 |
| Image from Unsplash |
They had
been to the Christmas market in Germany. Just half a minute from their school,
the bus turned right. We cycled behind it, eyebrows raised. Why was that huge
coach driving into this narrow street in the dark, with cars parked on both
sides of the bend?
It soon
became clear that this was indeed not a good idea. The left side of the slowly
moving bus grazed a parked car. The next car was even dragged along a bit. The bus
driver seemed unaware, because he kept going, inch by inch. This had to stop. I
worked my way over the sidewalk to the front of the bus, making sure I didn’t
end up wedged between two parked cars. I gestured and shouted at the driver.
Hesitantly, he rolled down his window. ‘You’ve hit two cars,’ I said. ‘I’m
completely clear,’ he replied, surprised. ‘No, you’ve hit two cars!’ Meanwhile,
voices from the back of the bus chimed in: ‘Driver, you’ve hit something!’
Eventually, the driver put on the handbrake and came to take a look.
He couldn’t
deny it: there wasn’t a molecule of air between his bus and that second car. I
told him we already thought it was odd that a bus drove into that street. You
know what he said? ‘I checked Google Maps, it showed cars parked on only one
side.’ As if those satellite images are live!
Meanwhile,
my wife rang the bell at someone she knew nearby, and soon the owners of the
damaged cars were tracked down. A very young couple came out to inspect the
damage: both cars were theirs. At least the insurance claim could now be
sorted. But another problem arose: the bus was seriously stuck. The only
solution was to move some parked cars. The students, whose school trip ended
two hundred meters before their destination, had already been sent home. One of
them, with a giant teddy bear on the back of his bike, we passed later.
We all take
a wrong turn sometimes. Where there’s chopping, there are chips; mistakes are
human. What really matters is how you deal with them. Do you flat-out deny the
error (‘I’m completely clear’), try to shift the blame, or take responsibility?
If a crew
member on an aircraft carrier loses a tool, the consequences can be huge: it
can get sucked into a jet engine, and those don’t take kindly to that. A lost
screwdriver can cost lives. If someone misplaces something, they must report it
immediately, and everything grinds to a halt. The missing item is searched for
urgently. And most importantly: the person who caused the incident is praised
for reporting it. Not punished! That’s how you encourage error reporting.
Punishment would only drastically reduce the willingness to report mistakes.
We’re all
on a kind of aircraft carrier. A single employee’s mistake can have disastrous
consequences. Think of an admin making a configuration error, or an employee
who clicks that phishing link after all. Because our carrier is so big, there
are even more ‘opportunities’ to make mistakes. In risk analyses, we pay a lot
of attention to these kinds of errors, which aren’t caused by a malicious actor
but by a colleague acting in good faith. We call these mistakes ‘oopsies.’
Sometimes a
technical glitch can lead to an awkward conversation. A report landed on my
desk about an employee who tried to do something that set off alarm bells. I
asked him to explain. He came up with a rather strange story, but I managed to
get it confirmed. The error was known, and a fix was in the works. It just goes
to show you should always be open to unlikely outcomes. So you don’t end up
making a mistake yourself.
Made a
mistake? Report it. So worse can be prevented and we can learn from it.
Happy
holidays! The next Security (b)log will appear next year.
And in the big bad world…
- Urban VPN Proxy’s browser extension reads all your AI chats.
- You can send a fake message via the government’s Phishkraam. [DUTCH]
- Even Notepad can be dangerous. [DUTCH]
- DigiD is now officially vulnerable to American curiosity. [DUTCH]
- The same applies to Zivver. [DUTCH]
- You can also just upload files with sensitive personal data to AI websites yourself. [DUTCH]
- Millions of people face a hot Christmas.
- Cisco is struggling with a vulnerability.
- Your robot vacuum might spy for China.
- Attackers can gain access to your WhatsApp account (if you unwittingly help them).
No comments:
Post a Comment