Fail Fast, Often – Fail Forward
Fail fast, often – Fail ForwardInnovation Model for Cyber SecurityRiskMy-Ngoc Nguyen(Pronounced Me-nop Wynn)CEO - Secured IT Solutionswww.secitsol.comMaking IT Happen, Making IT Secure Secured IT Solutions. 2017 All Rights Reserved.
Who am I? CEO and Principal Consultant of Secured IT Solutions – ACyber Security and IT support and service provider for publicand private sector organizations– Some clients include the following: Switch; Long Beach, CA; Burbank, CA;U.S. Dept. of Energy; NNSA; U.S. Dept. of Defense; Clark County WaterReclamation District; Federal Communication Commission Certified SANS Instructor Experience– 20 years in IT– 15 years in Cyber Security Masters of Science in Management Information Systems Top industry certifications:– GLSC, GSEC, CISSP, GCIH, GPEN, GISF– QSA (lapse) Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
What do we think when we hearthis word? Secured IT Solutions. 2017 All Rights Reserved.
Why does it have such anegative connotation? Secured IT Solutions. 2017 All Rights Reserved.
Probably because this isengrained in us as kids Secured IT Solutions. 2017 All Rights Reserved.
How many black dots do you count?35?15?20? Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
Are thesecircles in astraightline? Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
Which black line is longer? Secured IT Solutions. 2017 All Rights Reserved.
What’s the feeling we get from Secured IT Solutions. 2017 All Rights Reserved.
Failure What does failure mean to us when itcomes to cyber security?– Incident? Breached?– Fined – compliance? Secured IT Solutions. 2017 All Rights Reserved.
Does it mean being one thesefirms? Secured IT Solutions. 2017 All Rights Reserved.
Organizations with MassiveData Breaches Yahoo (2016 / 2013)– Initially thought 1 Billion– 3 Billion – Oct 2017– 94 Million JP Morgan Chase (2014)– 83 Million Yahoo (2016 / 2014) Anthem (2015) eBay (2014) Sony Play Station (2011) Equifax (2017) Home Depot (2014) Heartland Payment Systems(2009) Ashley Madison (2015)– 500 Million– 145 Million– 77 Million– 143.5 Million– 130 Million Target (2013)– 110 Million– 80 Million Tk-TJ Max (2007)– 56 Million– 32 Million Office of PersonnelManagement (2015)– 21.5 MillionSource: USA Today and Business Insider Secured IT Solutions. 2015 All Rights Reserved.
OR does it mean being victimto Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
1/
Images from: IBTimes UK, SecurityMagazine, RT
What does failure mean when itcomes to compliance? Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
It’s bad to fail our audits or pentests.WRONGFAIL OFTEN AND FAST Fail often and grow (learn fast – failforward)– Ok to fail Pen Tests– Ok to fail audits– Learn to be able to respond fast Improves the meantime to detected and respond Secured IT Solutions. 2015 All Rights Reserved.
ImpactDéjà vu, repeatedcyber incidentsTrue focused orsophisticatedattacksSelf-assessmentand AuditsFast detected,contained, andrespondedincidentsForward Failures Secured IT Solutions. 2015 All Rights Reserved.
Pass the audits and becomelike: Yahoo (SOX) eBay (SOX) HeartlandPayment Systems(PCI) Target (PCI) Tk-TJ Max (PCI) JP Morgan Chase(GLBA, PCI, SOX,etc.) Anthem (HIPAA) Sony Play Station(PCI) Home Depot (PCI) Secured IT Solutions. 2017 All Rights Reserved.
Organizations with MassiveData Breaches Yahoo (2016 / 2013)– Initially thought 1 Billion– 3 Billion – Oct 2017– 94 Million JP Morgan Chase (2014)– 83 Million Yahoo (2016 / 2014) Anthem (2015) eBay (2014) Sony Play Station (2011) Equifax (2017) Home Depot (2014) Heartland Payment Systems(2009) Ashley Madison (2015)– 500 Million– 145 Million– 77 Million– 143.5 Million– 130 Million Target (2013)– 110 Million– 80 Million Tk-TJ Max (2007)– 56 Million– 32 Million Office of PersonnelManagement (2015)– 21.5 MillionSource: USA Today and Business Insider Secured IT Solutions. 2015 All Rights Reserved.
