BCP and Privacy Lessons from COVID-19

welcome back b-sides delaware my name is randall mc for this afternoon we are back from lunch and i hope uh you got your lunching and food comas settling in nicely we return with mr rob slade on security lessons from covid19 take it away rob thank you very much um i it's not just after lunch for me i haven't even had my breakfast yet i'm out here on the wet coast of canada so i'm an untrustworthy alien from your perspective anyways uh and uh bearing that in mind uh there's the qr code that you can get all the information about me uh quite safely bearing in mind that i got my start in security doing malware research so i

know every way to trick people to installing uh bad things on their computers now uh it's listed in the uh slides as bcp and privacy lessons from coven 19 you'll see the title here is security lessons from cobin 19. this is uh normally actually the third of of three parts of uh security lessons from covert 19. um but we'll uh it's a bit of a catch-all but yes we are going to be talking about business continuity planning uh privacy a little bit about application security and we'll see what else has dropped into the slide deck while i wasn't looking okay um just to refresh your memory uh everybody else said the pandemic started march 11th uh 2020 because that was the

first day the world health organization was willing to use the word pandemic and there was the infamous basketball game that ended sports as we know it although uh we seem to have started that up again uh it's important to do the important things in life yes but for me it all started in on march the 10th and and that particular morning um here in vancouver uh the march is a is a big month for security we have uh kansec west we have uh normally b-side sometimes we have bc aware um and the the vancouver security special interest group always has their their monthly meetings so uh i was slated to to go to two conferences i i had two

speaking engagement three conferences actually yes i and um i i remember talking about it at coffee that morning with with somebody and by dinner time it was all gone so uh life can change rather drastically in a very short space of time and it's important to bear that in mind when you're thinking about business continuity planning and how it's going to work

not everything not every event affects everybody equally and and this is this is actually an old uh illustration but it uh was um sort of case numbers for uh uh basically pretty much everywhere uh over five million population at the time and and the numbers in involved there and i'm uh in a bit of a privileged position because that little blue dot right at the bottom that's british columbia so anyways um i i will make a suggestion particularly for those of you who are interested in uh security awareness training or really any kind of communication of a complex and and difficult subject i really recommend the dr bonnie show which is not called the dr bonnie show

on on this youtube channel this particular youtube channel is the uh bc government uh youtube channel so you may have to set up a vpn and say you're from canada in order to get at it but it's um if you will look up the code 19 uh updates um on that channel uh we have a secret weapon here in bc and that is uh dr bonnie henry and uh she has provided a an absolute master class in effective communication of difficult topics and situations so uh throw that in there as as uh a benefit uh to you those of you who are dealing with communications or education in any way it's uh it's really really um

exemplar uh material there uh oh and and seeing how we're talking about privacy partly uh by the way you're you're being recorded as i understand here so uh uh that will be uh something to consider as as you participate or not um so it i again uh in terms of privacy here um some really interesting things that we have contact tracing um is is something that uh uh is important in in terms of public health and in a pandemic or any kind of epidemic really um but of course there's always the the privacy concerns and the confidentiality concerns there um the issues of vaccine administration and vaccine passports um really interesting that the uh term vaccine passport

um has changed from the beginning of the pandemic when people were actually talking about passports being able to get into another country but now when we say vaccine passports what we're talking about is is generally the little either slips of paper or qr codes that your local health authority whether it's state or regional whatever it may be gives you to say that you have in fact been vaccinated so you can get into you know restaurants and gyms uh and and stuff like that so uh it's interesting that the differences in the importance and and the privacy uh protections that go into it whether you're you know talking about something just to get you into a restaurant or something to get

you into another country and and so you know interesting um variations in the discussion of what is a vaccine password what does it need and how it needs to be protected uh so lots and lots of that um uh here you may have noticed we're going through the cia triad confidentiality now integrity um myth and disinformation has been huge in uh the pandemic during the pandemic there have been all kinds of problems with um with misinformation uh on the one hand you know you know people uh taking ivermectin and and things like that uh poisoning themselves in in many cases there have been many many more cases of um vermectin poisoning than than people who

