Browsed by
Tag: At the movies

What Jurassic Park taught us about cyber risk

What Jurassic Park taught us about cyber risk

The tl;dr version of this post: don’t forget about the insider threat!

This week I attended the first in a series of three events by the Institution of Civil Engineers entitled Preparing London. This particular event was designed to consider the human threats to infrastructure.

During a talk from Nathan Jones (see this blog on his talk) my mind wandered and wondered…Did Jurassic Park teach me everything I know about cyber risk?

God damn it! I hate this hacker crap!

Ok, so maybe not everything worth knowing about cyber risk is summarised in Jurassic Park, but it’s a useful introduction into what happens when the tables are turned and technology which usually helps keep us safe, becomes the risk.

Everything in Jurassic Park is connected. The electric fences, the lighting in the visitor centre, the locks on the doors. When it’s working as planned, this connectivity helps the park’s management maintain an efficient operation and a positive guest experience.

However, such a complex system requires some centralised control.  Looking at this through a business continuity lens, this is a clear single point of failure. An inherent risk.

This has clear parallels with our modern society and the interdependencies between systems that I’ve talked about previously.

Dennis Nedry exploits his colleagues limited understanding to enact his attack. He uses his tech-savvy advantage to provide cover for him stealing intellectual property, whilst putting lots of people in danger. The ultimate lesson here is that the real monsters aren’t the dinosaurs.

Objects in mirror are closer than they appear.

As well as a light-hearted moment during the dinosaur chase sequence, I think Spielberg also snuck this in as a metaphor for risks manifesting in ways which had not been considered.

Were the Jurassic Park team aware of cyber risk? Yes, there is literally a scene about passwords. I expect a lot of  people assume that a good password is all they need for their IT security.

It’s clear they had also considered other risks, and had taken proactive action to control that risk. Electric fences, professional hunters, CCTV and motion sensors and the attempt at all-female genetic engineering are just some of the risk controls in the film.

But had the team considered the possibility that an employee would want to hold the park to ransom for personal gain? Could they have identified the vulnerability of the computerised control? Could they have done more in advance to protect the systems from malicious attack?

Dennis, our lives are in your hands.

Early in the film there are hints at Nedry’s personal financial difficulties. Later he mumbles to himself about test runs of his embryo heist.

John Hammond, the park owner recognises the power that Nedry has.

There were clearly signals which the team missed and knowledge which is combined, could have allowed an intervention before he got the opportunity to shut down the park.

Clever girl / I know this.

Just as the team hadn’t anticipated an insider threat, Nedry wasn’t expecting a tech-savvy teenager to thwart his plan.

Just when it looks like the raptors will get into the control room, Lex (the park owner’s granddaughter) recognises the Unix system and takes maters into her own hands.

The actual interface may be debatable (in researching (yes, research!) this post I’ve found that it was technically available, but I’m doubtful that a school student would have been aware), but it comes as no surprise that kids have a natural affinity with the technology that adults have to think about.

Side note: Provided the right precautions are in place to prevent unauthorised use, user friendly systems aren’t just a productivity win; they help prevent people finding work-arounds or backdoors.

Life finds a way.

With the ever increasing access to, and pervasiveness of the Internet and smart devices, Jurassic Park remains relevant today.

I’d argue that we’ve already reached a point where complete understanding of system interdependencies is impossible. Our societies and the technologies used are just too complex. However, we can continue to challenge our assumptions, keep our risk assessments grounded in reality and take action in advance to mitigate that risk.

It’s also a reminder that physical and IT security are just parts of the puzzle when it comes to risk management. Solutions are also required, sadly, to prevent against malicious attack by either insiders or outsiders.

It’s also just a really great film!

What did an Emergency Manager think of San Andreas?

What did an Emergency Manager think of San Andreas?

It’s a running theme for me to blog about disaster movies, so here’s my latest installment, after watching San Andreas yesterday evening. CAUTION: contains spoilers!

10409537_763663080395662_6405374869058751228_n

San Andreas (not the most inspired title) see’s Dwayne “The Rock” Johnson as a helicopter rescue pilot go rogue to save his family from the largest earthquake ever recorded.

