Book tip: "Time management for system admins" by Thomas A. Limoncelli

Just some practical sentences about this book from 2005 by Thomas A. Limoncelli.

If you are working in Information Security or in Information Technology in general, and you need to improve managing your time and prioirities, this book deals with this eternal topic from a light (and IT based) viewpoint.

I do not favour a lot the omnipresent self-help books. However, this book could help if the reader needs to improve on this field or is under a lot of stress.

In a nuthsell, I would like to high light three points on time management:

- It needs to follow a focused and committed methodology.
- It helps organising any aspect of life.
- IT people has the advantage of being able to devise and use automation.

Happy reading!


Book review: "Own Your Future : How to Think Like an Entrepreneur and Thrive in an Unpredictable Economy" by Paul B. Brown et al. The ALBR process

I came accross this book by Paul B. Brown, Charles F. Kiefer and Leonard A. Schlesinger almost by chance. The title was enticing so I decided to give it a go. You can read it really fast and the structure is very approachable. Having an Information Security mindset, you can apply generic recommendations to our professional field and even try out some entrepreneurial experiments that could lead you to a professional change.

If you are going through a period of time after which you really need a positive? work-related change, reading this book could help you. As always, a little disclaimer: This post does not replace at any time the careful reading of the book and all points expressed here are extracted from the book but by no means complete, comprehensive or unbiased.

If I would have to summarise the book in only one sentence, I would say ALBR. The acronym of Act, Learn, Build and Repeat. This is what authors recommend to put in practice your own ideas. Note that they start with the word Action. The beauty of this book comes now: You select the scope and the context in which you will apply your own ideas: in your startup, with your current employer, at home, during your leisure time... actually these learning points can be applied everywhere and anytime.

I also like a lot the fact that this book, published in 2014 also proposes something that I was already suggesting in my first Information Security book: IT Securiteers - Information Security Management: Take baby steps, small steps so that you can always be in control and, if needed, revert back. Baby steps are an important risk-management measure.

The book is full of US-based examples. At the end of every chapter you have a nice little box with the key learning points (just as the IT Securiteers book, where you can also find a summary of the applicable MBA models at the end of every chapter).

The first section of the book describes how our professional world has changed compared to the one previous generations had and how this fact requires new skills (and new approaches) in all of us. Worth highlighting regarding risk management, the book confirms how the best entrepreneurs are quite risk averse.

The second section actually proposes the Act/Learn/Build/Repeat process to manage risk when starting off a new endevour. This process, plus the use of small baby steps, make you ready to fail safe, since there will never be something really major, or not manageable, at stake.

The third section is very realistic. It first confirms that not all our likes and passions will be payed by the market i.e. we can only follow our passion if we can (economically and realistically) afford it. Let's remember we need to live in this world. This is a convenient time to mention the model I wrote about in the IT Securiteers book on the intersection of your skills, your passions and the market to make a living.

The fourth section provides an interesting spin to starting something new: They propose to do it outside your everyday job. Certainly the possibility to start something new within your current job, providing even more value to your employers, should not be discarded. Actually, for those ranking high in risk-aversion, it is even recommendable. 

This section continues with the small steps approach and how your long term goals can only be achieved focusing on small deltas every day. This also applies to Information Security programmes and projects.

I like this sentence from the book: "Remember, your next job is probably not your last one".

Lastly, the authors remind you that you are the ultimate control point of both your job (and eventually, your life).

Happy future reading!


Away from monotony!

Book review: "Diary of a hedge fund manager" by Keith McCullough

Keith McCullough and Richard Blake wrote this book in 2011: "Diary of a Hedge Fund Manager: From the Top, to the Bottom, and Back Again". Keith McCullough was also the author of the mcmmacro blog (already discontinued in 2008). This book has nothing to do with Information Security. At least it does not have a explicit link. Why do I post this review then? Let's summarise it in telegraphic bullet points:

- Being a hedge fund manager is tough. The author mentions how starting work at 4 am was nothing extraordinary. Time required on a daily basis to follow companies and feel markets' sentiment is huge. Information security displays the same trait.