will you know say that they have been protected by the stuff um and there's been a significant drop in the use of news media sources during the pandemic people have instead been turning to uh you know friends neighbors and just random strangers on on the internet uh to pick up their information and and very often that's it's wrong um the there again as i say there's a significant increase in the use of social media as news sources during the pandemic and all kinds of really interesting factors here uh queuing on uh of course you know not as big an issue as as he was back in uh trump period but uh the key on what whatever

source or originates this garbage um produces what are referred to as breadcrumbs and and these are sort of hints that uh people then have to follow it sort of like a paper chase uh to go and and find the information and and so doing it in that way makes people think that i have actually done research even though they're just following a trail of breadcrumbs and somebody's laid down for them and it makes people much more resistant to correction in terms of the misinformation and disinformation that's out there so um you know some some really interesting uh stuff that's that's happening and i'm sure in in the years and even decades to come uh people are going to be going back to

this period of the pandemic uh in terms of research into miss and disinformation and how to deal with it uh availability and and here of course we get closer to our bcp stuff you know toilet paper really i mean honest to goodness uh i uh you know defer to nobody in my admiration for toilet paper i think it's you know the two greatest inventions of the 20th century were toilet paper and the internet but um really uh you know there is nothing magical about it and and the fact that you know you could not buy toilet paper for months uh you know it's just so bizarre that that people were rushing out buying toilet paper um you know the pandemic

certainly was an issue in terms of supply chains and and certainly there's there's been an issue in in shortage of various things but uh toilet paper is you know it's got no medical properties um uh it's you know uh really kind of weird that that was what everybody went out and bought uh but of course the supply chains we've seen um the uh problems with uh that stuff the um uh issues uh around uh the supply chains um you know we're seeing that everywhere in in terms of uh production uh chip shortages uh raw materials shortages you know christmas coming up and and retail stock not being available um the the you know lack of choice uh

in all areas of retail availabilities and that sort of thing but in addition um we've seen uh other problems with the supply chains such as for example solar winds people relying on solar winds as a means of managing their ift infrastructure and yet at the same time you know that makes it a single point of failure and somebody managed to get in there uh drop something into that supply chain as it were and uh got into the the systems of of all kinds of people all over the world uh so um you know we have to think of of supply chains not just in terms of you know can i get this particular product is is this going to be available

to me but in addition is this a particular point in the supply chain uh secure in and of itself is it going to um affect me in in some negative way uh by it being compromised itself um and that's you know solarwinds of course uh you know we're dealing with uh i.t infrastructure all the time but there's issues in terms of physical supplies well well going back to pandemic issues the supplies of medical equipment and personal protective equipment and all of a sudden people were seeing shipments of gloves masks scans whatever it may be that did not uh meet the standards they were supposed to cover um so uh lots and lots of issues uh to look at

in in those areas um it's you know and again as i say um the issues of uh supply chains lead us nicely into uh business continuity but a few things to address in in other areas of security risk management of course you know big big area in in security and of course always the cost benefit analysis uh really interesting to look at the issues of you know isolation quarantine uh lockdown mandates of various types versus reopening the economy and of course uh and we are talking about uh issues um security serves business it's you know we're not doing this by ourselves we you know we are there to support the business uh but at the same time life safety is

the number one priority so how do we balance those in terms of that kind of cost benefit analysis and emergency management i i so many so many issues around this uh um uh we've we've had disasters uh a number of disasters during the pandemic you know which is you know problems filed on top of problems and and it's it's tragic and that sort of thing but then you get these people um you know going on tv and and saying well they put us up in a hotel but it's not a very good hotel well for crying out loud you know emergency management is for emergencies um this is not a time to uh complain that