As disaster films go, it borrows fairly heavily from Emmerich’s standard formula:

  1. Heroic estranged father
  2. Scientist with a grave theory
  3. Early destruction of a landmark (in this case, the ‘bursting’ of the Hoover Dam). This is also the point that the scientist will say something like “we haven’t seen the worst of it yet”
  4. Separate a family
  5. Turn up the destruction to 11
  6. Reunite said family
  7. God Bless America

So although it was forumulaic, how did it rate from the presepctive of an emergency manager?

Earthquake and Tsunami Risk

First up, many of the situations presented in the film could not happen. The San Andreas fault is a strike-slip fault (or more accurately, a transform fault). This means the earth’s tectonic plates are sliding past each other. If they get stuck, pressure is built up, which is released as an earthquake. However, this wouldn’t be the sort of earthquake to open up massive canyons. It would still be destructive, but not in the same way as presented.

Further, the film depicts a tsunami engulfing San Fransisco.

anigif_longform-original-951-1432935592-21

Yes, San Fran has a real tsunami risk and has a warning system in place. However, this wouldn’t be caused by an earthquake with an epicentre on the San Andreas fault as large volumes of water are not vertically displaced when plates slide against each other.

The map below shows, in red, the official ‘tsunami risk zone’, and in blue my illustration of the extent affected in the movie (based on what landmarks were underwater and my very limited geographical knowledge of SF!). As you can see, the film uses more than a pinch of dramatic license!

SFTsunami

Drop, Cover and Hold On

This phrase is actually used, and demonstrated, on a number of occasions by the trusty scientist and his sidekick journalist (who is none other than The Good Wife’s Archie Panjabi).

longform-1027-1432935532-8

Later, The Rock explains what you should do if you can’t find cover. I’ve gotta give them some serious credit for including this, it really is the best thing to do.

CDH

If Kylie Minogue’s character had followed that advice maybe her blink-and-you’ll-miss-her-falling-out-of-a-building cameo would have been avoided.

Casualties and Fatalities

In the film we see Blake (The Rock’s on screen daughter) construct a rudimentary tourniquet to stop bleeding and see The Rock performing CPR. Knowing some very basic first aid can be life saving.

However, one stange thing is that given the scale of the disaster, the movie is notably free of the (presumably) hundreds of thousands of dead bodies. My only explanation for this? That the call to evacuate came just in the nick of time!

Mass Evacuation and Shelter

The usual scenes of highways packed full of cars (and debris) abound, but fortunately our protagonist has access to helicopters, planes and boats to get around such inconvieniences.

This brings me to my main issue with the film, The Rock’s self-deployment. As a Search and Rescue specialist he would have been much more useful assisting the official response, than focusing on his own family. that might sound cold-hearted but, to me, the ethics of emergency management hinge on doing ‘the most for the most’.

But back to evacuation and shelter, when nature runs out of things to throw at the Bay Area, there are some perfunctory scenes of tented villages, and mentions of support from FEMA and the UN. Fact – these tents were supplied by genuine emergency response organisation ShelterBox!

Command and Control

Clearly the producers had been reading up on the UK Joint Emergency Service Interoperability Principles. Whilst the film isn’t about emergency management (for shame!) there were some subtle mentions of emergency services protocols.

Most notably, when Blake steals (yes, it’s resourceful, but it is still stealing!) the fire radio to listen to the “multi agency Tactical Command channel that all areas have for emergencies” which sounds a lot like the multi agency talkgroups on Airwave.

Communications

Whilst the idea of using a landline phone was good, there is an inherent assumption that the physical infrastructure remains intact. Phone lines could have been damaged. I forget what actually happened to her mobile phone, but if possible Blake would have been better sending a text first (less bandwidth so more chance of the message getting through).

Community

Bar the occasional scene of people looking disheveled the film has very little focus on anyone that isn’t The Rock, his ex wife or his daughter.

Certainly in America, we’ve seen communities   come together under their national or local identity (e.g. see post 9/11 response and Boston Strong). However, none of that really featured in this movie.

On the other hand though, there is the ‘classic’ scene of looting, which flies in the face of most evidence from real disasters which suggests pro-social behaviour.

The display of patriotism at the end (where three military helicopters drape a star spangled banner on (what is left of) the Golden Gate Bridge was a touch over the top!

Overall

For all it’s flaws, I enjoyed San Andreas.

