Author: Hans Rosling with Ola Rosling and Anna Rosling

In this book the author tells about indicators about the world. He thereby asks the following thirteen questions as multiple choice:

  1. How many girls in the low-income countries finish the primary school? 20%, 40% or 60%?
  2. Where does the largest part of the world population live? In low-income countries, in middle-income countries or in high-income countries?
  3. During the past 20 years, the proportion of the world’s population living in extreme poverty has almost doubled, remained about the same, or almost halved?
  4. What is the average life expectancy in the world? 50 years, 60 years or 70 years?
  5. There are now 2 billion children from 0 to <15 years in the world. How many children will there be according to the United Nations in the year 2100? 4 billion, 3 billion or 2 billion?
  6. According to the UN’s forecast, the world’s population has increased by another 4 billion by 2100. What is the main cause of this? More children under 15, more adults between 15 and 74, or more old people aged 75 and older?
  7. How has the number of people who perish during the past 100 years changed due to natural disasters? More than doubled, about the same or decreased to less than half?
  8. There are now around 7 billion people in the world. Where do these people live? Americas-Europe-Africa-Asia: 1-1-1-4, 1-1-2-3, 2-1-1-3 billion people?
  9. How many children of one year or younger in the world are now vaccinated against a disease? 20%, 50% or 80%?
  10. Thirty-year-old men around the world have spent an average of 10 years at school. How many years have women of that age been on average at school? 9 years, 6 years or 3 years?
  11. In 1996, tigers, giant pandas and black rhinos were on the list of endangered species. Wow many of these three species are now even more seriously threatened? 2 out of 3, 1 out of 3 or none of 3?
  12. How many people in the world have any access to electricity? 20%, 50% or 80%?
  13. Climate experts around the world think that the average temperature in the next 100 years will increase, stay the same or decrease?

These thirteen questions are better answered by chimpanzees with marked bananas according to a thought experiment. Even people who call themselves experts in a specialist field, answer wrongly in large numbers to questions about neighboring disciplines. Even the great leaders of the world systematically give wrong answers. The question is why. Because that is the question that can lead to a change. It turns out that we are people with at least 10 instincts that bother us. 10 is a large number. Which are they? This is explained in as many chapters, richly laced with examples and events from his own life and events in the world.

  1. The gap instinct: the instinct that paints an image of two separate groups with a gap between them. To keep it in control, it is best to look for the majority. In this situation you have to be careful to compare averages, extremes, … and watch for a look from above because that distorts the view.
  2. The negativity instinct: negative news reaches us much easier because positive things have too little news value. To keep it in control you best count on bad news. Remember, too, that something that “something is going better” is not ”something is going well”. The past is often represented in a pink distorted image.
  3. The straight-line instinct: We often think further in terms of linear extrapolations. Continue straight on the line. Remember, however, that most lines are not straight lines. Do not just go out of a straight line.
  4. The fear instinct: Terrifying things are often not the most dangerous things. Calculate the risks. The world seems scary because the scary messages are passed on better. Do not make decisions when you are anxious.
  5. The size instinct: when a separate number is given, compare it best with other numbers within the context. Look at the proportions. They have more meaning. Use the 80/20 rule when you get a long list. Record the largest topics first.
  6. The generalization instinct: this is working with conclusions based on categories. This can be misleading. Therefore look for differences within groups, for similarities between groups, differences between groups. Beware of ‘the majority’. That can also be only 51%. Beware of examples if you do not know whether they are the rule or the exception. Start from the idea that other people are smart too.
  7. The fate instinct: Know that something is not constant when it changes slowly. Because that is also change. Follow the small changes closely. In the long term, these become big changes. Do not let your knowledge get outdated. Talk to your grandfather to know what has changed. Let culture renew itself.
  8. The one-shot instinct: having one perspective can limit your imagination. Find a 360 ° view of your business. Let people who disagree with you test your ideas. Be honest with yourself about what you do not know. Be open to ideas from other fields. Provide facts in addition to the figures. Do not go through (too) simple ideas and (too) simple solutions.
  9. The scapegoat instinct: If someone is to blame, the attention goes away from other aspects. Therefore do not point with a finger but look for solutions. Find the cause without looking for the guilty. Search for the systemic background. If you do not seek villains, you do not need any heroes either.
  10. The urgency instinct: Needing an urgent decision is often unjustified. Make a step-by-step plan with small steps to make improvements. Before you start you take a deep breath. Request the dates of the facts. Beware of fortune tellers. Their statements are about the future and therefore have a great uncertainty. Do not proceed too fast. Ask yourself what the immediate and long term consequences and the side effects will be.