that things are not perfect because you know this is a vast imperfection and uh it's it's always more important to have the actual uh even even if it is not perfect uh then to strive for perfection and and not deliver anything at all uh so a number of things oh again and in terms of emergency management uh and again this is something that you would unfortunately have to uh uh go to uh you know set up a vpn until you're from canada but if you can get it attached to knowledge.ca uh do a search for uh a program uh five-part documentary there called search and rescue north shore it's shot in my backyard so absolutely

gorgeous scenery around all of it but an amazing piece of filmmaking as well they you know have cameras mounted on people's helmets cameras on helicopters cameras on on teams on the ground people going in uh with the teams uh but in addition i mean you know they put cameras on ropes that that were hanging gear and flying into areas and and the editing to put it all together is quite astounding but anyways uh an impressive piece of material there um again one of the things that the pandemic has has pointed out is that people do not understand uh risk uh overall and and you know the fact that it's it's not a binary issue there's always you know statistics

involved and probability but particularly the concept of defense and depth and layered defense that we in security know and use and have to rely on all the time you know staying home isn't perfect distancing isn't perfect hand washing isn't perfect masks aren't perfect vaccines aren't perfect i'm sorry you know it just doesn't happen but you know uh we have to look at it in terms of of layered defense and and defensive depth um and oh and in terms of physical distance this this was uh uh rather amusing as a uh this is uh uh an asphalt uh grinder uh that was uh near my house uh while i was preparing this stuff and and here's a sticker on

it that says you know you have to maintain two meters of social distance and you know i just kind of wondered you know i i know that it's for the workers in in operating around the machine and and just you know general uh uh instructions to everybody in the workplace you know now we have to do physical distance but for crying out loud you know who is is going to need a warning to stay two meters away from an asphalt grinder uh anyway it's just just amusing and again in in terms of masks uh this mask won't protect you from covered 19 but it sure helped with the social distancing so uh lots of issues there

uh and again in terms of physical uh distancing social distancing during the crisis during the virus crisis if you must go out note that you might get coughed on or sneeze on and since disinfecting fabric is much more difficult in cleaning flat surfaces you should wear older clothing that can be discarded if necessary if you have old torn clothing that will not be missed this is probably best since face masks are in short supply a scarf one or with the nose mouth and lower part of the face may offer some protection if you are infected and must go out for some reason take a staff to aid you in walking should you be overcome with

respiratory distress and need something to lean on best to have bells hanging from the top to summon eight if needed as you go it is best to give some verbal warning to others not to come into close contact since you may encounter uh some people who may not be proficient in english it's probably best to constantly call out something simple such as unclean unclean and this is not meant to make fun of anybody who actually has hansen's disease but anyways um oh well another issue in uh there is is cars and insurances so many comments that that i've heard from people you know saying you know well and during the lockdown we couldn't drive anywhere why don't we get a rebate on

our insurance look i've seen the way you guys have been driving since you uh got out of lockdown um i know why the insurance companies are not giving you a rebate um uh this was this was interesting that um again uh as you know during the lockdown people can't congregate and and that sort of thing but i i found that um the the smokers uh were were really interesting you know this you know no smoking rules indoors and how far away have to be from doors and that sort of thing but you know why did they always choose to be beside the natural gas meters at the mall i i really kind of wondered about that then so

um all kinds of things that uh came out during the pandemic all kinds of ideas and and one of the things was was ultraviolet um and uh ultraviolet light does kill viruses yes but unfortunately like with spraying bleach around places um the intensity of of the uv that you have to have to kill the viruses is actually you know possibly enough to harm you certainly when when they're doing it you know in this 15 second stuff uh to disinfect and and there were wands there were um things that you pushed your shopping carts through there were robots that would go through uh airplanes and what have you and just you know the intensity of of ultraviolet that you