It left a slightly bitter aftertaste that most of California had to be destroyed in order to reunite one family, but I appreciate the need for ‘narrative’. However, maybe a better balance could be struck between widespread disaster and micro-level drama?

If you’re a fan of disaster movies head over to Buzzfeed to see if you can match the screengrab to the film!

What If…Blackout?

What If…Blackout?

In February I was approached by a researcher from RawTV about a programme they were making…on Monday the programme they were making, Blackout, aired on Channel 4.

Blackout

The premise: A cyber attack brings down the National Grid, plunging the country into darkness. How would we cope in a nation-wide power cut lasting 5 days?

There are parallels between this and my Anytown project, so I was interested to see how this scenario would be presented, and what messages it might provide about resilience. The few reviews that I have read have criticised the ‘lack of realism’ (mostly the apparent infinite battery life of smartphones and cameras). But I’m willing to forgive a dose of editorial license required to get this into in a prime-time slot.

The first thing which interested me is that Blackout was not presented as fiction. Although this is not the first time that’s been done – the 1938 CBS broadcast of War of the Worlds inspired by the 1926 BBC broadcast of Broadcasting from the Barricades – it adds to the sense of realism. Some clever editing to interweave footage from real events with the drama highlighted that there are typical consequences from all emergencies, and therefore the value of flexible consequence based planning.

Whilst the shaky-cam and histrionics (frankly, terrible acting by Girl in Hospital) did detract slightly I think there were a few take home messages.

Establishing the scale of the disruption

Is this a problem with your fuse box? Is it confined to a couple of houses or your street? Or is it wider than that? The programme showed people reaching for their phones; “My friend on Facebook in London say’s there’s problems there too”, #smem for the masses.

Initial reactions

Viewers were presented with the televisual equivilent of a bullet-point list of immediate consequences and the subsequent public response.

  • No lights – saw people grab for their torches and candles. What I’d have liked to have seen is more explicit reference to wind up torches and some statement on the dangers associated with candle use
  • No airport activity resulting in stranded passengers – the programme didn’t go back to Heathrow after the initial loss of power, it would have been interesting to see the point at which a ‘normal disruption’ to flights starts to have significant consequences
  • No street lights or traffic signals leading to a rise in road traffic collisions, with no ability to control traffic flows, gridlock would build very quickly
  • Problems at crowded places and planned events with resultant public order and safety considerations
  • Inability to heat food and requirement to empty food from freezers – I thought the freezer issue was considered a little bit too early, but the challenges associated with not being able to cook are significant
  • People trapped in lifts (and on the London Eye) – again, not altogether uncommon, for mechanical or localised electrical issues, but becoming a more complex problem to solve in a widespread blackout
  • Mobile phone congestion (and later, disruption) – I didn’t think the factors behind this were particularly well explained in the programme. However, reduced fixed-line telecoms and an inability to dynamically manage mobile networks, this is a definite possibility in a relatively short period of time. Increasingly important as we’ve become much more dependant on mobile phones.
  • No heating – whilst this wouldn’t be a problem in the summer months, during winter it would be unpleasant and would likely result in excess deaths in vulnerable group
  • Commercial and economic impact – as well as the macro-economic impact of this type of event, the impacts at an individual level would also be significant. An inability to pay for goods (not ATMs), combined with an inability to process payments could lead to ‘looting’ (with no fear of recompense as CCTV cameras offline)
  • Drying up fuel stocks – as people jump in their cars and head to Sheffield, they forget that refuelling without power will be problematic, and likley to result in people resorting to questionable methods. I once (legitimately) syphoned petrol from a fuel tank, it didn’t go quite to plan and I got a mouthful of unleaded. The best advice would have been to follow the government advice to “stay in”…or perhaps to travel by bicycle.

The Emergency Planners Paradox

It’s not something that I’ve seen articulated on TV before, but is something that I experience from time to time. Having planned in detail for these events, to have the opportunity to implement those arrangements does bring a degree of satisfaction. Having drained his radiators, assembled his grab-bag and purchased a generator, the middle-class prepper found himself in this situation for some time. By the fourth day however his reserves begin to wane “I thought if a situation like this came about I’d be alright, but I’m finding it quite hard”, from there quickly descending to the lowest common denominator – survival at all costs.

