you know one of the ones that's always a challenge and we do this all the time because we're lazy and we're really hoping the answer is no that question of is there anything i can do no of course not find something you can do and engage get in there find a way to get in there um practice bust out the 20-sided die and take on the demigorgon um on my website at missioncritical.ca and this isn't a plug for my consulting business because it doesn't exist uh i've got a but i'm just using that's

my email addresses and where all my family hangs out oh god please don't box me it's also wordpress please don't hack me um head over to if you go to mr critical.ca and you pop into the cyber security tabletop scenarios it's just some really simple like a few dozen like really simple really basic scenarios that you can have some fun with take it to your team my biggest takeaway from running many many tabletops for a very very long time make the scenario simple and play along with your environments variables don't try to control the outcomes let them evolve naturally but just pull out some floaters chuck them on the table and say okay uh jeff you're up here's your situation

you're kind of farting around with something you're following something funny and you found out that the lady who everybody loves has been with the company for 25 years uh in accounting you know sings the loudest on cake day also happens to you know be doing books on the corporate computers for the hell's angels how are we going to deal with that jeff go ah right and plan planning uh me and my seven ps that i stole graciously from i think the us army uh proper prior planning prevents poor performance using scenarios uh and tabletops uh anything that you've currently are previously engaged in connect with your marketing communications teams find somebody in your organization who likes to write

build your own high probability and high impact risk scenarios and just build yourself some templates because oh boy if you've got pci compliance you want to start dealing with that animal on the fly a um essential stuff that i believe is important to have in your back pocket ready to go in 2020 privacy or health information breach notifications um which comes in a couple of different ways one you might have to talk to rachel uh at the oipc and your everybody's got pii don't kid yourself you've got pii in your environment um even if it's just your own hr information you got pii maybe p personal health information too so you may have to do a notification to

them or your customers or your vendors right so so have some of that kind of pre-built and and don't build it under stress because that sucks well i guess if you have to you don't have a choice um media holding or formal statements if you can get somebody maybe on even on a contract to help you with some media holding informal statements because honestly maybe your ransomware attack will get you in the news if you've got customers and your customers complain enough you could end up on global i don't know but the idea of having that in your back pocket also something to revisit on a regular basis helps you understand where your customers are and what their

is important to them um insurance and lawyer activation messages you don't necessarily want to be walking down the hallway going to the ceo saying um do we have a lawyer on retainer uh while things are going ugly and same with your insurance maybe find out what your insurance is and figure out what their expectations are um financial partner compromise notifications because business email compromise is still a thing because people still click things and read things so just some ideas of things that you could use in your own world ahead of time so engage you know say yes get involved in things it doesn't even necessarily have to be security but just things that that are ugly and messy get involved dig

in um and maybe that's just my personal bias because i like the dirty stuff uh practice like actually practice but don't get overwhelmed with huge tabletop scenarios just easy quick floaters have some fun and plan the more proper prior planning the less poor your performance will be so that's what we talked about in my my five of threes uh precision clarity objectivity conditions actions needs characters conflict resolution introspect prioritize own engage practice and plan all in in hacker friendly green text on black screen uh and now we get to eat cake or at least i do or at least my dad's cookies uh and we're 244 i think i was supposed to be off deck at 250 so i'm gonna just

take a quick peek through oh thanks matt wordpress comes pre-hacked no worry i know but i was just trying to get my stuff done pci compliance on the fly yeah marlon i been there it sucks it's awful um for if if anybody at some point decides they want to get a hold of me too you can try me on linkedin it's pretty much the only social media i i pay attention to the uh um the reality is is that i i kind of have i have message burnout like a lot of people so if you do reach out to me by all means call me a donkey or something it's totally cool but i might be uh

it might take me a while to get back to you i do try to respond uh if cyber oh percent if cyber insurance is involved reach coaches yes yes if your organization is large enough to support a breach coach get that that's one of those proper prior planning things get involved in that uh and dedicated cost centers to track expenses related to instant investigation depending on your uh your organization you may or may not get some some uh some traction with that i've found that a number of of of accountants especially now and in depressed economic conditions are feeling really pinched by saying oh yeah here's here's a here's a variable bucket that you can use for not sucking what i have

done in the past and has given me some really really good advantages is having an instant response retainer with uh um any number of vendors and i'm not going to name any because i've already done my my product placements but there's any number of vendors out there who can give you ir retainers so and and they can include things as well like breach costs and if you don't actually use their services for incident response you can use them for the tabletops so you can help outsource some of your design of your your exercises as well what else do we have in here oh tj you're so sweet uh tony tony yeah the the why how what if anybody's not

familiar with the simon i guess it was it was the tedx talk that launched simon's career it's on youtube it's it's lovely it's uh it's it's a fantastic thing that talks about how to start hitting people at their heart and i would i would offer that that's something that we tend to do when we're when we talk about decision making and back to another one of adam's three things we tend to make decisions emotionally logically or financially well there's a three uh you know emotionally we tend to make a lot of our decisions emotionally financially you what when's when's the best time to go to the restaurant when we're hungry uh what do we do when we're broke we

look in the fridge um or or the logically thing we always think that we're making logical decisions about security and things like that but the reality is chances are we're pissed off at someone and we're we're more interested in having a fight um again talking about education and awareness is that we want to get people thinking critically pause think verify anybody who worked with me while i was at the city of calgary would have heard that over and over again is probably sick of it by now but asking people to pause when they're they receive a call to action over email or over uh over a web page or over a text message or a phone call or

anything slow down think think critically use your critical thinking skills in your brain to do the work and verify if it doesn't pass the initial sniff test just go ask somebody feel free to use that i didn't copyright it and i hope nobody ever does copyright it because it makes really good sense to be able to you know get people people who are using computers to really understand kind of our priorities too slow down think about it but the reality is is to get to the frontal cortex where we do all of our thinking at the front of our brain again i'm not a doctor or a psychologist but everything comes up the nervous system through the back of our head at

the hippocampus where all of our emotions are generated ah so we have to consider the emotional aspect of asking people to make decisions uh what else do we have in the personas masks to reduce human talk of nature and made us more listening i would one of the more interesting things for me is that um because i have resting resting jerk face uh when walking through a uh when walking down a hallway or something i usually like i make eye contact with somebody and i love the idea of you know giving somebody a silly grin or something and that's what and it's amazing people smile back and they get goofy and that's what the mask

has eliminated for me so i have to be very mindful now of of where my eyes are in my head anyways um there's somebody back now and some say that he invented the magnetic resonant immature and he once lost a kayak on bomaris lake all we know is he's called harvinder my friend how are you oh i'm good um thank you it's uh like you know an awesome talk uh you know kind of made me think in multiple ways especially like you know from for the communication like in a precision clarity and objectivity component um a very very high energy talk a lot of people actually asking what is your like you know how many

coffee you consume for your day full of ir activities i had three of these but in the morning all i've had is water since uh since lunch um i'm passionate about this i love this i love the opportunity not only to talk to people but to talk to people about security and to talk to people about um uh communication because i don't know it's fun oh yeah i know i know i remember when the day i was visiting calgary and you showed me the city of calgary and i see the like you know how much energy and how much like i would say enthusiasm has like you know inside your head like you know you

showed me i like almost 70 80 percent of the facilities i had you breathing hard that day that was a lot of fun now my my my current employer only has one building so the next time you pop down pop down highway too um not bring your shoes anyways we'll go on a run yeah so thank you very much um thank you and besides participants thank you so much for coming along really appreciate everybody here