CIAOPS Secwerks 1 is now totally virtual

In the face of continued COVID uncertainty locally I have decided to move the whole Secwerks 1 event online. The event will now be conducted fully using Microsoft Teams. Registrations are still open for the event starting on August the 5th, but now spread over 4 half day sessions to lower fatigue levels. You can register now and find a link to more details at:

www.ciaops.com

The event times will be during Thursday and Friday afternoons here in east coast Australia (GMT+10) and may not suit other locations. However, every business that registers will receive a copy of the recordings as well as the training materials. Registration is also now per business not per individual.

The Secwerks event is focused on giving you actionable information around Microsoft 365 as well as best practices, automations and understandings about how to improve the security of these environments. If you manage an Office 365 or Microsoft 365 environment, this, now, virtual event is for you.

I am working hard to add some unique sessions to the agenda and will be confirming those soon. Thanks to those who have already registered for being so accommodating in the face of this unexpected pivot but I look forward to seeing you at the event from the 5th of August 2021.

Cybercrime reporting poll

pexels-donald-tong-143580

I’ve created an anonymous public poll asking the question:

Are you reporting cybercrime incidents, like ransomware, to government or police authorities?

which is here:

https://forms.office.com/r/mENdwmaXRj

as the results rolling you can see the summary here:

http://bit.ly/ciapoll01

I’m interested to see what people are doing when it comes to reporting incidents to authorities?

Register your interest for a hands on, deep dive Microsoft 365 Security event

pexels-pixabay-356065

If you are interested in attending a hands on in person 2 day deep dive event into Microsoft Security including:

– Exchange Online

– Windows 10 hardening

– Effective incident monitoring

– Identity security

– Data protection

and more then I encourage you to register your interest now for CIAOPS Secwerks 1 in Melbourne CBD over 2 days, Thursday the 5th and Friday the 6th of August 2021. I expect demand to be extremely high for this event and I will have more to share when I have confirmed all the details. However, feel free to reach out to me if you want more information. Please register your interest here to be kept up to date with the event:

http://bit.ly/ciaopsroi

The theme of this event will be to help you understand all the technologies that the Microsoft Cloud provides, how to configure them appropriately and get your Microsoft Secure Secure above 80%. The material covered will be technical and cover all the basics but then to extend beyond Level 400. The course is specifically designed for those who need to provide security for environments connected to Microsoft 365.

I hope to see you there.

What the online world can learn from recent on prem Exchange Server challenges

It has been a pretty challenging few days for those that still manage and maintain on premises Exchange servers thanks to:

HAFNIUM targeting Exchange Servers with 0-day exploits

Throughout which I’ve seen a lot of smug cloud administrators wondering why people still bother with on premises. I think a better use of their energies would be to look at the current situation and learn from it rather than allocating it to self righteousness.

The cloud is a shared responsibility model. This means that both Microsoft and end user now responsible for the security of cloud infrastructure. Luckily, these recent Exchange issues have largely fallen to Microsoft when it comes to the cloud. Where there is room to learn for the rest of us, is in the response to the situation from those battling to contain it.

From everything I have seen online in regards to the HAFNIUM issue, what I find most interesting is the lack of a response plan. Technically, administrators can follow directions, run scripts, patch systems pretty well. However, most seem totally unprepared for this kind of situation, especially at scale. That’s what worries me the most. Why? Because challenges in the cloud can easily be of the same scale and impact.

There have been plenty of examples when services like Azure AD or Exchange Online have been unavailable, but when they have, I’ve seen the same level of, dare I say, panic. Because systems work 99.99% or more of the time ‘on average’, a large amount of complacency begins to creep into the system, especially those charged with maintaining these systems. Thoughts of disaster recovery and outage impact get put on the back burner and never really addressed because there are always ‘higher’ priorities.