need to kill uh bacteria viruses and that sort of thing uh it's is you know really very intense and it's dangerous i know because i worked in a hospital and and we had uh uv uh devices for debriding uh infected wounds we were not allowed to use it only specialists were allowed to use it because if you didn't use it properly if you weren't careful uh to you it was enough to strip the skin off your arms so you know lots and lots of these uv lamps that have been sold are you know really if if they're weak enough to be safe they're not strong enough to do you any good in in terms of killing viruses so

that's very interesting uh one of the the things that suddenly struck me uh you know as as we're getting nervous about you know actually meeting people um and uh then i was you know looking we we watch a lot of old movies and that sort of thing and you know so parties and and uh that sort of thing that uh go on in in the movies or uh the older movies are just you know uh oh no you can't you know that's that's dangerous you're too close together um and it was it was really kind of funny when i was thinking about this in in the mall you know uh i'm walking down the middle of the

mall and and going around corners wide so that i'm not going to actually bump into anybody by accident um and and so these you know movies where somebody suddenly jumps out of a dark corner you know sort of like you know what are you doing walking that close to a dark corner uh but the other ones the gangster movies where they're you know a whole bunch of armed guys you know with paranoia ratcheted up to 11 are all meeting in a huge warehouse um and and that you know spread out uh you sort of look at that and hey you know you guys have got it so whatever uh uh yeah probably um i don't need a break but you know the

the chairman government is advising people to stock up on sausage and cheese it may be a worst case scenario so uh business continuity planning now in in business continuity planning we are always after management senior management to you know actually do it to to build the budget uh to to address these issues and as this guy from dow chemical has said the best way to get management excited about a disaster plan is to burn down the building across the street well for crying out loud you know uh for the past couple of years uh awful lot of buildings have been burning down across an awful lot of streets figuratively speaking anyway so use this as a reason for business

continuity planning use the you know the fact that all these changes have happened to uh provide a reason uh to management to address this issue um to uh how about to you know to make sure that you are uh uh addressing uh the dangers properly um it's you know it it is not um too much of a stretch to to be able to say you know we're in the midst of a disaster we have to continue to think about disasters because if we get hit by another one uh some other way um this is uh not the time to have an unintended impact on our our business um you know it may seem like this is

uh not the time to do any extra work but really you know this this is the primary time to do the extra work to prepare the pandemic doesn't mean that everybody else has you know every other disaster uh has finished i mean you know california burned down my province burned down um you know there have been hurricanes there have been floods there have been disasters the disasters will not wait and in fact because of the pressures from the pandemic it is more important to do business continuity planning here rather than less a number of lessons that uh the the pandemic has has taught us which really we should have been addressing uh already but um

the uh a lot of the stuff in in terms of risk management a lot of our literature in uh security does come from the financial industry and it's it's really interesting when you go into it in in depth um and look at it you will find that what financial industry is talking about when they talk about risk is capital risk financial margin do you have enough money to weather some change in the commercial environment um do you have uh enough reserve to weather a a financial storm that that may come along um everything that we think about uh or where we you know tend to think about mostly um in in terms of our uh you know risk management

and and uh uh risk assessment they tend to lump in in one small coroner which they call operational risk so you know they're they're concentrating on the capital risk and we unfortunately have not and we probably should be looking at that more and and certainly a number of companies have experienced during um this during the pandemic that there have been sudden changes in the market and and massive changes now you know some people uh this was great they you know made out like bandits say you know amazon for example everybody's ordering everything online so amazon is you know doing great guns except for the fact that amazon can't find enough employees to actually work for them

so you know that's another change in the market the labor market has changed um and and all kinds of of uh industry sectors have found that themselves you know restaurants um during you know reopening situations they're you know there's a lot of demand for the the restaurants but they can't find the people so you know different kinds of of market changes um and that issue of of not being able to find employees also uh sort of leads to succession planning um and you know we've we've seen this we've had a pandemic you know a lot of people have died or got sick you know some people will get covered and and they don't actually die but about 30 percent of

