Sunday Musings A Little Fellow Follows
Happy Sunday Friend!
Welcome back to another musing! I’m glad you’re here. Here are your Sunday Musings, a quick dose of what I’m exploring and thinking about. If you find it useful, please feel free to forward this along to friends!
Quote I’m Musing
“Don’t worry that children never listen to you; worry that they are always watching you.”
-Robert Fulghum
Whether you are a parent, a mentor, or a leader; we are always watched by someone. They’re picking up on things we don’t realize we are even doing. Our emotions, our reactions, how we deal with those. How we treat people, when we get angry, when we get goofy or impatient.
There’s a poem attributed to Rev. Claude Wisdom White, Sr called “A Little Fellow Follows Me” that really drives the importance of this though.
A careful man I ought to be,
A little fellow follows me.
I dare not go astray, For fear he'll go the self-same way.
I cannot once escape his eyes, Whatever he see me do, he tries.
Like me, he says, he's going to be, The little chap who follows me.
He thinks that I am good and fine, Believes in every word of mine.
The base in me he must not see, That little fellow who follows me.
I must remember as I go, Thru summers' sun and winters' snow.
I am building for the years to be,
This little chap who follows me.
As a parent, a leader, a mentor the underlying concept is presence. Presence of mind, presence in the moment, presence in the literal sense. Being there, modeling, being consistently available and ready when they are.
Realization that they will model more of what we do than what we say. Our interactions with our children, our mentees, and those folks who we don’t even realize look up to us shape the lens through which they will perceive the world for the rest of their lives.
Leadership is the work of our lifetime. We are all leaders; of our families, at work, groups of friends, or even of just ourselves. It’s a process we work on day after day, week after week, year over year. Leaders aren’t born, we’re made. Through hard-earned experience or by leaning on the experiences of others.
Lastly, this is a heavy burden. We will never be perfect. I posit that it’s just as important to show them how we handle our imperfections with acceptance and a “wisdom is a never-ending journey” mindset.
Reflection on Control 9
Control 9 focuses on protecting web browsers and increasing email security to reduce the likelihood of our users falling victim to social engineering attacks. It recommends doing this through implementation and management of DNS filtering and email security technologies.
CIS Critical Security Control #10
Malware Defense
The Media Darling of Security Controls
This is the most over-glamorized control. Our industry focuses on the coolest looking tools, and malware analysis is the shiniest bit in the kit at the moment. Even so, Control 10 is critical and calls for implementing, standardizing, and managing antimalware and endpoint protection technologies.
What is it?
Our tenth control is probably our most well covered in the media. Most of the safeguards are like our antivirus safeguards. Recommend using both behavior-based and signature-based antimalware tools with automatic updates turned on, and centrally managing the software. Additionally, make sure we enable the anti-exploit features in our operating systems, and strictly control the removable media usage in the enterprise, if allowed at all.
Positive responses to the more condensed version, so I’ll keep it up!
There are seven safeguards to control 10, here’s how to comply and implement them:
Install and keep up-to-date antimalware (in addition to antivirus) software.
Set up automatic antimalware signature updates.
Turn off automatic opening of removable media.
Schedule regular automatic scans of removable media for malware and viruses.
Activate security features that protect against exploitation to prevent or reduce attacks.
Centralize antimalware management.
Utilize antivirus software that detects suspicious behavior.
Why Should We Care About Control #10?
Malware, particularly ransomware, is a major vehicle for operational and revenue loss. Arguably, the most pressing security issue recently. Ransomware prevents users from accessing systems and information unless the target pays a fee to regain access. More recently, the tactic has changed, and actors threaten to publish or destroy data unless the target pays. Predictions are that there will be a new assault every 2 seconds and ransomware costs will reach $265 billion per year by 2031.
In the News
Ransomware group breaches Johnson Controls, Demands $51 million.
The company suffered a ransomware attack last weekend, causing it to shutdown portions of its IT infrastructure. Of note, Johnson Controls’ clients use them to protect and secure governmental buildings and critical infrastructure. Possible risk to national security?
| More
Chinese Hackers Hiding in Routers in the US And Japan
A hacking group tied to the Chinese government is exploiting routers in attacks on a variety of organizations. BlackTech has demonstrated the ability to modify router firmware without detection and exploit routers’ domain-trust relationships for pivoting from international subsidiaries to headquarters in Japan and the U.S. — the primary targets. Recommend you take a look at the link below to see the full write up and mitigation options.
| More
Podcast: Tim Ferriss Show - The Ultimate Guide to Virtual Assistants, 10x Delegation, and Winning Freedom by Letting Go
Tim interviews Sam Corcos, co-founder of Levels. It was a particularly engaging session with a ton of actionable takeaways for delegation, tech tools like Notion and Loom, and working with EAs (executive assistants).
| More
Shoot Me Your Feedback!
Which musing is your favorite? What else do you want to see or what should I eliminate? Any other suggestions? Just send a tweet to @erichaupt on Twitter and put #SundayMusings at the end so I can find it. Or, eric@erichaupt.com for long form email.
Have a wonderful week, I’ll see you Sunday.
-e
End of transmission.