Staying Calm in This Storm

During this time of instability and change, a lesson that I learned many years ago keeps coming to mind over and over again. This lesson is all about staying calm when things heat up around us, and the power that remaining calm in stressful situations can bring.

I’m not going to lie, my natural instincts are very reactionary. I used to spend a lot of time in System 1 thinking mode, in other words, automatic and reactionary. I am not afraid to argue opinions with people or to speak out on issues, however I have learned that I tend to get much better results by taking a deep breath and moving to System 2 thinking.

This lesson really cemented itself in my head many years ago when I worked for the US Army. I was in a meeting that none of us wanted to be in and I had news nobody wanted to hear to deliver to some very senior people. The table is reserved for the big wigs. I sat in the ring of chairs lining the walls, not at the table and like the “red shirts” of Star Trek lore, I was waiting to be sacrificed to the lions at the table. When I was called upon, I shared the news with the group. As expected, it was like a bomb went off. People at the table were on their feet yelling and pointing at each other, I kept trying to clarify, but it was going south fast. I felt like a rabbit being eyed by a coyote. That when my colleague nudged me and whispered at me, “Stop talking”.

I did.

In a few seconds, people stopped looking at me, I stopped feeling terrified, and I was able to really listen to the arguments they were having between each other. From that I was able to figure out what they were really upset about and, after they quit throwing chairs at each other WWE style and calmed back down, I was able to address the issues that were at the core of the concerns. Not everyone was happy, but breaking the chain of system 1 thinking by simply following the advice to “stop talking” made all the difference in how things proceeded from there.

I have never forgotten that meeting or the impact that taking a breath and removing myself emotionally from the chaos had on the outcome. We find ourselves in chaos fairly often without even realizing it and if we aren’t careful, our thinking patterns default to instinctual actions. It’s far better if we train ourselves to recognize this shift, take a breath and apply some critical thinking to the issues facing us.

During this time of chaos, I let’s try to slow down a little and breathe. Most of us are feeling the stress of this new, if temporary life is causing us, but before you clean out your 401K or spend $150 on a pack of toilet paper, take that breath and see if it is really the right move or if it is just a reaction.

Finally, lets be kind. That person that is very upset at the supermarket, we don’t know what they are going through or have just gone through. Let’s try to remain calm and understanding as we all get through this together.

A Trip to the ER and Still Waiting for C-19 Results

OK, while I wait for my C-19 test results, Uncle Erich has some time to tell more of the story this morning. My brain is lifting from some of the fog, but I’m still feeling a bit ornery and sarcastic, so be ready for some of that. Honestly, there isn’t much funny in this update, but it might be interesting to see how things are going right now if you need medical help. TLDR: it’s a bit confused.

When I last left the story, I had been nasally assaulted with an insanely long swab that took some samples of what felt like brain tissue and that was sent away for C-19 testing. That happened Tuesday, I’m writing this on Friday and don’t have results yet. I know it takes time, but I’m currently self-isolated from the fam and pets until I hear back.

The “Incident”

So, anyway, let me tell you about Wednesday. I can summarize by saying this, “It sucked”. I’ll tell you why. 

I have sleep apnea and have for many years. That means I use a CPAP machine to keep me breathing at night. Well, Wednesday morning I woke up gasping for breath. I yanked my mask away from my face, was able to breathe, so I restarted the CPAP. My brain was a fuzzy mess, don’t judge what we do in that 1/2 awake time, MKAY?

Fast forward some amount of time, I have no idea how long, and I woke up again, this time tearing the mask off my face gasping, but I still couldn’t really get a breath. I couldn’t speak, but I if I slowed my breathing, I could get some air. I cranked the shower to “Burn your bum off” hot and let the steam relax my chest. It helped.

Having not died, I was happy-ish. It was about this time my wife, who had been sleeping in the living room (I am quarantined to our bedroom/bathroom right now) yelled in and asked me if I was OK. I was honest, and told her I wasn’t and that we should go to the hospital.