- The book uses the professional sports world (more specifically, hockey) as an analogy. In both fields, required efforts and focus and existing competition are comparable. Also applicable to Infosec? I think so.

- The mantra in hedge funding: Liquidity, transparency (well, actually the authors claim that during the first decade of this Century it was insufficient) and returns (on each and every single quarter!).

- This book also suggests a higher degree of self-involvement in personal financial investment strategies. I would also suggest the same for personal Information Security strategies.

- Short-term performance, during those early years of hedge funding, was given more priority than to adherence to principles. How is the Information Security field in this respect?

Please share your comment

Happy reading!

Expertise comes with time

Book highlights: The Sleep Revolution by Arianna Huffington

This time I share with my readers the main reading points of the book titled "The Sleep Revolution" by the famous entrepreneur Arianna Huffington, currently leading thriveglobal, probably the site to visit to keep yourself in balance.
Disclaimer: as always, a very personal and biased collection of thoughts extracted from the book. This collection by no means aims to replace the reading of this book.

These are some of the aspects I would like to highlight, especially to the Information Security community professionals, so that they do not waste themselves, either by working or worrying, into sleepless nights.:

Main takeaways

- Women need some more sleep than men.
- Lack of sleep produces overweight and heart attacks.
- Sleep is currently an underrated health habit. It is a side of life that should be as important as our awake time.

- People in key jobs such as drivers, pilots, doctors run higher risks when they are not well rested.
- Sleep changed from being a social and looked after event to being a despised need. Now there are changing times.
- Sleep is for the brain to be healthy. During sleep, the brain cleans itself from toxic proteins.
- Poor sleep transforms into poor memory.
- Sleep is key in the complex task of understanding our lives.
- Sleep on it: A smart way to learn and decide.

Sleep phases

0. Beta waves in the brain during our awake time.
1. Light sleep (starting to decrease our temperature and heart rhythm.
2. Deeper sleep (temperature drop)
3. Slow high amplitude delta wave sleep (if we wake up there, we feel disoriented)
4. REM (rapid eye movements), body rates increase again (blood pressure, temperature, movement). it is when we do most of our dreaming activity. REM sleep takes us offline.

The later dreams occur during the night, the more bizarre they are.
Normally we go through 3 to 4 sleep loops during a night.

Sleep and health

- Required to avoid illness and also required to recover from illness.
- Self control requires mental energy. Sleep gives us energy.
- From Freud to Jung: dreams are an internal experience, a possibility to learn and to link with our spirituality.

Programming dreams

- Dreams are essential for learning and memory.
- You can try to program your dreams first by writing them down right after having slept and subsequently by thinking on what to dream just before going to bed. Certainly without any digital device.
- Nice piece of advice: Keep a dreams diary.
- Dream incubation example: In which area of life would you like to receive guidance?
- Dreams regulate our experience, our emotions and our memories.
- Dreams contribute to emotional intelligence.
- Dreams reset the emotional compass.
- Innovations come also from dreams.
- Dream about an exam and you will score higher.
- Sports people practice this to get a better performance.

The best meditation is sleep

- Take deliberate actions to improve your sleep.
- Meditation and sleep are friends.
- Simple relaxation technique to try to sleep: Inhale with 4 counts, hold with 7 counts and exhale with sound on 8 counts.
- Use breathing to slow down yourself.
- Another simple relaxation technique: The half-smile relaxation.
- Try to find serenity through a picture, some music, the memory of a place.
- Bringing thoughts of kindness and gratitude certainly help: Think of the opportunites to help people that you used.
- Create a gratitude list.
- All this always via baby steps.
- A 30-min nap can reverse the hormonal impact of a night of poor sleep.
- We need more stillness in our lives.