people get covet get long covet and you know so if you've got your senior management people now with long covered and you know afflicted by fatigue and brain fog and that sort of thing you know they still can't do what you need them to do you know certainly somebody's got brain fog is not somebody that you want making the major decisions about policy and ongoing uh long-term stuff so having succession planning is very important it always has been important in in all kinds of disasters uh but you know the pandemic has has pointed out a number of areas that need to be addressed in uh succession planning there and again the the uh issue of supply chains we've we've

talked about that uh briefly but uh certainly um you know major issue and a number of things there including the issue of hoarding and uh hoarding is is you know sort of one of the little dirty little secrets of of uh capitalist society that you know uh everybody is individually responsible for their own provisions and so you get a lot of people that's why you couldn't get toilet paper was everybody was hoarding toilet paper um you know that is a problem that is created by everybody trying to do the best thing for themselves um and so you you need to plan uh issues addressing some of these social factors into your business continuity planning um

other things about business continuity planning full-scale uh business continuity plan for a large company really takes about three years and and so you know you need to do it beforehand you you need to do it uh in advance you know the the p you know it's uh bcp and and drp both of the p's they're you know planning irb incident response planning planning planning has to be planned in advance so you you've got to start early to do this you know the middle of the disaster is not the time to try and do business continuity planning not for this disaster you've got to do it for something else um and again the the issue of the

uh the best is the enemy of the good um it's it's you know we aren't looking for perfection necessarily we always want it to be as good

apologize besides delaware i think we're having some voice technical issues see if rob is still there hey rob i don't have any audio from me right now hopefully he can hear me

i would continue rob's talk for him but he's much smarter than i am so let's see if we can bring rob back hey uh rob if you wanna if you can still hear me and you wanna stop presenting um and then start presenting again maybe we can fix this real quick

nope nothing rob all right we're going to hit to an intermission just a little bit early i think we lost rob and uh maybe getting back a little bit later apologize for the technical glitch b-sides we will be right back

are we oh hey are we online hey rob there you are are you back yes i'm back okay uh so let's um all right sorry we we uh we lost you for about two minutes there okay uh let me let me see here just making sure that we've we've got everything yep i got your slides i got your voice you're ready to go okay okay uh so let's uh back here let's just make sure that we yeah anyways uh any job worth doing is worth doing badly here i've just uh demonstrated that uh very uh effectively uh but yeah um you know this is this is the emergency management this is this is you know trying to do

the best in a bad situation uh so again the actual is is better than the perfect um in business continuity planning leadership is is very very important and and the leadership we have we have seen a number of issues of uh leadership during the uh the pandemic and um how uh that works um and uh one of the things that uh has been important that uh in in a number of those examples is consistency you've you've got to uh be consistent in in your your basic principles now it's very interesting of course again in a pandemic and particularly in a pandemic you know this is a a virus of a class that we didn't even know up until the 1960s

uh coronaviruses uh were discovered and it was rather interesting in terms of of the name there i had thought that it you know was the the spike proteins that little crowns all around the surface but actually when they were first discovered uh electron microscopes were not uh did not have enough resolution to to give that level of detail and so all people could see was this a kind of hazy outline a corona around the virus and so that's where the name came from coronavirus which is uh interesting in terms of canadian content time because the electron microscope is canadian invention but anyway the uh the facts of change you know we're we're finding more and more data on on issues

um uh a number of of things have have come out in the course of the the past two years in discovering about uh coronal viruses in general and and uh this particular family of viruses and the mutations that have come along um but the uh the consistency of background principles has been vitally important and and people who have not had those uh you know background principles driving what they do um their leadership has has not been very effective uh during this whole crisis and and so that is an area to be addressed again um uh looking at the dr bonnie show um the the consistency that bonnie henry has shown over the the course of

