Learning More Through Exercise

In the 1990s studies confirmed what many people had asserted for decades, that our brain had an autopilot mode. To explore this hypothesis, researchers used fMRI brain scans to test this theory. They had some participants play a well-known card game with a full understanding of the rules, while they had other participants play an unfamiliar card game where the researchers did not define the rules. The second group was left to figure out the card game as they played.

During their research they found the latter group showed signs of using parts of their brain associated with learning, with much of their brain showing active as they figured out the game as they played. The former group, being familiar with the game and rules, showed decreased activity in the brain overall, with the activity demonstrated in the study aligning with an activity pattern known as the default mode network (DMN).

This default mode network is commonly referred to as the autopilot part of our brains. This is also the part of the brain that is active during activities such as meditation. It is the portion of the brain that allows us to efficiently multitask while doing other simple tasks such as walking, running, sitting, driving, and even showering. Anything with which we are already familiar, have fully internalized, or can perform through “muscle memory”, relies on the default mode network insider our brain.

Many of us get comfortable with what we do everyday; therefore, most of our routine is performed by utilizing our default mode network. Our brains want to put us into a routine any chance it can get to conserve energy. Our brains will do everything in their power to simplify anything we do so it can then set that activity on autopilot. This is demonstrated best with small children.

When a child is first learning to walk it requires concentrated effort of will. A child will fall repeatedly as its brain struggles to keep everything in balance while maintaining a forward momentum. Eventually, over the course of only a few months, the child’s brain will become increasingly efficient at the once impossible task of walking. Soon, the child’s brain becomes so efficient at walking that the child pushes to explore running, which is the natural progression of walking.

The key is, the child only grows by stepping out of its comfort zone of sitting up and crawling. Like the child, we too can use these techniques to grow and expand our abilities and ideas. There is a good chance we are all comfortable, our brains have put as many things as possible on autopilot, and we are just flying through life looking for casual enjoyment. The seat belt lights are off and we feel safe to move about in the regiment of our daily routine. That is no place for growth.

If growth only happens outside of our comfort zone, one of the easiest ways to step out of that comfort zone is through exercise. New exercises, especially, will push you to move in ways for which your brain may not have a preprogrammed flight path. You have probably never found yourself doing a burpee while standing in a check-out line at your local grocery story or pressing out a set of tricep extensions on your drive to work. If you have, we may need to talk. (Feel free to leave a comment!)

Beyond removing you from your comfort zone, exercise has many different paths for personal development if done correctly. It requires an almost Zen-like approach when you focus on the exercise being performed. Taking this focused approach will further force your brain to abandon its default mode network circuitry and begin the phase of learning something new. That sense of learning will spill over into other parts of your life.

You will find yourself breaking old habits in life and at work, discovering new solutions to old problems, and becoming comfortable with being uncomfortable. It will inspire a new sense of confidence in your mind as you see changes in your body from hard work and renew your sense of accomplishment in the tasks you do everyday. The benefits are only limited by the amount of change you allow into your life.

Although we evolved with the default mode network portion of our brain intact, which helped us survive in times of famine and need, today it only seems to hinder our ability to grow. It is something that has served us well and we must respect it in its ability to make us more efficient, but it is also something we must fight, unless we become complacent and stagnant. Step out of your comfort zone and be committed to your reason for doing so.

Autopilot disengaged.

How Much Does a Data Breach Cost?

There was another big data breach in the news today. Did you see it?

All of the reports said hundreds of millions of records were stolen. They all gloss over the details with the same cold, ruthless efficiency they use to tell us about how well the stock market performed. They said emails, passwords, social security numbers, and medical records were all taken. Then, just as soon as the report aired, it ended. That was it. We can now all now go on about our daily lives again like nothing ever happened. 

But, you and I, we know the real story.

We know that thousands of people have their identities stolen each day, even children who have never had a line of credit. That will make an interesting present for their 18th birthday. We know that email an elderly woman received impersonating her doctor was not a random event—it was a targeted attack. We know those precious pictures of a newborn baby that now sit encrypted on a hard drive are priceless, no matter how much a bitcoin costs. We know that picking up the pieces of a life that was shattered due to the negligence of a company that failed to do the right thing is the hardest thing someone can face alone. We know that behind every data breach lies the potential to further weaken our trust in institutions, a cornerstone on which our economy is built.

That is why we wake up each morning and do what we do. It is our job to help keep any one of these stories from happening to the people we serve. All of whom are our neighbors, friends, family members, and fellow citizens. We defend their sensitive data from the criminal intent that would erode the foundation of our society and watch us all crumble for malicious gain.

We know that a breach is not about how many records were stolen or how many files were encrypted, it is instead about how many lives were adversely affected and how much we all stand to lose in the end. 

We stand together, proud to be Information Security professionals. It is not just a job. It is a calling.

How to Enable Security

Security is not about saying “no”…

As an Information Security professional, we often find ourselves saying “no” to a lot of ideas and proposals.

  • “The business wants to purchase a new piece of software to house customer data after only the first demo.” No.
  • “Making me a local admin would allow me to do my job with less hassle.” No.
  • “I want to use Dropbox to store my company files so I can access them at home.” No.
  • “Can we open port 3389 so I can access the servers from home?” No.
  • “The CEO wants to store data in the cloud.” No.

There are times when saying “no” is easier and faster, but “no” is not a solution. The problem is, the word “no” is a barrier. Often times the Information Security department gets a bad reputation inside of lot of companies because it is seen as a place where ideas go to die. Once this reputation is earned it is hard to convince the business otherwise, but it is possible.

Say “how” instead

As professionals we should not be looking to say “no” to everything. Instead, we should start a dialog and find a way to say “how”. If an idea is presented, especially from upper management, there is often a good chance it is valid and already has momentum. All of the examples listed above are reasonable: initial demos can be very convincing; access to the infrastructure outside of the network can make a Work From Home program a possibility; and putting data in the cloud can be cost effective. More over, there are ways to accomplish these ideas and implement them securely.

It must be kept in mind that new ideas are rough around the edges and fragile. It takes a lot of time, energy, and dedication to keep an idea alive, so any negativity could be seen as confrontational and taken personally. When a proposal first arises, an Information Security professional must participate in early discussions and help their company pursue the idea with security in mind. An new proposal can easily be shaped and molded early on, unlike a proposal that has been discussed with others and then the Information Security department is involved later in the process. It comes back to the adage that security should be built-in from the start. From this perspective, the Information Security department becomes a very integral piece of the business and not just a function of its daily operations.

Information Security should enable the business, as Dr. Eric Cole always reminds us. This means getting involved early, finding viable solutions to tough problems, and staying involved. Slowly, the business will gain confidence in the Information Security department, fostered through cooperation, and the department will flourish. Because Information Security is about much more than configuring firewalls, monitoring logs, and finding new vulnerabilities, it is about helping the business become secure, grow, and operate.