Future Crimes

Author: Marc Goodman

The author gives a tour in this book in a world that is online 24/7/365. It is about a new story of what can go wrong. And it is not an old wine in new bags. They are all new crime possibilities. Who is a potential customer? You ! What is a potential product that is traded in the crime world? You too ! Why? Because you have a laptop or a smartphone, or a credit card, for example. Or an e-mail address. Everything about us is interesting. Everything can be sold. Everything can yield money in some criminal context. Who can defend us? We ourselves must do that!
That is very briefly told what it is about.

Now told more broadly.

Chapter 1 begins with an unpleasant experience of Mat Honan. He was hacked by a teenager, for fun. But the damage was enormous. The impact of the first viruses on the world is also outlined. And the fact that citizens think they are safe, while the world relies on security software that is lagging behind. The influence on the stock market is regular and huge. And yet the world continues as if nothing is going on.

Chapter 2 makes it clear that not only computers need to be the target. The security of public infrastructure is so bad that a fourteen-year-old teenager could hack a complete network of tram lines in the Polish city of Lódz with a self-built infrared remote control.

Strictly speaking, most information networks are not of better quality in terms of security. The citizen is therefore not safe. What can be done with tram lines can be done with scada systems of water treatment plants, power stations, etc. And it is nice to know that all necessary knowledge for this and many other crimes can be found on the internet. There you will also find books such as The Mujahideen Poisons Handbook and the thick Encyclopedia of Jihad. But not only children and adolescents are criminals on the internet, the criminals as well as nation states play an important role.

Chapter 3 makes it clear that the lawless have Moore’s law on their side. Because they choose where they attack and when, they can maximize the exponential growth of technology, while the defense line has to secure everything, which in the best case allows linear growth.

This brings the author in chapter 4 to another point: the “good people” are often not a customer, but a product for the benefit of the criminals. Because they have a disease, or an e-mail address, or a credit card, or a car, or a job, or a smartphone, or a child, etc …

And the crime is not far to find, even social media organizations such as facebook and Google or hotmail sometimes make mistakes with regard to the trust that their customers have in them. They do so by offering their services such as webmail, chat, storage space etc free of charge. But in reality they become owners of the data that people put on it, and can they trade it. Why can they do that? Nobody reads the terms of use before they sign it. Moreover, these conditions are written and formatted in such a way that they are almost illegible.

To tell all the chapters here would lead us too far. But what more can you expect in the book?

Crime happens on the deep web. You can install a TOR on your PC for that. That way you can buy the craziest things through the right social media there: weapons, drugs, child pornography, malware to measure, contract killers, extortion, …

But the question is, “What are the future crimes? Because we know all this already today “.

Well, how about crime tailored to your DNA? Biosynth crimes such as viruses that are tailored to your DNA, and that kill only you or almost only you.

And what about Internet-controlled terrorist attacks, which eventually make use of artificial intelligence? Or the threat posed by the combination of robotics and general artificial intelligence?

And how about hacking your domotics? Because so-called petty thieves must also go along with their time. And refrigerators that indicate that the milk box is empty, and place an order. Cars without a driver.

Or of plants that give light at night? Or single-celled organisms that are reprogrammed to make drugs. Or DNA technology used for data storage.

The problem of technology is that it is a double-edged sword. On the one hand it can be a blessing to mankind, but on the other hand it is a curse, once in the hands of the criminals. And crime is always on the front row to find applications for new tecnology, while governments are often on the last line.

In one of the last chapters, the author places an important responsibility with the citizens. They can not expect that the government can offer protection against everything. That is not realistic. That is why these last two parties have to work together. Crowdsourcing and gamification can play a role in this.


PRAGMATIC Security Metrics

Authors: W.Krag Brotby and Gary Hinson

The book is about how to make security metrics, assess, for whom to use them, but above all that it is useful to use them.

PAGMATIC stands for:

  • Predictive
  • Relevant
  • Actionable
  • Genuine
  • Meaningful
  • Accurate
  • Timely
  • Independent
  • Cheap

And these are the criteria on which each indicator must be assessed.

