Are you paying attention ?

Imagine if you email out a document to your team and ask them to read it. How do you know if they have even looked at the file. One way to get an indication is by embedding a token in the document. When the file is opened, you get a notification. And what happens if someone not in your team opens this file. That could be a problem. Perhaps documents (data) are leaking out of your organization.

This is the idea behind Canary Tokens. Very smart micro level traps. Think of them as granular trip wires. There are so many creative uses for these simple and effective triggers. You tokenize a file and if someone opens it, you receive a notification, with perhaps the source IP address.

Have a look at this old article the brilliant Haroon Meer shared with me. This is an example of a token in the analogue world. Compelling story this … smart stuff.

There’s a brilliant reason why Van Halen asked for a bowl of M&Ms with all the brown candies removed before every show

https://www.thisisinsider.com/van-halen-brown-m-ms-contract-2016-9

Weekend #5 – Matwetwe

We have made it to the 5th weekend and that in itself is good. And what is great is that the cinema footprint grew from week 1 to week 2 and then it again in week 3 and also in week 4. Now, on the start of weekend number 5 the footprint has been reduced, by 3 sites. At the time of writing this the current box office is around 4.8 million Rands, and we estimate the film will do close to 7 mil. over its cinema run. That would be a fantastic result.

Nowhere else are the laws of supply and demand as evident than with the cinema business. A movie, if it is lucky enough to get a theatrical release, then starts the weekly nail biting test of whether or not it stays on circuit, and if it does, what happens to the weekly cinema footprint. Every Monday, around the world, the cinemas chains in each country tally up the weekend’s box office, and work with the film distributors to decide on what stays on, and what comes off. There are new movies coming out every Friday, so screen time is always a limited resource. There really isn’t much for them to decide as the numbers say it all. The top earning films stay on, and the poor performers come off circuit to make way for new titles. It is brutal and it is very straight forward. If there is demand then the cinemas will supply. And if not, you are history. There are never any second chances.

This weekend is pay-day for many so we should see a boost in the cinema attendances for all movies. We also had a very cool shout-out on Twitter this week from the minister of arts and culture, and lots of new compliments from cinema goers. There has been a non-stop Twitter stream of positive energy since the film’s release. It has been good for the soul. The word-of-mouth has certainly been strong and consistent. All of this has contributed to the film’s fantastic cinema journey thus far. Hopefully, as we go into the 5th weekend on circuit the attendances will be strong again.

There are about 10 sites in our cinema footprint that are constantly busy, and we expect, that as the footprint starts to reduce now, with each passing week, that that these key sites will demonstrate longevity. It could be that the film plays on these key sites for quite some time. Again, as long as there is demand, the cinemas will supply.

Weekend number 5 is about to begin – bring it on !!!

The best medicine

I don’t know about you, but I am not in the best physical shape. I need to exercise more, stress less, sleep a bit longer each night, and I definitely should slow down a bit. I think the pace of the world is in overdrive. No one ever seems to have time.

Luckily, with this unhealthy lifestyle I seem to be ok (well for the first 50 years), physically speaking that is (not sure about my tired grey matter). But occasionally I do get the flu. Not often. Like once every few years or so, and it never lasts more than a day or two. When I do feel the flu coming on a visit to the doctor is generally a good move, and I have a cool GP, so it is fun to see him every few years. He makes a lot of jokes, and we laugh a lot, and he tells me how lucky I am to be in good health. Yeah, right.

Since turning 50 I have had a few things that have started acting up. I got a right knee that makes a crunching sound when I bend down, and a sore right shoulder that I am told is a bit of arthritis, and some other minor aches and pains. The doc says it is wear and tear. And yes, he also says that I need to exercise more and eat better, etc. If I want to be in a safe state of mind and body I better get with the program. I am painfully aware of this of late.

What I am also discovering is that there are so many kinds of doctors. My GP is just the starting point. Each part of the body has a specialist doctor. And also, there are so many different kinds of medicines, for every part of the body, and for every different ailment. I read online that the pharmaceutical industry in the US is approaching 20% of the American GDP. Yup, medicine is big business.

Now, imagine if all these different medicine manufacturers had to start calling me, and sending me marketing materials. That would be overwhelming. What would you do? You would call your doctor, and he would probably tell you to turn off your phone, and stop reading your email. We trust our doctor to advise us. That is what staying safe is all about. If we had to buy every medicine that was marketed to us, it would cost us a fortune, and we would most probably be no better off. In fact, taking the wrong medicine can be bad for you.

Your doctor’s role is to understand what the real problem is, and by giving you an accurate diagnosis you also get some peace of mind. Being bombarded by pharmaceutical marketing can’t be good for one’s health, excuse the pun.

What I am saying seems obvious, and I am sure you are with me. Now, let’s talk about something else that also requires well-being: your IT infrastructure. Like your body, you have to look after your computer systems, and this sometimes needs to be diagnosed and fixed. In this day and age of big data, making sure our servers are secure is no laughing matter.

If you are worried about the state of your cyber security then join the club. With over 74% of all threats coming from the inside (look this up on Google) and with data privacy laws coming into play, there is a lot to be concerned about. There are “doctors” that can help. Consultants and specialists that can assess your infrastructure, and architect a solution, with affordable and appropriate medicine, that keeps your IT healthy.

Have a check up. Just like you would do for your body. Being proactive and having a medical examination every few years is a smart thing to do. The same with your IT infrastructure. Understand where the real threats and dangers are, and deal with it appropriately.