Confidence, Optimism, Teamwork and Fear

Whilst there was little confidence expressed in the government plan, there was an undercurrent of confidence from most characters, trusty old Dunkirk Spirit (which may or may not have exitsted). A clear sense that ‘it’ll be back on tomorrow’ would probably be highly motivating in those circumstances, even if it didn’t turn out to be the case.

There were both positive and negative examples of people working together and emergent behaviour. Naturally the positive examples (such as the family who took in their vulnerable elderly neighbour) are great, but I’m glad the producers didn’t gloss over those who exploit a situation for their own good.

Whilst innovation and improvisation was seen as a key success factor, this was tempered with some characters being highly suspicious of others.  The Telegraph identified the tagged man as a paedophile; I didn’t reach that conclusion, but it was clear that the single mother was suspicious and uncomfortable travelling with him.

In fairness, the programme only hinted at pockets of panic-behaviours, which was reassuring as evidence and expeience shows this is a relatively uncommon response.

Emergency Powers

Whilst the use of temporary emergency legislation is included as an option in the Civil Contingencies Act (2004) there has been no situation since them requiring enactment. It’s quite possible that in a national emergency these powers would be utilised to provide continuity to essential services (where possible), but it’s also likley that their use would face much opposition.

Aftermath

As with the documentaries and movies that go before it, Blackout ended when the lights came back on. Whilst I understand the dramtic need for this, consequences will be more pervasive and long lasting, and from my persepctive, it would have been interesting to compare the rate at which Britan descended into anarchy to the recovery and restoration of normality.

So, that was what I gleaned from Blackout, but how did social media feel? I took to twitter to find out, here’s a snapshot illustrating the range of opinion from cynical to downright confused, but first…a graph, showing that around 26,000 tweets were sent with the hashtag #blackout peaking at 700 tweets per minute around 21:30.

blackouttweets

Facebook Emergency – who you gonna call?

Facebook Emergency – who you gonna call?

How many of your Facebook friends do you think you could call on in an emergency, perhaps to provide you with a bed (or at least a sofa!) for a couple of nights? Complete the 3 question survey!

What’s this all about?

I finally managed to watch The Social Network this weekend. Whilst not the most exciting of films, it provided time to appreciate how much ‘social media’ has changed how many people do things.

As I mentioned previously in my post on the Boston Bombings, I’m no stranger to the digital world and have been instrumental in the implementation of corporate social media presence for two employers – recognising and emphasising the potential benefits for emergency planning and response at an early stage.

I avoid watching the news unless there is a story I’m following, and I can’t remember the last time I read a newspaper (bar a quick flick through the Metro to pass time). In general, my news consumption is now predominantly Twitter and the links it provides to other content.

The average Facebook user has 140-150 friends. To someone who was clambering at the doors to be a member when it was still exclusive to colleges in America, this seems counterintuitive. I believe there are two phenomena at work here:

  1. Simple maths (my favourite kind), as explained in The Anatomy of Facebook and
  2. The changing demographics of Facebook – as older generations embrace it, they potentially have less online friends and therefore reduce the average number of friends?

So back to my survey – how many of your Facebook friends do you think you could call on in an emergency, perhaps to provide you with a bed, or a sofa, for a couple of nights?

I don’t want to prejudice the results of my survey, but here’s my hypothesis…I expect that there are probably 10% of my friends who I wouldn’t feel too uncomfortable in contacting for assistance. Of those, I’m going to guess that 50% are local, given that Facebook is primarily locally clustered.

So for ‘Average Joe’,

  • 140 x 10% = 14 Facebook friends that he can contact
  • 14 x 50% = 7 of which live locally who could help Joe out

Joe could then approach these friends and they could plan together to support each other – what we in the trade call “Community Resilience”.

I’m going to leave the survey open for 2 weeks and then report back on how results compare to my prediction. If you want to leave any thoughts on the rudimentary maths on show here, just pop a comment in the box below.

At the movies: World War Z

At the movies: World War Z

This post needs three caveats. First, I’m by no means a zombie expert. Second, I have not read Max Brooks’ novel, although appreciate the narrative device is dramatically different.

wwz cropped

Finally, at just shy of 1000 words, it turns out I have a lot to say about zombies! My guess is that this stems from a traumatic experience as an 8 year old watching a cannibalism story on BBC’s Crimewatch. I still get the shivers on hearing the theme tune.

