Post 9mJ4MMPIPGwA4k4wUK by bzdata@infosec.exchange
(DIR) More posts by bzdata@infosec.exchange
(DIR) Post #9mJ4MMPIPGwA4k4wUK by bzdata@infosec.exchange
2019-08-27T04:15:07Z
0 likes, 1 repeats
I'm doing research on root cause analysis and problem solving skills - I miss bringing in RCA visualizations and risk trees. And dare I say -- want to bring it back?!
(DIR) Post #9mJ4MMadj60kdvO0Aa by jerry@infosec.exchange
2019-08-27T09:01:39Z
0 likes, 0 repeats
@bzdata sounds interesting. Getting people to focus on good RCAs is tough, in my experience, since people want/need to get on to other things. I’ve not seen one with a visualization or risk tree - sounds worth the time.
(DIR) Post #9mJtbxlE1hisJ02SlU by bzdata@infosec.exchange
2019-08-27T18:35:58Z
0 likes, 1 repeats
@jerry There's something called risk tree analysis (https://blog.infodiagram.com/2019/01/root-cause-analysis-tree-diagram-presentation.html) that I really like visually. This helps as I'm building out multi-team stakeholder programs
(DIR) Post #9mJtl57Q2UBljRlfIe by jerry@infosec.exchange
2019-08-27T18:37:36Z
0 likes, 0 repeats
@bzdata thank you!!
(DIR) Post #9mJvG1b5HXb7k1xiVM by dredmorbius@mastodon.cloud
2019-08-27T18:54:26Z
0 likes, 0 repeats
@bzdata Related, my own "Hierarchy of Failures in Problem Resolution":https://old.reddit.com/r/dredmorbius/comments/2fsr0g/hierarchy_of_failures_in_problem_resolution/You could also view that, as a positive statement, as a problem resolution kill chain.You could also add a few items: identifying parties' interests, options, evluation of & deciding on options.Parties' interests may, it should also be noted, include _prolonging_ or _extending_ the problem. Among others.Diagnosis may not be essential, though it's often useful. "Just fix it" may work.
(DIR) Post #9mKfP38zUnav2L3ymu by bzdata@infosec.exchange
2019-08-28T03:31:29Z
0 likes, 0 repeats
@dredmorbius Thanks for the link! I work with a ton of ex military so the IAAM concept came up a bunch.
(DIR) Post #9mKh9DEsOYtFcXOMzI by dredmorbius@mastodon.cloud
2019-08-28T03:51:02Z
0 likes, 0 repeats
@bzdata Right. If you get down to it, much of this is effectively cybernetics / operations research, though I prefer the former. Systems theory is another closely related domain.Charles Perrow ("Normal Accidents", "The Next Disaster") is great reading in this area. He highlights, as do others, the profound difficult, _even in the midst of an evolving disaster_, of people being aware, or admitting to themselves, that there is in fact a problem. The military examples I give on ...1/
(DIR) Post #9mKhOABk1GBoVG3SIi by dredmorbius@mastodon.cloud
2019-08-28T03:53:44Z
0 likes, 0 repeats
@bzdata ... the previously-linked page and a few others on that subreddit (a bit of a personal blog) highlight this. *Especially* the Hiroshima bombing (for the Japanese military command) and the HMS Sheffield missile attack.I've made a point of following natural disaster news stories and noting especially *lack* of information from a given area being a REALLY bad sign -- it usually means 1) comms are out and 2) no assessments are available. Both are exceptionally bad signs. 2/
(DIR) Post #9mKhbCeOB1Cju5fk8G by dredmorbius@mastodon.cloud
2019-08-28T03:56:06Z
0 likes, 0 repeats
@bzdata Another frequent pattern is gross confusion over information coming in, with widely ranging and conflicting reports. Eyewitnesses are bad enough, but opportunists who feed on attention or actively seek to sow disinformation are far worse.And official channels (especially media) are horrible at sorting this out. Both talking to the public *and* to officials.Read Walter Lippmann's assessment of the US press following the Russian Revolution (1918) and credulity failures. 3/
(DIR) Post #9mKhqPvh5UMRQq1NWi by dredmorbius@mastodon.cloud
2019-08-28T03:58:51Z
0 likes, 0 repeats
@bzdata The worst fault seems to be *wanting* to hear a specific story.I've caught myself in this frequently as well, with an initial take on news that's utterly at odds with ground truth, usually out of a wish for a specific story. I've learned to keep initial aspirational takes to myself, and am frequently ashamed of my first responses.That's where the fact that a disaster is literally a breaking of framing devices and biases comes into play. Reality and our mental models don't align.4/
(DIR) Post #9mLmsLDuFZ9SLNEjYm by bzdata@infosec.exchange
2019-08-28T16:29:54Z
0 likes, 0 repeats
@dredmorbius You are absolutely correct. Comms out doesn't mean anything. People often think that's enough. But comms out is just a bandaid
(DIR) Post #9mLqWN0JLf9NJQel04 by dredmorbius@mastodon.cloud
2019-08-28T17:10:46Z
0 likes, 0 repeats
@bzdata Comms out means, immediately, *you don't know what the ground truth is*. Absence of information is absence of information.A *widespread* outage, especially if *intermittent* (and likely not single cause), *suggests* a widely impacted damage area, with bordering regions offering some guidance as to state.Outage of *highly reliable* comms is generally Not A Good Sign.And, speaking from a tech background, comms up but wildly disagreeing or out-of-bound values tends to be A Bad Thing.