Now, I will tell you that the steam helped a lot, so we didn’t do the ambulance route and instead drove to the VA hospital (I’m a disabled vet). We arrived about 3am. I’m not going to lie, I was pretty shaken up. I’ve never felt unable to breathe like that, even through some anaphylactic episodes in the past. I couldn’t cough anything out, it wasn’t like there was just crap in my chest, I just couldn’t breathe. I would have to gues this is what asthma is like. it sucked.

Arriving at the VA hospital, I had my wife go in and let them know that I was awaiting COVID test results while I waited in the car. This was to give them a heads up and it worked out well. They directed us to the ambulance entrance and moved me in, avoiding the waiting room, and in to an isolation room. I was surprised, but they did let my amazing wife in the room with me. My breathing was still a bit rough, but I was doing much better. I will say that most of the rooms in the VA ER were empty, which surprised me.

From here, the med folks suited up in to positive airflow contraptions and proceeded to treat me. It was interesting here because it was fairly obvious that I was one of, if not the, first people with possible C-19 infection they were treating for something like this. It was made obvious as they were trying to figure out how to do things like take a chest X-Ray without infecting the X-Ray lab or the mobile equipment. In the end, they rolled a mobile machine in to the room, but then had to do a full disinfecting when they rolled it back out. 

There were a number of other little things too that they were having to deal with, such as making sure the door was closed completely each time they left and how to deal with the waste products from the needle sticks, etc. 

In the end, we did some flu tests (more huge swabs in my noggin) and strep, both came back negative. They pumped me up with some steroids (pun intended) and about 7am they let me go home with a note that if I started coughing up green crap, to let them or my PCP know and get some antibiotics started.

On a side note, they had me exit via the ambulance bay as I had come in and had my wife go to the pharmacy to pick up the meds they sent home with me. Well, she got me to the car, then when we went to enter the building, the security folks almost wouldn’t let her in to get my meds because she had been near someone that was undergoing testing. They finally relented when she explained that she had just come from the ER. This was another catch-22 that would have to be worked out. Hard to tell someone they had to pick up meds from the pharmacy, then not let them in to get them.

Now things are getting fun

So, fast forward to Thursday morning when I started coughing up green crap now. I woke with my head stuffy and chest congested (but I could breathe at least) and again the wonders of steam in the shower helped. 

It is now Friday and I am still no closer to getting antibiotics and my chest/head stuff is getting worse. I called my PCP, left a message, got a call back and told the receptionist what was going on. She relayed the message to the Nurse Practitioner and called me back saying the NP wouldn’t give me an antibiotic since she had not seen me but offered to have me come on Monday (in 4 days) if I wanted to see them. That whole process of calling, getting called back, relaying messages and calling back again, took about 3.6 hours with no result.

Try number 2 was recontacting the VA. I called the number for the hospital and surprisingly got through to a nurse in less than 30 minutes or so. I recalled the story, told her what the doc had said about green stuff and the next steps. She took the information, said she would relay it and get back to me.

That was yesterday afternoon. Nothing from them yet, although this morning the chest and sinus crap is worse than ever. My chest is really starting to get very sore and I am still no closer to antibiotics.

I have now tried Teladoc again and I am about 1 hour and 15 minutes in to being on hold in the “waiting room”. Here’s to hoping I can get somewhere with the antibiotics soon. 

I’ll keep you updated.

WFH and COVID-19 Testing. What a week so far

So a couple of nights ago, I was feeling pretty crappy, upper respiratory stuff moving from my head to my chest like the shot in the famous “Irish car bomb” drink. I tried to call the Teladoc service, but waited on hold for about an hour and a half before I gave up and just went to bed.  

Why did I decide to call? Well if you know me, you know I travel. I travel a lot. My 2nd car is a 737. In the last few weeks I’ve been to conferences in Washington DC, San Diego, Austin, TX, and other places as well, but the big kicker was RSA in San Fran where 2 people in the booth across from us tested positive. Fan-freaking-tastic, right!

Image from
My 2nd car…
Image from

The fact that I had upper respiratory garbage going on, along with all of the travel, has made me a little touchy about my symptoms. Now, I’ll be honest, I had pretty much all of the symptoms, except the fever. I want to be clear, I didn’t really think I have the C-19 virus running around in me, but the travel has me on edge.