ImpactDéjà vu, repeatedcyber incidentsTrue focused orsophisticatedattacksSelf-assessmentand AuditsFast detected,contained, andrespondedincidentsForward Failures Secured IT Solutions. 2015 All Rights Reserved.
Growth andimprovementsFailures Secured IT Solutions. 2015 All Rights Reserved.
The concept of failing fast andoften Book Art and Fear by David Bayles andTed Orland Ceramic class split into 2 groups andprovided 2 different grading criteria– Group 1 was graded on quantity of pots theyproduce while Group 2 was graded on qualitypot– Group 1 ended up producing the best work inquality (technical and artistic sophistication) Secured IT Solutions. 2017 All Rights Reserved.
An example of a company succeedingby experiencing many failures in the last10-15 years.– became the first privately funded group to put apayload in Earth orbit, in 2008.– launching unmanned cargo vehicles to theInternational Space Station (ISS) and– has 4.2 billion in contracts from NASA alone and itsrecent success in cracking the defense contractbusiness Late 2016 win contract (value of 112 million) from NASAand early 2017 to fly astronauts Secured IT Solutions. 2017 All Rights Reserved.
Failures experienced 2006 The first SpaceX launch fails just 33seconds after lift-off. Cause: a rusty nut. 2007 The engines shut down prematurely andthe rocket fails to reach orbit. SpaceX is 0 for2. 2008 SpaceX’s first payload for NASA;payload ended up in the sea instead. Thisthird failure almost killed the company. It wassaved—just a day after the crash—bybillionaire Peter Thiel, the company’s firstoutside investor. Secured IT Solutions. 2017 All Rights Reserved.
Failures experienced– September 2013: Hard impact on ocean– April 2014: 1st Soft Water Landing– July 2014: 2nd Soft Water Landing but breaks apart after landing– August 2014: Engine Sensor Failed – Rocket blew up on air– September 2014: Ran out of liquid oxygen– January 2015: Ran out of hydraulic fuel– April 2015: Stick throttle valveDec 2015 first Successful Landing– Jan 2016: Landing leg collapsed– March 2016 Landing burned failedApril 2016: First successful drone ship landing– May 2016 Radar glitch and Leg broke– June 2016: Ran out of propellantMarch 2017: First launch and landing of a reused first stage. Secured IT Solutions. 2017 All Rights Reserved.
Growth andimprovementsFailures Secured IT Solutions. 2015 All Rights Reserved.
Growth and improvements /ImpactDéjà vu,repeated cyberincidentsTrue focused orsophisticatedattacksSelf-assessmentand AuditsFast detected,contained, andresponded incidentsFailures Secured IT Solutions. 2015 All Rights Reserved.
Growth andimprovementsGet here to effectively fightand defend by failing oftenGrowing so lesserexperiences of failingbecause of Déjà vuFailures Secured IT Solutions. 2015 All Rights Reserved.
Learning from failures not easy Learning is not instantaneous or automatic– People feel grief which obstructs our ability tolearn from failure People need to have the feeling But you need to not allow the grief of the loss affect theinability to learn from a failures Make the most of failures– Emotionally capable organization Don’t desensitize failures Secured IT Solutions. 2017 All Rights Reserved.
How to foster learning fromfailures? Use every opportunity– Quantity over Quality Focus on the right and calculated failures.Tailoring the easy-to implement failing forward suggestionfrom Fail Fast, Fail Often– Identify the impacts– Reverse thinking: look at ways you can fail Drives process improvement and maturity Drives Offensive Defense– Do it anyways: Get out there and give it a try Ex. No repercussion for blocking sites for an hour– Case study with watering hole Secured IT Solutions. 2017 All Rights Reserved.
