Facebook CEO Mark Zuckerberg has been making news lately by talking about the “metaverse.” Zuckerberg says it’s the future of Facebook — and the internet. He’s so committed to the idea that he intends to hire 10,000 Europeans to work on it, and even change the name of his company from Facebook to a metaverse-related brand.

Are we all going to live and work in Facebook’s “metaverse”?

Most organizations take what you might call an active approach to cybersecurity, They’re prepared to do certain things once an attack happens. Or, they take a reactive approach, taking action after an attack is completed. A proactive cybersecurity strategy is about acting before any attack occurs; it’s a good cybersecurity posture of readiness.

Take a look at the policies, tools and practices that make up proactive cybersecurity measures.

Engineering and cybersecurity are two distinct disciplines, each demanding its own rigorous education and training. But should there be crossover? Should engineers or engineering students invest in cybersecurity education as well? What are the opportunities for engineers to gain expertise in protecting against threat actors in the software realm?

As the world becomes more complex and the use of cyberattacks grows, the world of cybersecurity benefits more and more from engineering expertise, and vice versa. Here’s why.

Ransomware is an expensive cybercrime and getting more so all the time. Payouts have risen massively in the past few years. But while ransomware payment amounts make headlines, the real costs go far beyond what’s paid to the attackers.

The new Mike's List is here!

In this issue: 

• Why Facebook’s epic crash should change everything
• Drone light show in China fails; drones drop out of the sky
• Trick or treat. Smell my feet. These flipflops smell like chocolate!
• Billionaires with their own space programs get eviscerated on SNL

Read this issue of Mike's list and subscribe!

When Steve Jobs died I was moved to write this piece for Cult of Mac about what Steve Jobs meant to Silicon Valley. An excerpt: 

"Steve Jobs’ career is the gold standard for how to launch a startup, how to invent a product, how to give a presentation, how to market consumer products, how to design a web site, how to design anything, how to develop and build products, how to build a company, how to create a retail experience, how to create a development ecosystem and above all, how to create passion in the hearts of users. He always gave Apple fans everything they wanted. And then one more thing.

Everybody in Silicon Valley is trying to do what Steve Jobs did. But Jobs was the perfect person at the perfect time in the perfect place to accomplish what he did in his incredible life. He can never be equaled.

Steve Jobs was born and raised a child of Silicon Valley. But he died in a Silicon Valley that was in many ways a child of Steve Jobs."

Read the rest. 

The new Mike's List is here! 

In this issue: 

• Why we're about to face widespread and random shortages (and what to do about it)
• How is flipping garages a video game? 
• Finally, a wristwatch made out of garbage!
• Carmaker wants to put the dashboard on the steering wheel!

And more!! 

Read Mike's List free now. 

A portmanteau of "physical" and "digital," the word "phygital" is about to blow up in the retail marketing space as an over-hyped buzzword. Like "phablet." Ugh. 

The Adventures of Pinocchio was written by Carlo Collodi in 1883. I just read the hardcover version with Robert Ingpen illustrations to my granddaughter, and we finished it last night. The original story is almost as random and bizarre as Alice in Wonderland. All the animals talk. In this scene, the "monkey" is a judge that sentences Pinocchio to prison for being the victim of a crime. The fairy dies and takes different forms. Pinocchio murders the cricket in the first scene where he appears, but he reappears alive. As with most Victorian-era children's stories, it's designed to be instructive to children: Be obedient to your parents and work hard in school, or your life will come to devastating ruin. In general, the story is totally bonkers, but highly recommended. 

Well, they did it. Amazon announced a home robot, as rumored.

Amazon’s Astro is priced at $999.99 for the invitation-only promotion, which you can request. The actual retail price will be $1449.99.

The Astro is described by some as essentially an Amazon Echo Show smart display on wheels. But that description fails to capture what a radical product this is.

In addition to wheels, they added artificial intelligence navigation and a host of sensors — plus the mission to use your home’s WiFi connection to upload much of that data to Amazon’s servers for “processing” and indefinite storage.

I predicted back in April that this product would be a bad idea. Now that Amazon has announced more details, I’m still convinced of everything I wrote.

