Monthly Archives: March 2015

Curt Schilling pushes Twitter to turning point

Bob Sullivan

Bob Sullivan

I spent a year studying English Common law in college, and here’s the only thing I really remember: Law exists to prevent mob rule. It only survives when it’s considered effective by the masses. If it’s not, people start taking the law into their own hands.  This is the precipice on which Twitter dangles right now.

You probably heard about former major league baseball player Curt Schilling going all Wild West on jerks who harassed his daughter on Twitter.  I’m fine with what he did; in fact, I think it’s great.  It’s time people realized there are consequences for the stupid, vile things they say online.  It’s high time — past time — we cleaned up the neighborhood. I believe in free speech as much as the next Internet geek, but it’s also time the Internet grew up.  Folks like those who said God-awful things to Schilling’s daughter need to be kicked out of the bar, pronto, and forced to live with the consequences of what they’ve done.

Now, you can all expect a bunch of other folks to follow suit, with varying results, of course.  Curt Schilling can get justice — not to mention, protection from any potential response — because he’s famous.  You probably can’t.

That’s why this is Twitter’s problem.  After all, it’s their bar.  As a refresher course in free speech law, the government can’t make a law preventing you from saying things in public. A company sure as heck can do that with its private property.  You have no Founding Fathers-given right to be vile on Twitter.

I do appreciate the lovely parlor banter about chilling discussion and people’s rights to be assh**s, but save that for college, please. If you are an adult, you owe it to yourself to read the kinds of Tweets directed at people like Anita Sarkeesian, who campaigns against violence in video games. I won’t display them here — but however vile you imagine they are, triple that.    Click that link to see a Mother Jones story which describes 157 “hate Tweets” she received in a single week. They are enough to snap anyone out of a philosophy-induced haze about free speech and social media.

So I was delighted recently when a leaked memo seemed to suggest that Twitter management was starting to get it.

“We suck at dealing with abuse and trolls on the platform and we’ve sucked at it for years. It’s no secret and the rest of the world talks about it every day. We lose core user after core user by not addressing simple trolling issues that they face every day,” CEO Dick Costolo wrote in an internal memo that was published on The Verge last month. ” I’m frankly ashamed of how poorly we’ve dealt with this issue during my tenure as CEO. It’s absurd. There’s no excuse for it. ”

He then promised to start kicking users off Twitter “right and left” for mishbehaving. The Electronic Frontier Foundation, which also cheered the general message, paused on that last part. calling it a “dangerous sentiment.”  I know, that’s what the EFF has to say, and I’m glad they are saying it. But enough is enough.

Creeps are running circles around decent people while we continue the collegiate debate here. I’m ready to give Twitter the right to kick people off the service right and left, with a very big IF.  IF it doesn’t try to do this on the cheap, and IF it’s very transparent.

The real problem here is money, as it always is.  Here’s a brief history lesson. Back when eBay was just about the only profitable firm on the Internet, it had a massive problem that threatened its very survival.  Fraud was rampant. In some categories, such as expensive electronics, roughly half of all listings were fraudulent. After repeating the usual Internet BS about community policing (which is really discount policing), eBay finally got serious and hired a huge team of fraud fighters — human beings — who put in the heavy lifting of reviewing listings by hand and cleaning up their neighborhood.

Twitter has to do this. It’s not only the right thing to do, it’s absolutely critical for its survival. In fact, it’s critical for the entire spirit of social media and perhaps the Internet itself.  Twitter needs to grow up, grow a pair, and start investing in decency. What’s that you say, it’s not “scale-able?”  When then just turn off the lights. It’s your bar. It’s your job to keep it safe.  What we don’t want is a world of random justice doled out by Curt Schilling.

Why? Because Twitter can do this in a transparent, reasonable way.  We all know some of these things will be tough calls.  What is trolling and what is hate speech?  Trolls say crap just to start angry discussions. People who fall for their tactics kind of get what they deserve.  Hate speech is threatening.  Yes, there are gray lines. A computer will never do a good job of figuring that out.  But let’s get real — there is no confusion about the kinds of Tweets Sarkeesian often gets. Twitter did recently release improved tools for reporting problems, but we’ll see if there are improvements to response time. It shouldn’t take longer than a few minutes to get them removed. When there is a “false positive,” as there will be, Twitter should have a very prompt process for appeal.  Right now, complaints often go to black holes, and the creeps know this, and take advantage of it.  That’s the real problem, Twitter.

