What Next After Resilience? Wisdom From AISA's CyberCon 2022
Remember when you were eleven and you got back to school after the holidays and saw friends and shared experiences? You may recall the din and the excitement. That was how it was at @CyberCon2022 in Melbourne, after two long years away.
I vaguely recall that the school return thrill, lasted less than a day, but I can report that the electricity of reconnecting continued for the full three days.
The theme of the event was “Resilience in the Cyber World”. A good theme and a topic we continue to grapple with.
An event attracting thousands is able to bring in big global speakers, and AISA did not disappoint. To wrap up 2022 and maybe to help frame our resolutions for 2023, here is a selection of thoughts, ideas, and soundbites from a selection of these globally recognised speakers.
Captain Chesley ‘Sully’ Sullenberger
Ric Elias of North Carolina was a passenger in Row One on Flight 1549 which crash landed 13 years ago on the Hudson River in New York City. This experience of having no control over his next 3.5 minutes, and having his life in someone else’s hands, changed his life.
He was not a speaker at @cybercon2022, however, the pilot that day was Captain Chesley ‘Sully’ Sullenberger. and he was the closing speaker of this event.
Within minutes of commencing, Sully stressed that this Hudson River miracle required the efforts of a whole team, including the first officer, Jeffrey Skiles, the crew, the passengers, and everyone on the ground. That success was as much a result of teamwork and adherence to procedure as it was of skill and coolness under pressure.
Sully pointed out that they had just 3.5 mins to find a solution that was not in the checklists or manuals, but behind those 3.5 mins was a lifetime of learning.
He explained that approximately 45 years ago, aviation safety changed with the introduction of a raft of new ideas around the role of people. The focus came onto the idea of “turning a team of experts into an expert team”. They recognised that compliance alone is a necessary but not a sufficient condition for safety.
“We also had to have the resilience and other systems and knowledge to be able to handle things we hadn’t trained for or envisaged,” Captain Sullenberger told his audience.
Another set of changes involved reducing the flight hierarchy between the captain and the rest of the crew. They made it psychologically safe for the most junior member of a team to approach a captain about an issue. They made it “about what is right not who is right”. There was a dual right to speak but also the responsibility to speak up .
Jumping back to recall his air force days and being a fighter pilot working in fast speed low altitude formations, he pointed out that the real learning from rapidly unfolding events and experiences, occurred at the post flight debriefs, where leaders and followers held each other to account.
Those brutally honest exchanges about what worked or didn’t and why made the difference. The lessons learned process is why aviation has been so safe for many years, and this is an essential part of an airworthiness system.
During the Q&A session the obvious parallels to cyber events were drawn and it was clear that too few in the audience saw this approach paralleled in their organisation, but many clearly thought it should.
Earlier in the event the keynote speaker was Erin Brockovich, known to many thanks to the movie starring Julia Roberts, and now to many millions more as an environmental activist and passionate advocate for protecting water as a fundamental human right.
Erin was quick to identify that she was not in the room to talk about cybersecurity but was there to share her thinking which was relevant to security. Her big opening volley was around the need to go back to listening to our instincts, using intuition, and being connected to our environment, to people, and to ourselves. With a rare suggestion, she identified an unexpected benefit of COVID-19 to the world in that it sat us down, triggered a reboot and reset, and forced us to be more awake to our environment.
Published during COVID-19, her book Superman isn’t Coming is about US water and infrastructure issues but has relevance to everyone concerned about security issues in their organisation or life. “Whatever we do, we keep looking for someone else to give us the answers when the answer lies within the person in the mirror,” she said.
Erin introduced a term unknown to most of us in the room, the word “Sticktuitiveness”. Yes, it is a real word, and it means dogged persistence and perseverance. “This humanistic sense is all about using intuition, to follow what does not feel right.”
On leadership, Erin’s philosophy is that it is not about being up the front but about seeing the quality in another and pulling them in to work with you. “I want to come in and work with you, how do we collectively get something done?” If you are worried about cyber “you ask questions, you plan, you be prepared, you implement an action.”
Erin admitted she was freaking out a little about speaking to a cyber community, so she went to her bank and asked them whether it was a “big thing”. The Manager said cyber is all they do and shared a story of a fraud. The skills that caught it before it was too late were all those she talks about.
“Be you, be present, if something does not feel right, if you are uncertain, step out of that box,” she said. “Never be afraid to activate your own instincts, rely on them, work with them, believe them.”
Answering a question about how to get people to listen to hard truths about security risks, her advice was to allow space for people to process and give them facts but recognise that people struggle to believe truths if they are driven by fear.
Steve Wozniak (Woz) is a rare speaker who can provoke a large auditorium full of people to smile and keep smiling. He was his authentic self and did not talk in sound bites. Sharing stories of Apple’s history, he reminded us that the iPhone was the greatest product introduction ever. “I’ve got more power than Superman with my iPhone…” (we possibly need to connect him with Erin Brockovich!).
My favorite thing he said has resonance for everyone going into the holidays and thinking about the person they want to be in 2023. His consistent message for the past decades (see his interview in The Guardian from 2016) is: “Everything you do should have an element of fun in it. Happiness to me is smiles minus frowns (H=S-F). Increase your smiles, do a lot of fun things, enjoy entertainment, talk with people, make jokes. That’s creativity.” No more frowning in 2023!
Finally, to Ric Elias. Apart from cofounding Red Ventures, a portfolio of digital companies in North Carolina in 2000 that has grown to 3,000 employees across several countries, he a survivor of aforementioned Flight 1549.
These days, as a result of his near miss experience, he runs a portfolio of tech brands with a strong social focus. His four-minute TedTalk from TED2011 is worth a quick listen. It is entitled “3 things I learned while my plane crashed”. Sully’s wisdom comes from the cockpit, from a position of leadership and a place of control. Ric’s wisdom comes from the back end of the plane, where there’s a complete absence of control.
Wisdom from Ric includes:
- live with purpose, on purpose;
- This moment is the only one that’s guaranteed;
- If we live each day like we are running out of time, making every second count, we will live with no regrets;
- Compete only against who you were yesterday. There will always be someone who is smarter, stronger, or luckier – but what matters most isn’t winning.
- Give your best to the work that’s worth doing, so you can earn the right to keep doing it.
Leader or follower, this combined wisdom has something for everyone.
NZSM correspondent Jennie Vickers attended @CyberCon2022 in October, gaining wisdom from some of the most inspirational speakers on the planet. She shares her big takeaways from the Australian Information Security Association’s flagship event.
Read this article in full from NZSM online HERE