Thoughts From My Inbox

December 17th, 2021

Groceries, Airports, and Log4J

I commented last week on what a busy week it had been. Same thing goes for this week. Next week, it has to settle down, right?  You’ve probably seen something about the Log4J or Log4Shell issue that has been a global issue this week; Ashton’s response is included in this email, below.  We have the usual cybersecurity topics, and since nobody bothered to send me any interesting real estate items, I have two different travel topics.  And, I’ve even included something about the Amish. 

 Had a meeting with a prospect/friend this morning and we got talking about the pallet company that we just brought on as a new client (I told our sales rep Pete to make sure the proposal was palatable).  Much of their workforce is Amish, which led me to mention (since I’m full of useless information) the Amish tv shows on cable (I’ve never watched- just know that they exist).  Maureen (prospect) had no idea such a thing existed, and suggested that it warranted mention in today’s Thoughts. So, if you want to watch Amish reality tv, now you can.  

 

Something About…

 

Upper Management
I’m somewhat dubious as to the legitimacy of this one, but even if the details have been embellished, it’s a good reminder. We know from experience that executives are often the target for phishers and whalers, and we also know from experience that they (the execs) are the ones most likely to skip security awareness training because they think they know everything. Finally, we also know that executives are the ones most likely to click a bad link or provide a password as they rush to get many things done at once.  This is a great example of an exec who just doesn’t get it…

 

Financial Modeling
So, the Financial Modeling World Championships are an actual thing, and they took place last weekend.  The competitors are ranked, and the finals were live streamed.  Care to try your hand?  Sample challenges are available.

  

 

TSA PreCheck

This new phish aimed at TSA PreCheck users was discovered a few weeks back, but just now made it to my inbox.  Evidently, the email and corresponding website are of pretty high quality, and target people with the idea that their PreCheck registrations are up for renewal.  And it’s perfect timing, considering the long airport lines that go with Thanksgiving and Christmas.  As with any of these, it’s always a good bet to check the URL of the website and the email sender’s address.

 

 

TWA

While we’re on the topic of travel, the TWA hotel at JFK Airport in NYC isn’t anything new, having opened a couple of years ago.  But it made its way to my inbox this week so I thought I’d share it, because it’s still pretty cool to see.  And some quick research turned up an article with a few other interesting airport hotels.  The one in Stockholm is much cooler than the place we stayed when flying home from there.  It only had a pool table.  

 

Log4Shell
You may have heard by now about the Log4Shell (or Log4J) vulnerability that has been making the rounds this week.  One piece called it “arguably the most severe vulnerability ever” and it’s effected organizations from The City of Cleveland (through the Kronos payroll system) to the province of Quebec and beyond.  Devices effected may be in the hundreds of millions as the vulnerability is in software developed by many of the biggest firms and used in everything from control systems to consumer electronics and manufacturing. 

You can read Ashton’s response to Log4Shell here.  

 

Strengthening Defenses

Holidays, weekends, and evenings are the most common time for hackers to find their way into networks, primarily because the humans trying to stop them have gone home. That’s one reason that Ashton is rolling out Sophos Managed Threat Response (MTR) across our client base after the first of the year.  This human security operations center will give us actual eyes-on, 24x7x365.  That’s just one of the suggestions (“Increase Operational Vigilance”) put out by CISA in terms of stopping (reducing) threats from state sponsored actors.

 

Groceries

A couple of years back, I read a very interesting book by local (at the time) author Michael Ruhlman, titled ‘Grocery: The Buying and Selling of Food in America’. Much of the story and his research was done through Heinens, which makes the book all the more relatable.

 

Anyhow, I guess I’m interested in the grocery business, as this Instacart 2021 Year in Groceries report jumped out at me from my inbox, this morning. There’s even an interactive tool that you can use to see what the most commonly ordered foods were in 2021, down to the ZIP code level.  In Gates Mills, where I grew up, those items were Spanish onions, beef bones, fresh cut lillies (have to have a nice table setting), English muffins, and fruit spreads (what else do you put on an English muffin?). In Russell, where we live now (well, the data is for South Russell since Russell must be too small), the most commonly ordered items were fruit spreads, honey, bosc pears (yuck), English cucumbers (up there with pears, other than maybe for a Hendricks G&T), and grape tomatoes (we buy plenty of those).  Another stat shows that South Russell ordered more plant-based meat than 98% of the country.  That’s unfortunate and clearly doesn’t include me!

 

This is a really cool tool.  I need to stop looking at it and get back to doing some work.  For those of you who’ve told me you like to read this newsletter with a Friday evening cocktail, you might need to make it two if you get down this rabbit hole tonight!

 

Maximizing Security

SAVE THE DATE! On Wednesday January 19th, two of our engineers will be joined by a Sophos security executive for a panel discussion moderated by David Myers, head of the Data Privacy and Cybersecurity practice at Buckingham, Doolittle, and Burroughs. 

 

Creating a reasonable plan for the data privacy and cybersecurity of your business doesn’t have to be painful. The approach should prioritize high impact activities that are affordable and are non-disruptive to workflow.

 

You can register here.

 

 

 

You’ve made it this far. Yes, I realize that our marketing software likes to change line spacing on me, for no apparent reason.  Sometimes font sizes, too.  It’s all magic, so try not to let it bother you!

 

The Ashton offices are open next week, other than Friday.  That said, I’ll be out Thursday, and I imagine many of you will be as well.  If you need support, you know where to find our engineering team.  If you’re looking for random ideas from my inbox, I think you’ll have to wait until the following week.

 

We’re headed to a Christmas party tonight, and hosting one tomorrow night for a bunch of my wife’s cousins.  When we did this three years ago, none had ever had an Old Fashioned.  I changed that, and know that amongst my other errands tomorrow (before the Browns JV team plays) I need to get bourbon (and rye). The basic recipe for a good Old Fashioned is here, but I use Rabbit Hole rye, Bittermilk #4 bitters, and maple syrup.

 

If you celebrate Christmas, I hope you and your family have a very merry one.  Keep your fingers crossed for lots of snow (it’s not looking good), and enjoy a new Ted Lasso clip while you take a break from shopping and wrapping.

 

 

Jim