Your move. A million Curt Schillings are watching.

Sign up for Bob Sullivan’s free email newsletter.


Seven megatrends that will impact cybersecurity

Larry Ponemon

Larry Ponemon

We are pleased to present the findings of the 2015 Global Megatrends in Cybersecurity, sponsored by Raytheon. The purpose of this research is to understand the big trends or changes that will impact the security posture of organizations in both the public and private sector in the next three years. Moreover, the study looks at the next generation of protocols and practices as the cybersecurity field evolves and matures.

We surveyed 1,006 senior-level information technology and information technology security leaders (hereafter referred to as respondent) in the US, UK/Europe and Middle East/North Africa (MENA) who are familiar with their organizations’ cybersecurity strategies.

The research covered a range of trends related to an organization’s ability to protect itself from
cyber threats and attacks. Some of the areas addressed in this report are: the critical disconnect
between CISOs and senior leadership, insider negligence, the Internet of Things, adoption of new technologies such as big data analytics, predictions of increases in nation state attacks and
advanced persistent threats and the dearth of cyber talent.

Based on the findings of the research, there are seven mega trends that will significantly impact
the cybersecurity posture of organizations in the following areas: disruptive technologies, cyber
crime, cost of compliance, the human factor, organizational and governance factors and enabling security technologies. Following is a summary of these seven mega trends and implications for companies.


1. Cybersecurity will become a competitive advantage and a C-level priority. As part of this study, we asked a panel of cybersecurity experts to predict changes to several normatively important characteristics concerning the role, mission and strategy of security.1 A total of 110 individuals with bona fide credentials in information security provided their three-year predictions.  Only 25 percent of respondents believe their organization’s C-level views security as a competitive advantage. However, 59 percent of respondents in the expert panel say C-level executives will view security as a competitive advantage three years from now.

2. Insider negligence risks are decreasing. Due to investments in technologies, organizations will gain better control over employees’ insecure devices and apps. Training programs will increase awareness of cybersecurity practices. A lack of visibility into what employees are doing in the workplace will become less of a problem in the next three years.

3. Cyber crime will keep information security leaders up night. There will be significant
increases in the risk of nation state attackers and advanced persistent threats, cyber warfare or
terrorism, data breaches involving high value information and the stealth and sophistication of
cyber attackers. In contrast, there are expected to be slight improvements in mitigating the risk of hacktivism and malicious or criminal insiders.

4. The Internet of Things is here but organizations are slow to address its security risks.
The Internet of Things is the expanding network of billions of connected devices that are
permeating our daily lives—from the computers inside our cars to our WiFi enabled appliances,
from wireless medical devices to wearable device.
Because consumers are embracing more connected devices, information security leaders predict that the Internet of Things will be one of the most significant disruptive technologies in the near future.

5. The cyber talent gap will persist. Respondents in three regional samples hold a consistent belief that their organizations need more knowledgeable and experienced cybersecurity practitioners (i.e., the cyber talent gap).

6. Big shifts in new technologies towards big data analytics, forensics and intelligence based cyber solutions. The following technologies will gain the most in importance over the next 3 years: encryption for data at rest, big data analytics, SIEM and cybersecurity intelligence, automated forensics tools, encryption for data in motion, next generation firewalls, web application firewalls, threat intelligence feeds and sandboxing or isolation tools

7. Despite alarming media headlines, cybersecurity postures are expected to improve. The majority of respondents say their cybersecurity postures will improve for the following reasons: cyber intelligence will become more timely and actionable, more funding will be made available to invest in people and technologies, technologies will become more effective in detecting and responding to cyber threats, more staffing will be available to deal with the increasing frequency of attacks and employee-related risks will decline.

To read the full Raytheon report, click here.