My personal favorite is the first: Predictive. An indicator must be able to tell something about what can be expected in the near future. The second is Actionable for me, because an indicator must be able to provide a measure that can adjust the indicator. Meaningful is important, because too often the owners of the indicators are disappointed, because too easy indicators are made, which are quickly and easily measurable, but tell us only a little bit about the security of the organization. Meaningful, in my view, is diametrically opposed to Cheap, which had to be “Complex”, because more complex indicators carry more information, but are more difficult to obtain, more difficult to interpret and therefore more expensive to use.

Accurate then reminds me of the fact that indicators best yield figures that are correct. A lot of discussion must be allowed, which is difficult when the indicators are not defined and / or measured accurate.

The seventh characteristic, Timely, indicates the natural characteristic that the management has no message from indicators that have already passed their time. This is also important for the predictive nature of the indicator.

The book opens with an office memorandum: the CEO of the company briefly asks the CSO to argue why Information Security is important. An answer that is due ‘tomorrow’.

The book then begins with a chapter that is indispensable: a lot of inspiration to make clear to the various target groups in the organization why working with Security Indicators is important, besides the fact that they already have the habit to use many other indicators, mainly financially.

This is followed by chapters on amongst other things, why we want to measure Security. This too can be motivating to help convince people in the organization.

The next important chapter is Chapter 6, which gives us an introduction to the mnemonic PRAGMATIC. Ultimately, however, the reader is free to choose other criteria.

However, the main chapter is claimed in Chapter 7 by applying the PRAGMATIC criteria to 150+ indicators, with a discussion of each one of them. This is to immerse the reader in the principle of thinking according to these criteria.

Then the book goes on to set up an Information Security Measurement System and the things that can be used for this. An introduction is given in Key Indicators, the disadvantages of metrics, and the practice is highlighted in, among other things, a chapter dealing with the case of the office memorandum in the beginning. This is followed by a not too complex conclusion. The book concludes with a reply from the CSO to the CEO’s question at the beginning of the book.

Crisis management strictly spoken: mini exercises

Author: Manu Steens

In the context of training, both large and regular small exercises are very important. The main objective of these 30-minute exercises is to learn to work together in a crisis situation. The emphasis is therefore also on getting to know each other in these kinds of circumstances. But also to learn to brainstorm together.

Here are some small exercises:

Polarisation – Understanding the dynamics of us versus them

Author: Bart Brandsma

With many oppositions, such as in politics, but also at home, at school, in an association, … there are people who have a feeling to be attacked verbally (or non-verbally). Two camps are formed, each with a number of groups, which the author classifies in:

–    The pusher
The joiner
The silent
The bridge builder
The scapegoat.

Each of them plays a role in a case of polarization.

The pusher mainly seeks his justification and power via one liners with which he tries to pull the mass of the silent to his joiners.

The bridge builder often tries to restore the harmony by working on the pusher with arguments, which usually amounts more fuel for the pushers and their joiners. He is usually not trusted, and often becomes the scapegoat.

There is, however, a method to break this vicious circle, based on four game changers:

–    Change target group: you do not have to concentrate on the pusher nor the joiners, but on the silent.
Change topic: find the underlying, often deeper hidden real reasons and goals of the dispute, and talk about it. This is very difficult, because if you hit the ball here, this is fuel for the pushers. However, it is the only chance you have to be believed by the silent.
Change position: speak from the group of the silent, in the middle of them, not from the point of view of the bridge builder. So also: show your own feelings in the case, be one with them.
Change the tone: you have to be truthful. The silent feels it directly if you do not believe what you stand for. In this respect, what the author calls mediative speech and mediative behavior is therefore an absolute necessity. If you ruin that, the polarization will explode in your face.

According to the author there is a strong intertwining between “big brother” polarization and “small brother” conflict. Both of them run together for a large part, but not entirely, so that polarization can always trigger a sequel after the end of a conflict.

This is the first book I know that appeared on the subject. It deals with the phenomenon of polarization in human language, so that everyone can understand it. It is a hands-on booklet laced with examples, even where things went wrong.

Attempting polarization is perhaps the most difficult aspect of human opposition. There should therefore soon be more objective reporting of cases, which are recognized as such, including the unraveling why it succeeded or why not to depolarize them.