So, back to the story, I woke up Tuesday morning feeling worse, symptoms were one heck of a headache, a head that felt like it was stuffed with about 10lbs too much stuff, and a tight chest with congestion (but still no fever to be seen). What great way to start the morning.

I went ahead and put a call into my primary doc and after an hour or so I
got a call back. I explained the symptoms to the nurse and she said she would check with the doctor. Another hour later the doctor called back said it’s time to get tested.

I called the local Emergency care place, gave them my symptoms and the fact I have had possible contact with someone. They said pack it up and bring it in. I was told that testing was being done in front of the urgent care in a tent as I understand it. Oh joy. At least they aren’t talking rectal temperatures out there in the parking lot (well, that was the hope for sure).

Even though I honestly don’t think I have it, at this point, my anxiety level peaked just with the thought of getting tested for it. This started throwing a whole bunch of what ifs in my head.

Like, what if we really don’t have enough toilet paper? What if Taco Bell is the only option for fast food in the near future (shout out to you Demolition Man), and I still don’t have extra toilet paper? This could be catastrophic. Fear is starting to cloud my vision, along with a strong desire for a Mexican pizza (with extra napkins). It’s at this time that I am really wishing Demolition Man had explained the 3 seashells. I mean it honestly makes sense if all future restaurants are Taco Bell, there would be no trees left, but I digress.

So, I eventually packed my butt in the car (now known as the disease-mobile) and headed to the testing center. When I got there, the tent was being packed away, but there was a table set up outside with some nurses. They had me fill out a questionnaire asking about key reasons for testing, reviewed it and brought me inside to the testing area (Some call it the main waiting room).

It was at this time, a very kind nurse pulled out a swab roughly the size of a toilet brush and proceeded to stuff it up nose until it pretty much hit my brain. At least she apologized during the non-op frontal lobotomy, but hey…

I was told that testing would take 3-5 days as they still had to ship the samples to California, given a lovely paper on how I was not allowed around anyone, not even my pets. Great I thought, that sample goes right back to the state that likely got me in to this mess. Oh well. I headed back to the disease-mobile and proceeded to drive my self home once my eyes uncrossed from the swabbing.

I have now self-isolated and taken over our bedroom and bathroom. My wife and pets have moved out of the room and left me do lanquish with only my 32″ TV, steaming services, computers, phone and hand-delivered meals to keep me company. First world problems, right? As in intorvert though, I have trained for this my whole life, so I think I will be OK.

I will continue with future updates very soon.

So, You Are a Tech Manager Now…

** I want to start by saying that this is nowhere near a comprehensive list of things that can help you better manage, but simply a sharing of my personal experience and meant to help people step back and think about things a bit. **


So, now you’re a manager. You got that promotion that you probably either dreaded or worked very hard for. The question is, what now? Your whole career you’ve been a tech guy and now all of a sudden you’re a manager. First thing to remember is, don’t panic! (and perhaps carry a towel just in case)

While this can be a very spooky time, it’s also a great step in your career. You are going to have to look at things a little differently though. For one, instead of waiting for somebody to tell you what to do, you’re going to have to do the telling. That means now, all of a sudden, you are responsible for figuring out what needs to be done and assigning someone to the task. This may be new to you, but if you keep a cool head, it’s not that bad.  Remember that when you’re in management, the responsibility falls to you. You can delegate the work, but you are still responsible for the results.



Being in management means looking at the big picture. You need to understand what it really cost per unit of XYZ, and you are going to need to start thinking about how much available labor you have versus how much you need to spend. It’s like budgeting with money, only with time instead.

Something to remember here is that unlike money, where a dollar is worth a dollar, labor varies in its value. Some folks are 85% efficient, others hover around 12%, some can even cause an efficiency/oxygen deficit by dragging others down (<- we all know that person, right?). Labor is generally referred to in a unit of measure called an FTE (Full Time Equivalent) which we consider to be a body working 40 hours per week. Don’t ever try to calculate projects based on straight FTEs though as this can result in much wailing and gnashing of teeth. You have to remember that just because a person is burning oxygen for 40 hours a week, they are not producing 40 hours worth of work. On the flip side, sometimes a person can be working on 2 things at once that overlap, so you have to consider that. For example, if it takes 2 hours to image a workstation, you can figure that much of that time can be spent doing something else while data copies, so it may only take .5 FTEs (30 minutes of actual labor) to do the job.