Before going to bed
- No sugar, no alcohol, no big meals.
- Interesting thought: We will all die, thinking about this fact will let you distinguish what is important.
- Assertive statement "to practice death is to practice freedom".
- Use a mind-dump to-do list before going to bed to release you from those worries and... tomorrow will be another day.

The sleep house

Book highlights: The Filter Bubble by Eli Pariser

This time I write about a book by Eli Pariser first appeared in 2011. It title points to its main content: The filter bubble. How the new personalized web is changing what we read and how we think.

As it were real future-telling, the author, already in 2011, prepares the reader to understand the perils of web personalization and its potential consequences. Now, in 2017, those consequences have materialised.

Let's remember that an interesting part of Information Security is Personal Data Privacy (it that still exists!).

As always, little disclaimer, this collection of learning points do not replace the reading of the book and they constitute a very personal list of items. Let's start:

- The arrival of personalised Internet search by Google in 2009 contributed to make the user of that search a real product rather than a customer.

- The delivery of personalised search results creates, for each of us, a personal bubble in which we will live on. This is great in terms of confirming our interests, however this is not so great in terms of isolating each of us within our own bubble and system of beliefs.

- Different point but also worth highligthing: Asymmetry in email. The cost of sending an email is orders of magnitude lower than the cost of receiving and reading an email (in terms of human time devoted to it). This is the main reason why email spam exists.

- Facebook focuses on relationships among people and Google on relationships in data.
- Facebook focuses on what you share, Google on what you click.
- Both aim the same final objective: User (product) lock-in.

- The author also talks about user behaviour as a commodity and how some companies monetise that e.g. acxiom.

- Interesting fact: Google News was created as an initially easy way to curate news after 9/11.

- A fact: More voices means less trust in a given voice.
- In the US in 2011 people watch TV on average 36 hours per week.
- Definition of TV: Unobjectionable entertainment.

- The key to keep audiences happy: Creating content in response to their likes.
- Personalised filters affect the way we think and learn.
- We tend to convert papers with lots and lots of data into "likely to be true".
- Information itself wants to be reduced to a simple statement.

- The more expert you are in a topic, the more reality-bias you have and the less successfully you will predict.

- Consuming information that conforms to our ideas is super easy. That is why we do it.
- The filter bubble shows us things, but it also hides other things to us and we are not as compelled to learn about new things if we do not know about them.

- It is important to be able to do what you would like to do but also to know what is possible to do.
- For the time being, Internet personalisation does not capture the difference between your work self and your play self.
- There is a difference between that we watch and what we should watch.
- Profiling gives companies the ability to circumvent your rational decision making.
- Personalisation still does not distinguish signal to noise.
- If our best moments are often the most unpredictable ones, what will happen to us if our bubble is fully predictable?
- The bottomline: In the book the author mentions that we do not know the effects of this filter bubble. However, six years after its publication, we can see its real consequences in terms of fake news and isolation.

- The existence of the cloud. Personal data in the cloud, outside your computer, is much easier to search than info on your computer.
- Statement extracted from the book (published in 2011): "Personalised outreach gives better bang for the political buck".

- In the post-materialism era we buy things to express our identity, not because we need the item we buy.

- The personalised bubble make getting people from a community to make better collective decisions more difficult.

- Peter Thiel, American entrepreneur, e.g. Paypal founder, states that "freedom and democracy are no longer compatible".

- Engineers resists the idea that their work has moral or political consequences.

- Small pieces of advice: Delete our browser history every now and then. And if you dare, your cookies ;-) Use the incognito tab in your browser.

- Be aware of the power of default e.g. by default when you open the browser you do not land on the incognito tab.

- The author states that there are also possibilities to improve using this technology if companies are transparent in explaining how their filters work and how they use our data.

- Corporate responsibility is required, and probably also a kind of oversight.

- Personal data should be considered a personal property.

Too much to think about in only one post!
Happy reading!

Hello to a new world