What worries me is the dependency we have built into our modern lives, business and economy, to the point where most cannot function if their phones run out of charge. What worries me when I look at the response I see to broad security challenges in IT is simply the lack of a credible contingency plan. A check list of what to do, if you like. Of course, you can’t have a plan for every contingency but some semblance of a plan is better than no plan at all surely?

In the end it comes down to risk analysis. When the sun is shining, risk analysis is the furthest thing from people minds. This however, is exactly the time that it should be a priority because developing a strategy in midst of a crisis does not generally lead to the best outcome. You want to have a checklist of what to do, well in advance of whenever you may need it.

Even though the systems I work with are cloud based are immune from the HAFNIUM (it appears at least), that doesn’t stop me learning from how the unfortunate are dealing with it. I’m watching, learning and preparing, because as the saying goes, “When did Noah build the Ark?”

Before it rained.

Before it rained.

My podcasts – 2021

desk-music-headphones-earphones

You can find the previous year’s selection here:

My podcasts 2020

I do spend a lot of time listening to podcasts, generally in between things, like travelling. However, there is a limit to how many you can consume in a week and that’s why I need to be very discerning about what I listen to.

Regulars

These podcasts are ones that I generally won’t miss an episode of.

Windows Weekly

The latest Microsoft news with some fun and entertainment along the way. Paul Thurrott’s musing make this podcast alone something worth listening to.

The Tim Ferriss Show

Some really great advice, business insights and strategy. Also lots of life lessons that I have found work really well for me. A weekly must listen for me.

Hardcore History

These tend to be quite long, like reading a book, but a very good and very interesting. Luckily, they are not that frequent, so it can make a nice change from all the tech stuff

The Intrazone

All the latest news and information about SharePoint, OneDrive for Business, Teams and more directly from Microsoft.

Sync Up

A podcast focused on the Microsoft files experience around OneDrive from Microsoft.

MJF Chat

Mary Joe Foley interviewing someone in the technology field. What I really like about these are they are short and to the point. Makes it much easier to listen to on a regular basis.

Darknet Diaries

Really well produced cybersecurity focused podcast. Has a nice variety of topics and the content is good and well researched. If you enjoy the security side of IT you’ll love these episodes.

Currently evaluating

These podcasts I listen to frequently, but maybe not every episode. Some of these may eventually get cut from the roster. Anything here has to provide real business value for it to remain long term.

Security Unlocked

Still findings its feet but with the growing need focus on security I think this will provide some valuable information from Microsoft.

Windows Insider podcast

Always interesting to hear what’s the latest and greatest with Windows from Microsoft.

Microsoft Cloud Show

Tends to be somewhat developer focused but there is handy information here, once you get past some of the other stuff, although I must admit this is becoming less and less the case. In short, podcast is starting to become a little off topic and may need to make room for something else.

Cyber

A podcast focused on cybersecurity. Fairly broad and somewhat more laid back and less technical (from what I’ve listened to so far) when it comes to content. Will need to listen to more episodes before deciding if this podcast makes the cut.

#Shifthappens

A podcast focused on digital transformation, typically in the enterprise and government space. Not too long which is good.

If I have time

There are simply not enough hours in a day to get through everything. These are great podcasts but I simply don’t have the time to listen to them regularly unfortunately.

Jocko Podcast

Probably too hard core for most. For me it is a great mix of military history and business mindset training. If you have a ‘fanatical’ tendency then give this one a listen.

The Kevin Rose Show

A bit like the Tim Ferriss podcast. Plenty of interesting and different stuff that always makes you think. Somewhat irregular episodes but I am still enjoying what I’m hearing.

Business wars

Interesting to get the story behind major business rivalries. More a ‘stage production’ than a podcast. Very enjoyable if you have the time.

Behind the Tech

Hosted by Microsoft’s Chief Technology Officer, Kevin Scott, it has lots of interesting guests and topics.

Once off podcasts

Think of these more of a book you’d read or a TV show you’d watch.