When it comes to financial planning, if you are going to have a budget or be a part of budget planning, learn about the difference between CAPEX and OPEX. Understand that in the technical word, a lot of CAPEX also requires significant OPEX. Likewise, you can move some CAPEX expenses to OPEX, for example by moving to that cloud thingie that is so popular with you youngsters.



Another hurdle you may face is a different language used by leadership. They tend to speaking dollarese where we speak in techenese. In a truly cruel irony of the universe, these two languages have very little in common, and those words that are similar in pronunciation, mean polar opposite things. This can lead to anything from minor misunderstandings to World Wars.  To get a handle on this I recommend you spend a little time with some online management courses, maybe somewhere like, that can help you understand management basics and semantics.



This can be truly difficult if you were promoted from within the ranks. You may be dealing with folks that are jealous that they did not get the promotion, folks that were peers that you did not get along with, or even the feeling that you “sold out” to management. Regardless, you have to change the relationship. This doesn’t mean you can’t be friends, but what that means will probably need to change how the friendship operates or is perceived. The days of partying after work with the team, sleeping in the parking garage and coming to work to hear stories that start with, “I can’t believe you did that!” are over. If that’s what you want, resign your leadership role now.


The best advice I can give when it comes to becoming a manager is to be humble, but firm. You are there to help the people you manage succeed and grow, and make the business a success. This is not about power, it’s not about bossing people around, it’s not about you, it’s about leading. That means getting your hands dirty as well and not just giving all the garbage jobs to the team. On the flip side, that does not mean you should do everything yourself. You have to allow others to do new things so they can grow, but don’t try to use them as your personal slaves. This may take some practice, but if you are honest with your team and humble about your role, people tend to respond well. You may have some folks push boundaries, this is normal as they figure out where your limits are. Don’t take this personally, listen to their suggestions, consider the argument, but remain firm in your decisions unless there is a compelling reason to change.


There are other things you may not have had to do, such as performance reviews for your old team members. This gets a little weird when you are managing people that you used to be peers with. It may not be easy, but this is one place where you really earn the title of manager. You may find yourself reviewing a person that you don’t like personally. Set the personal issues aside and judge them on the job requirements. It’s not always easy to do, but just because they shared that embarrassing picture from the Christmas party after a few too many eggnogs, it doesn’t mean they aren’t great at the job. You need to be honest about it and fair to everyone. Don’t be afraid to say, “Tom, we haven’t always got along, but you are a great here.”


Check Your Pride at the Door

Embrace feedback from your leadership and your team as well. Be open to criticism and be willing to learn from it. You are doing something new and uncomfortable and you will make some mistakes along the way. Mistakes are OK if you own the goof up, learn from it and don’t repeat it. Apply this to your team members as well.


Dress Code

I decided to add this after just having lunch with a friend. You might need to dress differently. Embrace it, love it, live it and SUIT UP!  😀





You are responsible for people now, and you will need to act like it. Embrace the personal and professional growth, get serious about things and enjoy seeing your team grow. It will grow on you, and one of the most rewarding things I have ever experienced is watching a person I led excel in their career and personal life.




Erich’s “What in the (cyber security) world is going on?” 12-29-16 edition

2016 Isn’t done with us yet

Screw 2016. That’s kind of what I’m feeling. I’m about tired of people passing away this year. The latest celebs are George Michael, Carrie Fisher, Richard Adams and Debbie Reynolds were all lost this week. Even closer to home is the wife of a person I have a lot of respect for, Jack Daniel, who lost his wife of 37 years on Tuesday. I cannot begin to imagine the pain and sadness the close friends and family of all of these people are feeling. I am praying for their peace as they go through these tough times.