How to foster learning fromfailures? cont. Fail Forward: use exploratory action to learnand discover– Threat Intelligence Find the next challenge: Seek out the nextopportunity to reach your limits.– Threat Hunting– Succeed!! Secured IT Solutions. 2017 All Rights Reserved.
Secured IT Solutions. 2017 All Rights Reserved.
Sources Times.comFortune.comVerizon DBIR and DBDFail Fast, Fail Often How Losing can help you win. By: Ryan Babineaux, Ph.Dand John Krumboltz, Ph.DTimeline.comForbes.com“How Not to Land an Orbital Rocket Booster” Youtube compilationArt and Fear by: Ted Orland and David Waylon Secured IT Solutions. 2017 All Rights Reserved.
Questions?Email:Phone:Web:Location:My-Ngoc Nguyenmyngocn@SecITSol.com(702) 608-0437SecuredITSolutions.com6795 Edmond StreetLas Vegas, NV 89118 Secured IT Solutions. 2015 All Rights Reserved.
Tailoring the easy -to implement failing forward suggestion from Fail Fast, Fail Often – Identify the impacts – Reverse thinking: look at ways you can fail Drives process improvement and maturity Drives Offensive Defense – Do it anyways: Get out there and give File Size: 1MB
Forward Basic MB-02 Forward Basic MG-04 Forward Basic PD-05 Forward Break BL-04 Forward Change (Natural to Rev) VW-03 Forward Change (Rev. to Natural) VW-04 Forward Chassé CH-Int Forward Lock Step QS-14 Forward Progressive Basic MB-11 Forward Spot Turn MG-18 Forward Tipple Chassé QS-37 For
Nov 16, 2020 · ASTM C1064 - Temperature of Concrete Pass Fail Pass Fail WYDOT 477.0 ASTM C172 - Sampling Freshly Mixed Concrete Pass Fail Pass Fail WYDOT 480.0 ASTM C143 - Slump of Hydraulic-Cement Concrete Pass Fail Pass Fail WYDOT 479.0 ASTM C138 - Density (Unit Weight) and Yield Pass Fail Pass Fail WYDOT 481.0
March 1- Registration begins for Summer 2017 March 1-Graduation Application Deadline for Spring 2017 March 1-Grades Due Fast Forward I March 1-Classes begin Fast Forward II March 1-2–Report of Non-Attendance Fast Forward II March 2-Last Day of Add/Drop Fast Forward II March 13-Academic Advising for Fall 2017 - Schedule viewable in Wavenet
The MikroTik Fast Path and Conntrack's work together gave the name Fast Track. Fast Track Fast Path extentions Only Ipv4 TCP/UDP (Total Traffic %99) FastTrack management is left to network admin FastTrack can be used on devices with Fast Path support. After the first packet of the connection passing through the router is marked as Fast Track .
the program. Press FAST FORWARD to move forward in the program. Press it up to 4 times to increase the fast forward speed. FF, FF2, FF3 and FF4 will appear on-screen. FF is the slowest setting and FF4 is the fastest. Press FAST FORWARD a fifth time or press PLAY to resume normal play. NOTE: You can only
the remote control and change disc track/video file using / . Stop the playback using . Fast forward/rewind Start fast forward/rewind by means of a long press on the buttons / . Then increase fast forward/rewind speed by short presses the buttons. Audio files are fast forwarded/rewound at one speed,
Daniel Fast during which they will use this fast to refrain from secular distractions and increase their time in prayer and Bible study. Here are some ways one might conduct a Daniel Fast or a Modified Daniel Fast: FAST SPECIFIC FOOD AND/OR DRINK: This is an accurate representation of the Daniel Fast where Daniel refrained from eating rich food or
Unit 5: American Revolution . 2 A m e r i c a n R e v o l u t i o n Political and Economic Relationships between Great Britain and the Colonies England became Great Britain in the early 1700s, and it was throughout this century that the British colonies in America grew and prospered. The growth of the colonies made it more and more difficult for Great Britain to remain in control. King .