(DIR) Post #9mLqok7S94dYDPl2lU by dredmorbius@mastodon.cloud
2019-08-28T17:14:06Z
0 likes, 0 repeats
@bzdata Specific cases (nontechnical) of the latter:- The mortage craze leading up to the 2007-8 global financial crisis. The stories coming in to me just didn't make sense. I stayed out of the market despite encouragement to enter (though TBF that's something of a normal bias for me).- The Columbia Shuttle disaster, with "off-scale low" readings immediately prior to destruction of the vehicle. Sensors or their cabling had been damaged.Generally, "fog of war" and initial news reports.
(DIR) Post #9mLrbvDZfYCCpL4U76 by bzdata@infosec.exchange
2019-08-28T17:22:59Z
0 likes, 0 repeats
@dredmorbius It's also a societal norm now. We're ok with just hearing headlines/comms and just leave it at that.
(DIR) Post #9mLuGbJclpdeskQU2y by dredmorbius@mastodon.cloud
2019-08-28T17:52:45Z
0 likes, 0 repeats
@bzdata And *that* gets into the whole matter of information overload.Which could start with a good definition (I'm not aware of one, I'll check).But: *normally*, our framing and parsing systems can make sense of the world because we know what to *ignore*. When we *don't*, when we have FOMO, when there's always another insight around the bend, we're deluged.Disaster is a failure of models. As is information overload. Models which allow us *to dismiss information without concern*.
(DIR) Post #9mLuTo9KMj2ORyuKCe by dredmorbius@mastodon.cloud
2019-08-28T17:55:08Z
0 likes, 0 repeats
@bzdata Headlines lack nuance, and are generally engineered to attract attention, except when they're not, as in burying bad news, ergo: headlines are virtually always *manipulative*.Look at purely informative formats, say, the President's Daily Briefing. Ten pages, about ten items, a page (250-500 words per), takes 30-60 minutes to verbally deliver, the most critical items of the day.Still far from perfect, but at least *intended* as a relevant information delivery system.
(DIR) Post #9mLuaML4ABfKDxWQro by dredmorbius@mastodon.cloud
2019-08-28T17:56:19Z
0 likes, 0 repeats
@bzdata See also: James C. Scott, "Seeing Like a State"https://en.wikipedia.org/wiki/Seeing_Like_a_State
(DIR) Post #9mLvlsAiFVfS5ljWXQ by dredmorbius@mastodon.cloud
2019-08-28T18:09:36Z
0 likes, 0 repeats
@bzdata Question back at you: what are some good situational assessment models that you know of?I'm familiar with SWOT (strengths, weaknesses, opportunities, threats), and a few variants. Anything like that on your radar?
(DIR) Post #9mQVArXK1RlOOBne2y by bzdata@infosec.exchange
2019-08-30T23:05:07Z
0 likes, 0 repeats
@dredmorbius didn’t see these notifications earlier. Thanks for your patience — but I don’t have any favored situational assessment frameworks or models
(DIR) Post #9mQVBiaglewqvyma9Y by bzdata@infosec.exchange
2019-08-30T23:05:17Z
0 likes, 0 repeats
@dredmorbius at least not yet ;)
(DIR) Post #9mQVJe3jV2vNCF9D5k by dredmorbius@mastodon.cloud
2019-08-30T23:06:44Z
0 likes, 0 repeats
@bzdata Thanks.I've been looking at a few, most seem fairly similar. Potter's Four Post / five element, and a six-element list seem interesting, so far.