I’m going to do something a little crazy

I’m going to run for a spot on the (ISC)2 Board of Directors in 2017. I worked for them for a couple of years as an advocate for the membership, among other things, and I still feel strongly about trying to help folks that carry the CISSP and other (ISC)2 certs so I’m going to make a run at it. I will need 500 emailed petitions be on the election slate. If you are an (ISC)2 member, please check out this link and help me out. It only takes a minute. Thanks

Disk-Killer Malware Adds Ransomware Feature And Charges 220 Bitcoins

Ouch! Your machine is infected by an email attachment. Now it encrypts the snot out of it, and exfiltrates data. I made a call earlier that I expected to see this sort of behavior, but I didn’t expect this kind of price tag. The back story is fascinating as it has evolved from ICS and SCADA attacks. This is worth reading.


Makes my neck hurt looking at it

Android ransomware hits a Smart TV

So, this poor souls family got hit with ransomware on their TV and are not happy about it. It seems LG won’t give him the process for a factory reset, and there is some talk about a charge for support. It’s an old set, still running Android, and it would almost certainly need to be sideloaded or rooted to install a 3rd party .apk. I’m not sure what I think about this as they say, “they downloaded an app to watch a movie. Halfway thru movie, tv froze. Now boots to this”. Now, call me crazy, but I have to wonder if the app was something called “Codec.apk” or something similar, and perhaps if the movie they were watching was um… not from trusted channels. Fact is kids, if you DL pirated movies, you might just be opening yourself up to something like this. Not sure if LG has a way for a user to fix this if it really encrypted the file system. Factory reset doesn’t help if the source is encrypted. Just sayin. I do wish there was more info out there, but I think we have heard the last of this.

New iTunes Phishing Emails on the Rise

Watch out for iTunes invoices bearing… attachments or links. If you get an email saying you paid $45 for the Netflix app or $25 for a song (not even a Kanye song is worth that!), don’t click the link. Instead, go directly to iTunes (no really, this link is legit, I promise!) and check your account from there.

How does she have that many followers and I only have about 150?

A Britney Spears Twitter account was hacked

It was an account controlled by her record label and has about 614,000 followers. Since the hackers did this at about 5:00am Eastern Time, nobody seemed to notice. I’m guessing most of the people that still listen to here were still sleeping off a bender at that time of day. Since all of the hacked tweets were gone by 9am, it practically didn’t happen.

Bitcoin hit over $930

That’s a lot for a unicorn/vapor cyber currency. Maybe I’m just old, but I’m not even sure how I feel about this, but I’m done talking about this imaginary money.

Erich’s “What in the (cyber security) world is going on?” 12-09-16 edition

Ok, I’m moving these updates to Fridays. Mondays are just, well, Mondays. If you are new to my posts, basically it’s a recap of some key infosec happenings in the past week. Having said that, let’s move ahead:

Infect 2 Others and Get Your Ransomed Files Back Free!

I posted about this earlier today, but the summary is that the jackholes that created the Popcorn Time ransomware strain are offering to decrypt your files free if you just get 2 more people infected and they pay the ransom. It looks like there will be an option to have the software start deleting files if 4
incorrect decryption keys are tried as well. This appears to be a proof of concept at this point, but these often end up in the wild once they get a buyer. I hope they die a slow festering death in the pits of an Alabama outhouse. This video sums up my feelings for these folks: Hanging’s too good for him…


Legal raids in five countries seize botnet servers, sinkhole 800,000+ domains… and then they release the leader who disappears. 

So, after taking down the largest malware/phishing ring in recent history, a judge in the city of Poltava, Ukraine released the leader because the prosecutor forget to mention that during the arrest, the leader shot at the cops, including popping a round through the front door. Without that little detail, and the associated “attempted murder of a police officer” charge, he got to walk. In a shocking turn of events, Kapkanov disappeared just as quickly as the Poltava’s prosecutor’s career.

3.2M home routers seized via malicious firmware update

A hacker by the name of BestBuy claims to have used a Mirai botnet to infect 3.2 million home routers on the TalkTalk and Post Office networks. I haven’t heard of any independently confirmed reports of routers actually being infected, but they may not be easy to identify. In the words of security researcher Darren Martyn, “What they just pulled is shenanigans of the highest quality”


US Navy Admits To Data Breach, 130,000 Exposed

Yeah, the US Navy exposed info for 130,000 current and previous sailors.  Wonderful. If I’m one of them, I’ll just put it in the stack of other notifications from the government. Maybe I’ll put it right next to my OPM notification.