Valerie over at Emergency Management suggests that Zombies could be considered a Disaster Preparedness Meme; having appeared on official channels such as the CDC blog.

I’m not sure I’d go as far as to say that we’re in meme territory here, but we’ve certainly got a lot of zombies about at the moment. Here’s my take on what World War Z tells us from a resilience perspective.

Establishing what happened

  • There are several hints throughout that the government (in itself this is interesting, usually it’s a scientist or a conspiracy theorist that the Government don’t take seriously) knew that there was a potential for something significant. This isn’t confirmed in dialogue, but a spattering of lingering looks between government officials provides enough to read between the lines.
  • Despite the disruption to phone networks, we still see traces of international surveillance. Quite why so much of this had to be first hand data collection from Brad is a mystery, but I suppose it’s difficult to dramatise an exchange of emails.

Prior Levels of Preparedness

We begin in the middle of the action – as a result, examples of emergency preparedness are scant, but I did make a few observations

  • That said, there are one or two examples of emergency preparedness. The best example is probably the family in New Jersey who have stockpiled food (and weapons) and have candles on hand for when the power goes off.
  • The film also hints at some of the perils of not being prepared. As new of the outbreak becomes common knowledge, we see supermarkets ransacked – a reminder to have a stockpile at home perhaps?
  • Thankfully for us, the protagonist has a history working with the UN, which stands him in good stead for the rest of the film, adapting to circumstances and being resourceful with equipment

Response

With much of the US Government taken out early on in the film (the film makes a stong mention of the UN – an organisation to which Pitt is connected) it’s down to Brad and dude on the boat to try and save humanity. Whilst this is probably a stretch of the imagination, it reinforces the point of ensuing resilience and sustainability of your own team, an important business continuity consideration.

I did think it was interesting to see cordons being used for containment. There are very few occasions where this is permitted in the UK. However, a double line of police cars is no match for Pitt’s RV, which effectively conveys the lengths people will go to not to be contained.

Unlike other disaster films, there are no casualties. You’re either alive or undead. This means we don’t see too much in the way of how medical facilities cope with a surge in demand.

The Science Part

As is often the way in these films, the young virologist who is confident of finding the solution, manages to accidentally shoot himself. A reminder about the risks associated with a single point of failure.

From soldiers in South Korea, we’re told that that Jerusalem has isolated itself by building a large wall (surely this is a topical reference to Israeli/Palestinian policies? Turns out Al Jazeera made this connection too).  This reminded me to the small Derbyshire village of Eyam, which successful avoided the Plague. Simultaneous infection of cities all over the globe seems a little unlikely. However, real-life experience from H1N1 flu was that many large urban centres identified their first cases within a week of the declaration of an event of international significance.

The 12 second ‘conversion’ from human to zombie is incredibly quick. The timescales and convulsions shown present more like nerve agent exposure than bacteria or virus. Whilst the ‘flocking’ behaviour of zombies toward the source of noise isn’t new, the collective emergent response to form a pyramid of zombies to breach the wall was interesting (and technically not unfeasible).

Communications were a dominant theme in the film. The trusty satellite phone made an appearance; I must have missed the part where they realise that it’s cloudy so it won’t connect, or how Brad was able to recharge his device. I thought perhaps the filmmakers glossed over the true impact that a loss of telecommunications would have. We’re now so used to texting/emailing/tweeting/skype-ing (and yes, even phoning) that the distress caused when these systems are not available would be significant. It seemed overly convenient that the family groups depicted were all together, rather than being separated.

I did think it would be unlikely for a research facility of that nature to store all their ‘deadly’ samples all in the same fridge, but I guess it makes for an easier storyline.

The part that I found hardest to believe (apart from Pitt’s hair) related to the ‘cure’. Let’s give the whole population a disease to ‘camouflage’ ourselves. Whilst giving ourselves disease is nothing new (vaccination) I’d expect it would be more thoroughly assessed before inducing meningitis. Did they consider just using the pathogen as an aftershave? Eau de Ebola? Perhaps they did, but with Brad beard never getting past ‘rugged’ it was difficult to tell how much time was passing.

Other observations

Brad Pitt’s hair. Need I say more?