13 minutes to the moon

If you love space, you’ll love this ‘podumentary’ on the moon land. The production quality is simply first class, which you would expect from the BBC. Make sure you listen to both seasons so far!

The Bomb

Another amazing BBC production focused on the Atom bombs. If you are a history buff, I’ll bet you’ll love this one as well.


I churn through these mostly at 2x speed to allow me to get through as much content as possible. I do have a few other podcasts on my current podcasting app. I am always on the lookout for good podcasts business, technology, history, whatever. So if you can recommend something you like, I’m all ears.

Finally, of course, there is my own podcasting effort:

Need to Know podcast

which covers the Microsoft Cloud (typically Microsoft 365 and Azure) as well as business topics. I encourage you to have a listen and me know what you think. 2021 will be the eleventh year that it has been available.

Hopefully, there is something of interest to you in what I listen to. Feel free to let me know as well as any recommendations you may have, as I said, I’m all ears!

My Tech Books – 2021

Tech is as much a lifestyle choice these days as it is a career. The geeks and nerds have risen to rule the world. Don’t believe me? Ask Bill Gates! Sometimes it is good to step back and take a wide look at how technology has changed the world we live in – for better and worse. My selection below I have found to be enjoyable and thought provoking in many different ways and I recommend them to everyone who is interested in tech.

There hasn’t been an change to this since last year. Good tech books are hard to come by it seems!

You can follow all the books, tech, business, non-fiction I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone? This book has become so popular that there is now a movie. Believe me, the book is better.

4. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers – Andy Greenberg [Non-Fiction]

This is a great book if you are interested in IT security. It is also a very current book which makes it even more engrossing. It is easy to read and quite comprehensive in its approach, not only dealing with the technology of security attack but also the geopolitical reasons and consequences.

It reveals that shadow world of nation state cyber attacks and illustrates how they are happening today and likely to increase in the future. The connected world of the Internet has brought us many benefits but it is now increasing risks as our dependencies increase to the point that there are few manual backups that don’t depend on technology.

I think this book is a real glimpse into the future and what we may be in store for in the even of rising global conflicts. If you like tech, you’ll love this!

5. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

6. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

7. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

8. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

9. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

10. Takedown – John Markoff and Tsutomu Shimomura [Non-Fiction]

The pursuit and eventual capture of notorious hacker Kevin Mitnick makes for great reading. Is somewhat dated now but still a great read.

My Business Books – 2021

Check out my recommendations from last year:

My Business Books – 2020

Honourable mentions that I read last year:

– Indistractable: How to Control Your Attention and Choose Your Life – Nir Eyal, Julie Li

– Mastery – Robert Greene

– Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones – James Clear

– Thinking in Bets: Making Smarter Decisions When You Don’t Have All the Facts – Annie Duke

You can follow all the books I read and want to read over at Goodreads where I have an account. You can also view my activity via:

https://www.goodreads.com/director_cia

Here’s my current top business books in order:

1. The Art of War – Sun Tzu

The all time classic on strategy. As relevant today as it ever was. A very short read but very deep.

2. The Millionaire Fastlane – M.J. DeMarco

I love the brutal honesty of this book. It doesn’t mince words about what it takes to shift from a pay check to actually living the life you want.

3. The Tipping Point – Malcolm Gladwell

The world is all about not what you know but who you know. This book explains exactly how this works and how to use it to your advantage.

4. The Four Hour Work Week – Tim Ferriss

Many people believe this book is about shirking responsibility. It is in fact a blueprint for how to free up your time to do things you want and enjoy. It will challenge the way you look at your career.

5. Secrets of the Millionaire Mind: Mastering the Inner Game of Wealth – T. Harv Eker

The successful are defined by a different mindset. This mindset can be learned. It can be trained. This is a great book to show you how to do just that.