uh the pandemic is is impressive and and she's you know saved a lot of lives kept a lot of people safe i'm a really big fan um in terms of uh business continuity this this is something that we have seen um uh in terms of uh technical stuff when when you uh recover uh you can go into recovery when a disaster has happened you recover the most important items first and um this has has been uh an example or the pandemic has sort of been a special case of this you can do lockdown you can stop fast and and you want to do this early um and we've seen this over and over again that places that did not go into

lockdown really have taken much much longer uh to get their recovery going but when you go into restoration when you've had the disaster happening and you are starting to get back into your original location you restore the most important stuff last and so the restarts of the economy in the pandemic have been slow um so you know stop fast restart slow it's it's imp sort of important principles in in business continuity planning um this was was interesting what i've seen in the uh pandemic the uh the issue of efficiency and and i mean you know we all live in a capitalist society you know just about everywhere uh is is running on it any any other

uh types of economic systems have have really had massive problems but capitalism has has worshipped at the altar of the efficiency and and reducing margins um and for about 40 years i've i've really been looking at this and uh this efficiency at all costs and wondering why it is and that i've been uneasy about it and the pandemic and finally showed it up in in a large scale here efficient systems are brittle when we reduce the margins when we we really go all out for for efficiency we set ourselves up for problems we don't have that margin we don't have that slack and so again in terms of building resilience into your enterprise um at all levels which which again is

part of business continuity planning um look at that issue of efficiency you know yes you want to do things you want to avoid flat-out waste if you possibly can but uh no consider uh you know when you when you cut things to the bone there's no further to cut when something bad happens so again you know efficiency is not the be-all end all um you know again have some redundancy to build resilience in into your enterprise uh you know do you know yes cut down the margins but but uh not too far um now again uh planning like i said you know the p stands for planning planning has to be done ahead of time

do do it in advance um it's really interesting here in in canada we had uh well we've even had a federal election over the course of this uh not too bad but a lot of people you know every time an election was called we're just you know freaking out you know how are we going to conduct an election during a pandemic um and uh we had an election here in bc and it was it was done fairly well and um in terms of risk management here uh i am old i am male i am fat i have high blood pressure and diabetes you know if any straight stars cove two lands on me i'm toast

so you know i've got to take extra precautions here and so i planned ahead when they called the election i signed up for you know mail-in ballots um i found out where the office was uh went and and actually you know i didn't even mail it i dropped my ballots in at the the elections office um so that i didn't have to you know line up on election day and and that sort of thing um so you know that's planning um newfoundland had uh other side of the country um they also had a uh an election uh during the pandemic and they did not plan as well for the the panic response and um they as they started into the

election they got hit by a sudden wave and so their election was a bit of a mess there's also issues again um long-term care homes have and facilities have been hit particularly hard they've been hot spots during the pandemic and of course a lot of people have died in in those care homes and that is always accompanied by you know weeping uh children well elderly children saying oh if only i don't you know i i wouldn't have not put mom in a home and then she'd die there well you know this is not something that was terribly hard to figure out you know if if you uh are now you know so terribly broken up about putting mama home you know you

left her in there you know if you were really concerned about that you should have you know thought about it and made some other provisions for those types of situations okay what is happening here that we can't

oh dear okay um let's get the slideshow back up and running

guys there we go

sorry about this uh you know ah it's a business continuity okay you know anyways we're we're restarting here we will uh be back with you uh shortly and get the slides back up

and we going back to sharing our window

through a few slides before we get to where we were where were we here okay this is all revision you can just say that and that is this is from the view of the material okay so uh oh yes uh good old raw toilet paper for sale 20 some assembly required uh there as i mentioned toilet paper support cryptography um i actually wrote a book um cyber security lessons from covet 19 um during the panama it's interesting exercise um went through the the domains of security and uh i thought you know okay cryptography is is not uh an area that uh the pandemic will uh you know have an impact on or any lessons from uh wrong