Whilst he might have had irritating hair, I liked Brad Pitt’s cautiousness. Too often the leading man just goes in all guns blazing. Brad was a (slightly) more considered hero, resourceful and aware that there were no second chances.

Verdict

brain  brain  brain  brain (4 brains)

Final Word: Not a cross bow in sight and another innovative use for duck tape (surely a staple of anyone’s Grab Bag?!)

 

Image Source: Plan B Entertainment

Talking about talking about risk

Talking about talking about risk

Apocalyptic movies are a sucessful genre, 2012 took $769,679,473 at the box office. By my rudimentary maths, working on an average ticket price of £8, this means 64,456,930 people (globally) have seen John Cusack fly a plane through tumbling skyscrapers (if you haven’t there’s a still below). Anyway, what’s the point of this…well, despite movie success, getting the public to appreciate real risks of emergencies is often a challenge.

2012 still

There are a number of reasons for this, not least that the range of heuristics and biases which limit all of our abilities to accurately percieve risk (and which are partly shaped by movies). However, the aspect that I’m focusing on here relates to accessibility, by which I mean the ease of understanding information, not whether it’s available in large print and different languages.

To be clear, I don’t advocating “dumbing down” content, but I do think that there are ways of presenting information which facilitates it’s ease of use. Too often we conceptualise ‘the public’ as abstract dimwits with a reading age of 7 and no ability to have their own thoughts. I firmly oppose this stance and we should remember that “out there” are incredibly inteligent business people, entrepeneurs, professors, doctors and whole swathes of people exposed to complex information on a daily basis.

Having a lead responsibility for risk assessment in London means I spend much of my time thinking about how we can communicate risk information both to professional partners, but also to the public. We’ve certainly seen the Rise of the Infographic over the last couple of years, as shown in the Google Trends graph below. I’m currently playing with some thoughts on how this infographic approach could be used in the context of risk assessment.

Another recent approach that I’ve been trying recently is to avoid sending people directly to a risk register. A 40 page document doesn’t sound like something even I want to read, so why would anyone else? I discovered Prezi about 2 years ago, and have recently developed the presentation below to outline the London Risk Register. It’s already had nearly 1000 views, which is significantly more than the number of hits the London Risk Register has recieved. I’m not saying that’s an indicator of sucessful risk communication, but perhaps it indicates that proving risk information in a non traditional ways (by which I mean, not a document) is preferable?

Take a look, what do you think? Is this a more convienient way, for the public and community, to recieve risk information? Does it break down any of the barriers associated with traditional methods, or are people just interested in the novelty of Prezi’s zooming?

Image Credit: Columbia Pictures

Resilience at the movies

Resilience at the movies

I didn’t realise it until I started this blog, but it appears that I have an affinity for the Disaster Movie.

I’ve developed this list of Disaster Movies and will be bringing you my thoughts on disaster films from a professional perspective (it’s based on a list I found here, and as you’ll see, it’s very much a work in progress!). I’m not setting myself any objectives here – I’ll just do this as and when, and based on which movies I can get my hands on. Check the ‘At the movies’ category for all relevant blog posts.

disaster movie picture

What am I hoping this will reveal? Well, there are already numerous studies of Disaster Movies from other perspectives (cinematography, feminism etc) – but as far as I’m aware, there hasn’t been a professional Emergency Management approach previously. So, my intention will be to compare what I know and have experience of, with what is portrayed on the big (or little) screen.

Obviously Hollywood likes to embellish fact with a good story; I understand that we’re not, unless explicitly stated, watching documentaries here. Nevertheless, for most of us (in the UK at least) our exposure to disasters is infrequent, so perhaps the disaster movie can serve as a learning experience – perhaps for the public, but perhaps also for the response community. Maybe once I’ve worked my way through the list I’ll have uncovered a lot more!

It’s going to take some time, and I expect I won’t be able to get through all of the films listed. I’ve already provided my analysis of 2012s The Impossible and I watched Source Code this weekend so will bring you that one soon too.

So there we have it, my intention for the first ‘running theme’ of this blog. If you have any suggestions on films you’d like reviewed – what was the professional message from Snakes on a Plane perhaps – then drop me a comment below or on twitter.

Oh, and the image is my rudimentary analysis of the categories of disaster film by year – I’m going to do a bit more work on this and come back with some more meaningful and insightful analysis, so for now, it’s just a nice picture!