When it comes to cyber security there are vendors calling and marketing to you all the time. There is so much IT medicine on the market that it is confusing to say the least.

Speak to your IT doctor – there are some good ones around and they are there to help you.

Weekend #3 – Matwetwe

Weekend #1 was very good. Weekend #2 was also good. What will happen now with weekend #3?

I am talking about Matwetwe, the new movie from Kagiso Lediga that is breaking ground in SA.

Releasing a film in cinemas is always a nerve wrecking and risky proposition, and it is a lot of hard work. Yes, making the film is hard work too, but the journey of marketing and selling a film is proper intense. You first have to convince the cinemas to give you a chance. There is no shortage of movie product out there, and there is a limit on the number of cinema screens in the world. And to compete with big Hollywood titles, who have serious marketing budgets, is always a challenge. So, let’s say you get past the first hurdle, and your film is now set for a theatrical release, what then. You do all you can to market the film and spread the word, and then you pray. Of course, if you have a fantastic film that always helps, and in this case the film is a winner. People are loving it. But are enough people going to see it? That is always the biggest challenge. The numbers are what determines everything.

It is all about supply and demand. If a cinema complex has 10 screens, for example, and there are 5 new movies coming out each Friday, then which 5 movies stay on, and which 5 movies come off? Simple: the ones that make the most money, the top 5. So, if you are in the bottom part of the list, you are off. It is brutal, and there are no second chances. On the opening weekend (weekend #1) we exceeded all expectations, and we came in the top 5, and in following weekend (weekend #2) we did very well, and again, we came in the top rankings. The demand has been very clear, the numbers so compelling, that the cinema footprint expanded from 16 screens in the opening week, to 29 screens in the second week, and now, going into weekend #3, we are on 36 screens. This is very very exciting indeed, and also, a rare occurrence in the world of cinema.

The most important measurable is what is called “screen average”, which can be translated into “profit per screen”. In a business, think of it as “profit per employee”. Matwetwe has had the second highest screen average for the past 2 weeks. Perhaps going into its third week it will maintain this position. This is what determines the supply. The cinemas are making good money from this movie – the people are voting with their wallets.

Tomorrow starts weekend #3. Bring it on !!!
The excitement and the nail biting continues.

Movie team.jpg

I wrote a piece about the Matwetwe cinema journey a couple of weeks back, when the film came out – you can read it here : https://medium.com/@ronnieapteker/matwetwe-ce83c9750e3c

You need to know

I spend my days trying to share knowledge and insight around the subject of detection. Most of the world’s efforts in cyber security is about prevention, but if you have been breached, then you want to know it, and ASAP. So detect and notify.

When it comes to cyber security there is no silver bullet. It is like looking after your personal health. There is no once off treatment that will make sure you stay in good shape forever. Even if we do everything right, there is still no guarantee that something will surprise us, when we least expect it.

I am currently considering taking one of those Scan For Life procedures, just to check that all is ok. I would rather detect early on that something is wrong, then one day get caught off guard, and be in real trouble.

Detection technology is there as a proactive measure, to tell us if our other defenses have been compromised or bypassed.

Hacking is on the rise, and this problem is not ever going to stop. Like taking care of your body, and your health, it requires constant work to stay in good shape. With detection measures in places, we can try and figure out early on that there are cracks in our armor, and this will allow us to try save the day.

A smoke detector is a good example of a proactive measure that we are all familiar with. Just look up at the ceiling in your office, and the chances are you will see a smoke detector. If one of these detectors triggers an alarm, it means we can save people’s lives, our work, and the building. Smoke detectors sit there quietly, but if they ever do make a noise, then it means we need to act.

The space that I am active in is called “Deception Technology”. There are many different products in this domain, and they all aim to detect if your network has been breached. If there is a threat you need to know about it right away.

It is a simple idea, and it has a very important function. The problem it is addressing is fundamental: is there unsanctioned movement on your network? Are there intruders moving laterally on your infrastructure, looking for your assets? If so, you want an alert (an indication of something suspicious). You need to know.

It seems like a no brainer. Who would you say no. Especially when you consider the price of some of these technologies – they are generally affordable and simple to deploy. But, one of the big pushbacks I have heard enough times is this, “We are not ready. We won’t know what to do if we get an alert.”

I explain to people, every day, that in most cases, you will able to disconnect that computer or network segment, and breathe easier. If you are alerted to an intrusion then most of the time, the remedy is simple. Of course, if you discover that the rabbit hole is deep, then it may require some forensic investigation. The point is, if your health was threatened, in some way, you want to know about it. If you go for a scan or a blood test, and you get a warning, then at least you know. Sure, you may not know what to when receiving that news, but like the smoke detector going off, you know you need to do something. In this case, call the fire department.

What I can’t seem to understand is how people often push this aside and say “We will wait, we are not ready to deal with this.” But, again, surely you want to know right away. Find out and then you can deal with it. In the worst case, call me – I will find someone who can try and help you. But to not know seems like a strange outcome to accept and rationalize.

If your IT infrastructure or your physical health is compromised, you want to know. I can’t understand how people would not want to know. Not knowing would just would be irresponsible, in my view.

Here is another example that anyone who drives a car should relate to. If you go to fill up your car at the petrol station and someone points out that your tires look smooth and may need to be changed, then yes, you may not change then right away, but at least you now know, and you can drive a bit slower and be more careful on the road. And yes, if your tires are smooth you should change them. But to not know, or not want to know, is dangerous.