um so the contact tracing here is really interesting that um the uh dp3t uh protocol here just uses pure random numbers so we're not uh providing any personally identifiable information so there's no uh uh issues of of privacy here as long as it's really interesting as long as we're only dealing with the random numbers it's okay but as soon as we start collecting and associating uh say location data or even time uh data with those random numbers we start to get possibilities of of losing private information and and uh uh breaking confidentiality so really really interesting again you know a little bit of a point of of uh addressing uh cryptography not an awful lot but

but some uh application security uh testing the different types of testing um right now uh there's uh issues of um if you don't have a you know if you aren't fully vaccinated you've got to get a test or if you're traveling to certain locations like coming to canada sorry uh yeah it's not my fault the government decides these things uh that you've got to have a a pcr test and people are saying you know well why don't you do the rapid testing well the thing is the rapid tests give different types of information for example the wrap tests very often will indicate whether you have ever had coveted uh not just whether you have it right

now um so you know if you've ever had covet you may you know uh get a positive there also the the pcr tests are much much more accurate the uh rapid testing things um some of their accuracy levels or rather their error rates are around 30 percent um that's just you know uh when people are saying you know oh we we you know uh want the rapid test because they're you know they're uh easier and quicker and and that sort of thing but they uh you know what happens when you get a false positive you know how do you like the rapid test now everything um and and then oh this is uh again a little bit amusing um

uh during the pandemic a uh paper plant uh that was um uh well uh was infected with malware and and so i'm telling everybody who everyday the stockpile toilet paper should safely depos dispose of it because it may have been infected by a virus and then of course i have to explain that's a joke it does you know uh biological viruses and computer viruses do not have anything in common and no you can't catch you know your computer can't catch a virus from from ovid and you can't get covered from a virus on your computer one of the things that i have known for a long time like i said i came from the virus

well originally just viruses but more generally malware research community and um when i got more formally into security um one of the things that i learned very quickly was the bastion model was uh you know everybody else's model in security and the bastion model is wrong um the bastion model says that you know we have you know we build walls around ourselves we're the good guys we're on the inside um everybody on the outside is bad you know they're attacking us and as long as you know we have that that wall um we're okay um under the bastion model um if a a hacker an intruder of whatever kind is is attacking you um that's not my problem

as a matter of fact maybe that's good because if the the intruder is attacking you he's not attacking me but when you come for malware research and particularly virus research you know if you you get infected with a virus that's a problem for me because all of a sudden you know you are starting to spread uh the viruses and and that sort of thing so you know the bastion model we we all think you know we're on the inside we don't have to address anybody else we don't have to help it and knowing that helping others helps you is much more important for security we are all in this together as uh many people have said you know we're we're

not necessarily in the same boat but we're all in the same storm and uh that again is is something to address in your business continuity planning um insecurity in general uh oh i have uh you know uh i am rather famously i don't like slack and and i thought i hated slack until i was forced to use microsoft teams and then i thought i hated teams until i was forced to use discord but we won't say anything about that i found a bug in microsoft teams the agenda view disappears after you scheduled meetings and gloria my wife says that this is proof that teams was created by kids who never learned to plan and do everything on an

ad hoc basis and i don't have any evidence to indicate that she is incorrect uh ransomware new virus streams now uh first of all i gotta say about ransomware everybody talks about ransomware and half of them are wrong because um there there are two things that are both being called ransomware incorrectly ransomware is about software that gets into your system it encrypts your stuff and and then you know it's of a ransom demand um but there's also breach distortion which is when somebody gets in takes your information and then threatens you and it says that you gotta paste the ransom or we're gonna release this to the world that is that is not ransomware that you know wasn't dealt with by

malware by software and uh it's it's a different thing ransomware um we know how to fix ransomware make a backup we've been telling people for years to make a backup um that's that's all you need to do you make a backup you don't have to worry about ransomware um whirlpool has been hit by ransomware uh and i i you know at the same time we've seen during the pandemic new more infectious more transmissible strains of the coronavirus uh discovered in various places uh right now i think you know delta is the big one but i know that uh uh they're keeping an eye on on things called ay26 and ay27 and they're trying to uh figure out if they're you know uh

