It takes a village to raise a website…

The world wide web of today is full of platforms that can’t stand alone. Almost all websites need a whole ecosystem to stay up. This ecosystem saves countless hours of effort. But it also allows for accidents like left-pad, where one open-source developer deleted a minor program that turned out to be crucial for much larger systems. Worse things can happen through malice.

Every modern website is “a thrashing leviathan of code and markup written by people so untrustworthy that they’re not even third parties, they’re fifth parties who weren’t even INVITED…


“Here is a sponge,” the product manager tells you. “It picks up water. But I don’t want it to pick up random water that touches it! Please make sure it picks up only the right water.”

It is hard to secure a sponge, you explain. If you want fine control over what water to pick up, a turkey baster or a syringe would be more appropriate.

“Yeah, but the devs already made a sponge.”


Why it’s a good idea to hire diverse candidates from both a security and business growth perspective

Hitting a wall

Calling on the same people over and over won’t get you the same results over and over. Last year’s solutions are not reliable in a field like cybersecurity. What was airtight five years ago may be a sieve by now.

If your team takes what they see in front of them for granted, they’ll hit a wall.

Groupthink comes up in all kinds of organizations. It’s not always a big deal! But when your job is to not get complacent, you can’t afford…


“You want to put how much money in my bank account? Sure!” Source: DanielFoster437

What’s social engineering?

“Social engineering” means tricking people into providing credentials or granting access that they shouldn’t. Nobody’s immune to it, because you can’t patch the human brain. (Not even you, Elon Musk! Not yet!) There’s no firewall that can block all instances of someone lying to you. The closest thing is a blindfold and earplugs, and you won’t get much work done with those on.

Even smart careful people get tired, get distracted, and make mistakes. Young and old, business people or students, even security analysts and managers…


Is your company ready for the Fourth Industrial Revolution? Are you?

✅ No, what’s the “Fourth Industrial Revolution”? … Read my blog to find out.
✅ Yes… Great! Read my blog as a primer!
✅ I’m not sure… That’s OK, try reading my article while you figure it out.

The “Tech Company” Powder Keg

Every company wants to call itself a tech company. DoorDash delivers food, but it calls itself a tech company. Uber delivers passengers, but it calls itself a tech company. Why do companies do this? Because software scales easier than physical infrastructure. A company that makes and moves software can grow faster than a company that relies on making and moving stuff. Electrons move faster than croissants. This will remain true even if you get exceptionally good at delivering croissants.

But when these companies call themselves tech companies, they aren’t wrong! They do scale up far faster than traditional competitors. They…


So your phone is now a battlefield. Now what?

To top off an already dismal year, there was one final parting shot from the dumpster fire that was 2020: cyber-espionage. In December of 2020, the federal government acknowledged a massive data breach. U.S. Secretary of State Mike Pompeo identified Russian state actors as the likely culprit behind this massive cyber attack on America’s digital infrastructure.

The attack began in March as the attackers exploited vulnerabilities at Microsoft, VMware, and SolarWinds, to breach three federal agencies. Affected agencies include the Departments of Defense, Homeland Security, and Treasury along with hundreds of private companies bringing the total to 250 targeted entities.


These are notes from a great talk I heard on Vimeo about cloud infrastructure, distributed teams, AI, ML and the future of security. I hope you find them as inspiring and positive as I did.

2020 is on its way out and distributed, cloud-based operations are here to stay. As every financial investor and lottery winner can tell you: past performance is no guarantee of future results. That said, looking back on 2020, there are some things we can reasonably expect to look forward to in 2021.

Much like the demise of the travel agency and of Pokémon GO, the…

Deika Elmi

I am a Security Risk Management Professional, one of my interests is also to help increase the number of women and BIPOC working in Cybersecurity

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store