Adam Caudill

Security Leader, Researcher, Developer, Writer, & Photographer

  • AI: Art Without Expression?

    Generative AI1 is changing the world, and is doing so faster than most of us could realise. While I don’t share the fear that it’ll destroy humanity (something we’re doing quite well at, without help), I do see that it’s having an impact on how we work, how we interact, and will have a growing impact on what jobs survive into the next generation. Just as switchboard operators, pin setters, and lift operators are all essentially extinct today, advances in technology will steadily eliminate some jobs, while creating new ones.

    Read more…

  • On Productivity

    Productivity and efficiency have been passions of mine from a young age, I’m not sure why, but achieving as much as possible, as quickly and efficiently as possible has always driven much of my thoughts, actions, and plans. I was around 10 years old when I learned that there were people that specialised in worker productivity, which led me to researching process design, why restaurants are setup the way they are, the psychology of work and motivation, and a variety of other related topics.

    Read more…

  • Taking Responsibility for the Spotlight

    On sharing the spotlight with those that need the opportunity more

    Today, something happened that made me think carefully about my platform, my time in the spotlight, and how to best leverage my position to help others. Hopefully, you’ll find this to be thought-provoking and consider your own position and how it can be used. Your Platform & Your Responsibility As a leader, there’s an undeniable responsibility to help others. This may mean being a mentor to someone just joining the industry, or giving opportunities to someone that would otherwise not get the break they need.

    Read more…

  • Communicating With Respect

    On communicating in a respectful, open, honest, and empathetic manner

    Communication can be a real challenge; working across cultures, backgrounds, experiences, and perspectives can result in different interpretations — and this is under the best of circumstances. However, when it’s written communication, the challenge is multiplied due to the lack of feedback cues from facial expressions, body language, and the like. These challenges make it exceedingly easy to create a situation where what a person hears is entirely different from what the speaker (or writer) intended.

    Read more…

  • On Software Subscriptions

    A look at why subscriptions deliver more value to users, the tools I'm in love with today, and why this shift is happening

    Like many in this field, I am always looking for ways to improve my workflow, improve my productivity, achieve more. Part of this is evaluating new tools that help me get work done, tools that become critical to my process. While looking at something that could be useful, I had a startling realization — but there are a couple of things I’d like to cover first. Supporting What You Love I always try to pay for things that make my life better and support businesses that give me real value.

    Read more…

  • Win by Building for Failure

    Systems fail; it doesn’t matter what the system is. Something will fail sooner or later. When you design a system, are you focused on the happy path, or are you building with the possibility of failure in mind? If you suffered a data breach tomorrow, what would the impact be? Does the system prevent loss by design, or does it just fall apart? Can you easily minimize loss and damage, or would an attacker have free rein once they get in?

    Read more…

  • Parasitic & Symbiotic Business Models

    Does your business model thrive as your customer thrives, or does it drain the life from your customers? After a recent1 conversation on the impact of improved privacy tools (i.e., the eventual elimination of third-party tracking cookies), I realized that the most significant effect of these improvements would be to companies with a parasitic business model. A business model which I see no problem in disrupting. For many years, the web has existed as an advertiser’s dream2 — minimal privacy limitations, technical controls that had little impact, and a strong lobbying arm that has been able to derail many efforts to improve the situation.

    Read more…

  • Declaring War on Ransomware

    It’s time for everyone from the industry, developers, and the government to declare war on ransomware and make it as hard as possible for them to ply their insidious trade. There have been false starts and baby steps, diligent fighters without enough resources, and vendors that have only given a nod to the issue. It’s time to use every tool reasonably available to stop this scourge. For so many in the industry that have dedicated so much of their time and effort to this fight, this statement may seem to diminish their efforts, but that is not my intent.

    Read more…

  • On Automatic Updates and Supply Chain Attacks

    Once again, a supply chain attack is in the news; this time, it’s a ransomware attack against Kaseya which has impacted hundreds if not thousands of businesses. According to Kevin Beaumont, the attackers used a 0day vulnerability in the Kaseya VSA appliance to deploy a fake update to all systems it managed; that update is actually the REvil ransomware. As this is a VSA is used by Managed Service Providers (MSPs), this resulted in an attack not just on the MSPs but also their customers.

    Read more…

  • Crew Resource Management for Security Teams

    Over the last year or so, I’ve become quite a fan of Air Disasters, a television show dedicated to analyzing plane crashes and similar incidents. As I watched the show, I started seeing many ways that the lessons and procedures around aircraft safety also apply to running a security team; this valuable and hard-won wisdom, often born out of tragedy, can be of significant impact if appropriately applied. In this article, I will explore Crew Resource Management and how it can be applied to Information Security to make teams run better.

    Read more…