Lean manufacturing  or  kaizen  is a philosophy or framework comprising a variety of approaches designed to make manufacturing and production systems as efficient and effective as possible, approaches such as: Design-for-life  - taking account of the practical realities of production, usage and maintenance when products are designed, rather than locking-in later nightmares through the thoughtless inclusion of elements or features that prove unmanageable; Just-in-time delivery of parts to the production line at the quantity, quality, time and place they are needed (kanban), instead of being stockpiled in a warehouse or parts store, collecting dust, depreciating, adding inertia and costs if product changes are needed; Elimination of waste (muda) - processes are changed to avoid the production of waste, or at the very least waste materials become useful/valuable products, while wasted time and effort is eliminated by making production processes slick with smo...

Let me start by acknowledging that passwords are a weak means of authenticating people, for all sorts of reasons. I know passwords suck ... and yet passwords are by far the most common user authentication method in use because of two factors (pun intended): 1) Passwords are conventional, well-understood, commonplace, and the natural default 'no-brain' option. People are used to them and [think they] understand them. Passwords or PIN codes are almost universally built-in to operating systems and many apps, websites etc .   2) Compared to other methods, passwords are fairly cheap to implement, manage and use. There is no need to invest in biometric sensors, PKI, crypto-tokens or whatever unless  you need multifactor authentication ... in which case you probably still need passwords.  That said, there are many different ways of employing passwords for user authentication, many design parameters, most of which affect the level of security achieved in practice. Designing and i...

Getting our work colleagues to behave more securely is a lot like breaking old habits and replacing them with new ones. 'Habit' implies several things, most notably t here is stasis, inertia or resistance to change - the very essence of habit - hence directed changes inevitably require both time and energy. Furthermore, o ld habits die hard: they are our well-practiced, comfortable, default behaviors, mostly performed subsconsciously, autonomously, easily, without thinking or apparent effort. In contrast, changing to a different behavior requires conscious thought and deliberate effort, at least at first, until the new behavior itself becomes habitual. In the middle is the 'unfreeze' phase of  Kurt Lewin's classic 3-phase change model , the road-hump separating two distinct behaviors or clusters of activities. Habitual behavior, including addiction, has been studied extensively for decades and is fairly well understood in terms of the psychology and physiology, so w...

The ICAO  Global Aviation Safety Plan 2014-16  (GASP) is an extremely impressive document on so many levels. First off, how about this for an entrance (first paragraph): " Ensuring safety remains paramount Continuous improvement in global aviation safety is fundamental to ensuring air transport continues to play a major role in driving sustainable economic and social development around the world. For an industry that directly and indirectly supports the employment of 56.6 million people, contributes over $2 trillion to global gross domestic product (GDP), and carries over 2.5 billion passengers and $5.3 trillion worth of cargo annually, safety must be aviation’s first and overriding priority." Given everything that's at stake here (and just in case it escaped your notice, those are BIG  numbers), " safety must be aviation's first and overriding priority ".   No ifs or buts, there's absolute clarity of vision for the entire industry.   In other words  th...

I've just been reading the IBM 2015 Cyber Security Intelligence Index , trying to figure out their 'materials and methods' i.e. basic parameters for the survey, such as population size and nature. All I can find are some obtuse references in the first paragraph: "IBM Managed Security Services continuously monitors billions of events per year, as reported by more than 8,000 client devices in over 100 countries. This report is based on data IBM collected between 1 January 2014 and 31 December 2014 in the course of monitoring client security devices as well as data derived from responding to and performing analysis on cyber attack incidents. Because our client profiles can differ significantly across industries and company size, we have normalized the data for this report to describe an average client organization as having between 1,000 and 5,000 employees, with approximately 500 security devices deployed within its network." Reading between the lines, it appears ...

That deliberately dark, foreboding, dramatic image is just one of the awareness posters in August's brand new awareness module on cybersecurity. Its purpose is to catch people's eyes, intrigue them and make them think. What is a "cyber-prepper"? What are they doing? Are they friend or foe - something to be wary of, or to emulate? The cyber-prepping concept came to me as the awareness materials were being written. While "preppers" are busy digging their underground bunkers, stockpiling water, food and small-arms to survive The Big One, the reality is that modern warfare is likely to be markedly different to the classic nuclear/biological/chemical holocaust scenarios they typically fear. Few cyberweapons make a bang or a flash, let alone a mushroom cloud - in fact, stealth is arguably their most valuable characteristic. If the enemy doesn't even know it has been infiltrated and attacked until its already too late to respond, its IT systems, comms and netwo...