Summary of The Smartest Person in the Room

Important Reference Materials

  1. "Cheney Reveals Fear of Pacemaker Hack," ABC News (video)
  2. "How the Dickens Process Can Change Your Life Forever!"
  3. "The 20 CIS Controls & Resources," Center for Internet Security

The Secure Methodology Overview

  • Step 1: Awareness. Awareness of ourselves and the world around us empowers us with options.
  • Step 2: Mindset. Our mind is a powerful tool that we can use to our advantage or disadvantage.
  • Step 3: Acknowledgment. Acknowledgment of ourselves and others reminds us of what we are capable of and motivates us.
  • Step 4: Communication. Our fulfillmentin life boils down to how well we communicate with ourselves and others.
  • Step 5: Monotasking. Presence is our ally; distraction is our enemy.
  • Step 6: Empathy. Our inner demons, successes, and failures connect us to humanity.
  • Step 7: Kaizen. Continuous improvement is necessary for evolution.

    • We are all fighting an internal war started by our own egos. Our insecurities stem from thoughts like,

    We can resolve these insecurities by growing internally and dissolving the ego, but until we do, we cannot effectively fight the cybersecurity war.

    The Dickens Process

    The Dickens Process is a NLP (Neuro-Linguistic Programming) technique and a process of transformation popularised by Tony Robbin's seminars and highlighted in Tim Ferriss' Tools of Titans book. Neuro-Linguistic Programming is basically an approach to personal development and communication. The Dickens Process is based on a character named Scrooge from Charles Dickens' novella "A Christmas Carol". Mr.Scrooge, who meets a ghost on Christmas morning, is shown how his future could be if he doesn't change his current bad behavior and limiting beliefs. This causes so much pain for Scrooge that he decides to change his life forever. The process uses the conscious mind in order to make you visualize possible future paths and attached real feelings to the process. Think about standing in front of a pathway, with the left side leading to one direction (the way you are currently traveling in which you don't change a current bad behavior such as smoking). The right side leads to the future-yourself if you would change your current bad behavior. The right path shows you how your life will change positively for you, affecting all other people around you. To give an example, think about your current bad behavior. This could be smoking a lot, not working out, drinking too much alcohol or not taking care of what you eat or how you treat the people around you. "In the Dickens Process, you are forced to examine limiting beliefs in your life." When you take the left path ask yourself the following questions:

    When you take the right path ask yourself the following questions: Technical people are most likely insecure because they either know they are unqualified to do their jobs, or they worry about not being the smartest person in the room. Their focus is on certifications and degrees, when it should be on cultural fit, confidence, passion, aptitude, attitude, and people skills.

    from Reference Number 3: In cybersecurity, there are five controls that stop 85 percent of all attacks.

    In cybersecurity, there are five controls that stop 85 percent of all attacks.

    1. Control 1: Inventory of Authorized and Unauthorized Devices
    2. Control 2: Inventory of Authorized and Unauthorized Software
    3. Control 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
    4. Control 4: Continuous Vulnerability Assessment and Remediation
    5. Control 5: Controlled Use of Administrative Privileges
    If these five controls stop 85 percent of attacks, does it make sense to spend time on anything else until you've mastered them? Until these five controls are in place, does it make sense to focus on anything else? One-hundred-item frameworks overcomplicate simple solutions, and often these five crucial controls are glossed over or ignored.

    Keep the technical jargon to a minimum. Try not to talk over people's heads. They need to understand what you are saying, so put what you are saying in terms that they can understand. Do not be afraid to ask questions. Do not posture (this is when you pretend you know what you're doing, in other words "fake it till you make it"). Hiding behind complicated frameworks and talking over someone's head prevents you from getting to the root cause of the problem. In academia and on most certifications, risk is defined like this:
    Risk = Threat × Vulnerability
    This is a very confusing formula. How can you define a threat or a vulnerability? How can you make this formula work in real life? A better formula is this:
    Risk = Probability × Impact
    How likely is something going to happen (probability) and what's the consequence (impact) if it does?

    >>>>>>> de6b42d (Added content)