Ransomware suspect Pornopoker nabbed in Russia

Let’s hope they don’t screw up and release him as well, although he doesn’t seem to be near the same level as Kapkanov above. He was nabbed while returning from Thailand.


Infect 2 Others and Get Your Ransomed Files Back Free!

What a great deal from the writers of “Popcorn Time”. If you just infect 2 other people and they pay the ransom, you can get your files back free.  Indicators also show that there may also be a provision where if you enter an incorrect decryption key more than 4 times, it starts killing your files.  I would love to get ahold of some of these folks and plug their toenails out with with rusty pliers. This video clip pretty much sums up how I feel about these vermin…

New Approach to the Same-Ol Phishing Emails

This is an interesting way to try to get folks to open malicious documents. I really like the macro warning screen angle they use on this. It’s designed to get you to click the button to enable the macro when it’s opened. They also make the email look like you are being brought in to an existing conversation. Pretty slick.

Check it all out at:





The People Factor: Dealing With Non-Tech Users in a Tech-Heavy World

Me as a Child
Me as a Child

As a tech person, I am pretty comfortable with tech things. My mind works in such a way that I can understand most gadgets and technology with a minimum of effort. I can almost literally picture the mechanics (or electronics) behind the functioning of stuff. It comes very naturally to me. What i have discovered in my years of living in tech is, not everyone sees things the same way as me. I know it’s a fundamental thing, very simple in retrospect, but it has been, and continues to be, a blind spot for me. I have to work to remember this when dealing with non-techies, or I can easily get frustrated.

If you look around, you can see the world being enveloped in tech. VR is going mainstream, we carry around pocket computers that also happen to make phone calls, our cars are rolling, digitally controlled entertainment systems. Some of us embrace and dare I say, enjoy, it. But what about those that do not?

These poor folks are having a heck of a time. Their families, especially the younger ones, are communicating at the speed of light, often times through push communications such as twitter, instagram, etc. Then there is email… so many emails! Gone are the days of licking a stamp and spending $ to communicate with people, now it’s free and every marketer on the planet is sending emails about by the 1000’s without spending a penny on postage. These poor non-tech folks are getting inundated by emails. To compound the problem, the scammers are out there in force as well, filling up the folks email account with scams, malicious links and attachments. These folks are also some of your users.

These folks are fatigued by tech, and now it’s hitting them hard in the workplace as well. Emails require almost immediate response, IM is becoming a productivity tool and the business world is

 Rubber, Road, Disaster

running at 100 miles an hour. Those same scammers are hard at work here too, only in this case, there is a feeling that they can’t ignore emails like they might in a personal email account. What if it really is an order or a customer service issue? This is the point where potentially disastrous decisions are made. Where the rubber meets the road, if you will.

So what do we do about it? Well, we need to show some empathy to start. While they may not have tech skills, hopefully they have

some other skills that keep them employed. Don’t look down your nose at luddites, it’s just a person with a different set of priorities. We also need to understand that it is our job as security professionals to reduce this risk and own the responsibility. If these folks are falling for phishing, we need to fix it, and we are responsible for teaching them good practices.

Once we own the problem, we can begin to address it. Here are 5 things you can do to be successful:

  1. Be patient. Non-tech folks don’t always have the basic tech skills and experience that we take for granted.
  2. Be positive. These folks are probably a little intimidated by what you are trying to teach them. Encourage them when they do well, but be kind if they mess up.
  3. Give them training and tools. Good awareness training and something as simple as a printed copy of a reminder like this can pay big dividends.
  4. Make them feel like part of a team. Stress that you are all in this together and part of something bigger than the individual
  5. Smile. Remember to smile, especially when teaching them new things. This will put them at ease and build confidence.

If you do these 5 things, it will go a long way to helping non-tech users embrace their role defending the organization against modern threats like Phishing. Good Luck!