going to be important and in both cases my response is so what we know how to fix this you know if it's ransomware we make a backup you're fixed in in terms of new strains of the virus yes maybe it's more transmissible but we know how to fix this you know it's the five uh heroic acts of the world health organization you stay apart from people wash your hands you know so on and so forth um the thing is uh you know this is not a difference in in kind this is you know maybe this new strain is more transmissible maybe there's more strain new strain is more infectious maybe it's more uh deadly in terms of mortality but it's

you know it's not a game changer it just means that you have to double down on what we were already doing and you know the same thing is is happening we know how to fix this do not panic okay uh law investigation and ethics against uh privacy uh gets into here a bit uh and a lot of people have been freaking out over you know mandates lockdowns that sort of thing and quoting benjamin franklin they that give up essential liberty to attain a little temporary safety does i deserve neither liberty nor safety you know well uh look i mean when people are dying um then that's you know not not an issue of liberty there you know they say my body

my choice yeah do you want casket or urn um this is important um contact tracing and privacy we've we've talked about um uh forensics um the uh evidence the testing the data that we're we're getting uh you know all of that is is important in forensics and we're seeing the importance of relying on specific data specific evidence real data rather than people's theories during the pandemic here um really interesting the privacy issues here um uh doctor's appointments uh have uh mostly by phone during the pandemic which is really interesting during a pandemic you know we're dealing with issues of help but um here uh the the doctors uh decided that they needed a consent form to to deal

with issues of privacy um and uh so you go to a website you would you would sign this consent form uh which you had to pay for it was really interesting uh data to sign a form uh rather bizarre but anyways um interestingly on this forum they had no means of correction so you know there were violating one of the uh eu directors right off the top um and uh there was uh you know there were several violations of accuracy and the right of correction principles uh in this form so this form which was meant to address issues of privacy itself violated uh privacy protection principles so interesting stuff um again in terms of privacy in the vaccine passports uh

early on when we uh were thinking that the the passwords were going to be actual passports you know a lot of information was going to have to be carried on those things you know details of the vaccine which version did you get what date uh multi-shot did you need a booster did you have a booster were we going to keep that information on the card on a central database what would happen with uh jurisdictions accessing health information from another jurisdiction they may not have been too terribly friendly too uh details of the testing uh of whether or not you had had pcr tests or you know rapid tests or whatever you know what type of testing what was the date of the

testing so you know tons and tons of information that we were considering at that point in in terms of the the vaccine passports now of course it's it's been somewhat restricted in terms of of just uh you know have you had a vaccine had you had both vaccines uh that sort of thing um yeah this is is kind of personal but um i i'm very disappointed in in terms of the social responses to the pandemic it has seemed to to open the floodgates of bad behavior for a lot of people and and of course uh uh you know racism has has uh come full force um uh people have been uh making statements about asians because

the the virus first seemingly showed up in china the the different uh ethnicities uh seem to have been affected differently by the virus that is is still something that needs to be researched because it's only you know vague indications that we've got um certainly uh any uh ethnic communities that we can tie to a lower economic status have been you know hit very very hard uh by the pandemic they've been hit a lot harder than those of us who actually have jobs and money and and those types of things but uh you know the the issue of racism has has been um a very disturbing one you guys have had the the black lives matter

um and this is this is a canadian joke uh a canadian is gp with seniority um it's kind of multi-layered i have to explain that uh dp means displaced persian is basically another term for uh refugee but it's it's also essentially a racist term because uh a dp is is somebody that you you know it was a pejorative term uh that this was somebody who came from a different culture and and very often from a different race um so uh you know it's racism shows up in in all kinds of things we have to find it fight it in in many many different ways uh this is dr bonnie who i've uh talked about uh a number of times and and she's

saved a lot of lives and and i'm running out of time so i'll say that's all i'll say about that