6. Talent is over rated: What Really Separates World-Class Performers from Everyone Else – Geoff Colvin

Demonstrates that the best comes from implementing a system. Having a system allows you to focus on the right thing and do that work that is required. If you want to take yourself to an elite level, beyond just good, then read this book.

7. Book Yourself Solid: The Fastest, Easiest, and Most Reliable System for Getting More Clients Than You Can Handle Even If You Hate Marketing and Selling – Michael Port, Tim Sanders

You can’t survive in business without a steady flow of customers. Selling to people is the wrong approach, you instead need to attract them to your business. This book helps you achieve exactly that.

8. Profit First: A Simple System To Transform Any Business From A Cash-Eating Monster To A Money-Making Machine – Mike Michalowicz

Business is about making a profit. This then gives you the freedom to do what you want with that profit. This book helps you focus on profit and setting up systems to make the most of the profit you generate.

9. Barking Up the Wrong Tree – Eric Barker

Conventional wisdom does not always apply and in some case can actually be detrimental. Challenging what is taken for granted should be in the play book of everyone who wants to achieve at the highest level. Important lessons can be learned in the strangest places and form the strangest people. Have an open mind and you might be surprised at what you have believed to be bad in fact turns out to get just what you need.

10. Unbeatable Mind: Forge Resiliency and Mental Toughness to Succeed at an Elite Level – Mark Divine

Another mindset book. Business is not always going to be easy or take the intended route. This is when you need to have the determination to see your plans through to success. This book shows you how to develop the mental toughness to make this happen.

11. Mastery – Robert Green

Excellent read with lots of great strategies to take away. Excellence is not a talent it is a skill. That means that it takes hard work to achieve, but hard work is available to everyone, yet few choose the path. There is no secret to Excellence, it is something only time and effort will reward you with and iof you choose that path you’ll be one of the few.

12. Tools of Titans – Tim Ferriss

There are few books that take the learnings for so many exceptional people and puts them at your fingertips. This is one such book that packs a lot of business and life learnings between the covers.

13. Predictably irrational: The Hidden Forces that Shape our Decisions – Dan Ariley

Although we like to think logic and rationality rule our world emotion is by far the more powerful influence. Understand this in the context of business and you are well on your way to understanding why people make the decisions they do and how to best profit from them.

14. Extreme Ownership – Jocko Willink and Lief Babin

Moving beyond blame is tough. This book illustrates the ownership of the problem and the environment is a key to success in the military or in business. It is a path few will elect to take voluntarily, however more may do so after reading this.

15. Peak Performance: Elevate your game, avoid burnout and thrive with the science of success – Brad Stulberg

Success is largely about developing a winning system. This book show you how to approach that pragmatically. If you want to see results use this book to help you build the system.

16. Blink: The Power of Thinking Without Thinking – Malcolm Gladwell

The older you get the more experience you get. This experience is aggregated in your ‘gut feel’. Trusting your ‘gut’ may not appear rational but this book will help you understand why it is in fact your best option in many cases.

17. The Now Habit: A Strategic Program for Overcoming Procrastination and Enjoying Guilt-Free Play – Neil A. Fiore

Plenty of great productivity learnings in here that help you take action. It shows you how to focus on the right stuff in the right priority. Even if you are not a major procrastinator there is plenty in this book that you can take away.

18. The One Thing – Gary Keller

Multi-tasking is a myth. Focus is the key to success to bringing all your resources to bear in unison makes a hell of a lot of difference. Most people can’t do it, so those that can stand a much greater chance of success.

19. Deep Work – Cal Newport

Distractions are wasted energy and time that you’ll never get back. You’d be amazed at how distracting the modern world is. If you can minimise these distractions you can focus more and be far more productive.

20. The E-Myth – Michael Gerber

The classic on ‘procedurising’ your business and creating a structure that doesn’t need you to survive. The simple secrets inside this book can transform any business from hardship to joy.

Let me know what you think. Do these work for you? What’s your top business reads? I’d love to hear.