Here’s what Astro can do. The robot can carry or deliver things around the house; a bin can be converted into two cup holders for schlepping up to 4.4 pounds of whatever.

The Astro can be used for video calls; the 12-megapixel camera sits at the end of a telescoping pole that raises the camera to a height of 42 inches. The base unit has two speakers.

Astro integrates with Amazon’s Ring doorbell and security system, as well as a service called Alexa Guard, which detects the sounds of breaking glass, smoke alarms and other sounds that may signal an emergency situation. If Astro detects a “stranger” in the house — someone not recognized using face recognition, it will follow that person around the house. (As a security tool, the follow-the-intruder feature is easily defeated when there’s more than one intruder or when a burglar drop-kicks the Astro across the room.)

The robot returns to its charging bay to charge itself, much like a Roomba does. It can “patrol” the house on a schedule, checking for motion. It will follow you around like a hungry dog if you tell it to. A feature called “hangout” prompts Astro to stay near where people are in the home (“in case it’s needed”), unless someone says “Astro: Go away.”

The two-foot tall Astro contains cameras and sensors that create a 3D map of the inside of your house. You can name the rooms, so later you can tell Astro using voice commands to go into specific rooms. It uses face recognition, so it knows who’s in your house. (It will only recognize users who explicitly register their faces with the device.)

In short, the Astro duplicates other Amazon products and, beyond rolling around, doesn’t do anything for users that can’t already be done by other Amazon products.

And I predict that rolling around will be a problem. Sure, the Astro can easily navigate the fake homes in the Amazon promotional videos — clean, dry wood floors and tight, low carpets. I doubt it will fare well in real homes, with toys and laundry on the floor, thick throw rugs and other real-life obstacles. It can’t go up or down stairs, or outside. It can’t go over bumps or level changes in a house. Despite the AI hype, it almost certain will get flummoxed over navigational issues.

The other user “benefit,” is cuteness. It’s designed to simulate a pet, to some extent.

Astro’s “eyes” are just animated images on a screen, which at launch may convey limited information by blinking and expressing cartoon emotions, but which could be software-upgraded in the future to show more facial expression and intentions. The robot also turns its head constantly to feign consciousness and to anticipate turns. Amazon designers worked hard to give Astro a simulated “personality.”

Unfortunately, Astro’s “personality” is really just a spoonful of sugar to make the surveillance capitalism go down.

As businesses grow, so does their attack surface: more network-connected devices drive innovation and efficiency, but with more devices comes more cyber risk. Protecting the ever-expanding attack surface is more important than ever, with high-profile vulnerabilities being exploited more frequently—and with more impact. One of the most effective ways to mitigate cyber risk is by creating and maintaining a robust vulnerability management program.

You’ve probably heard the phrase “you don’t know what you don’t know.” It’s a stage of learning most people find themselves in at one time or another. When it comes to cybersecurity, hackers succeed by finding the security gaps and vulnerabilities you missed. That’s true of malicious attackers. But it’s also true of their equivalent on your side: a certified ethical hacker.

Career advancement is an art form with many facets. One vital tool is your cybersecurity resume, the quality of which can mean the difference between getting an interview for your dream job and not being considered at all. 

Following the standard advice on building a resume will give you a standard resume that won’t set you apart from the pack. Fresh thinking will give your resume a huge advantage. This is true whether you’re an entry-level candidate or applying for a chief information security officer (CISO) position, whether you’re building a security analyst resume or a security administrator resume. 

Yes, it’s important to pay attention to the do’s and don’ts of smart resume building. And, yes, there is a cybersecurity skills gap. But to make your resume stand out from the pack, you’ll want something new and different. Here are some great ideas for building a winning cybersecurity resume for those just entering the field, for the most seasoned veterans and everyone in between. 

Our glorious and surreal return to Italy, a special discount for The Prosecco Experience and our soundtrack for the Provence Experience. Read the latest issue here. Subscribe here. 

The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses. 

Zero trust ensures verification and authorization for every device, every application and every user gaining access to every resource. This is a complete departure from the old model, where implicit trust was the norm and networks were protected by firewalls, VPNs and web gateways.

What we need now is a cultural pivot — a paradigm shift in how we think about digital defense. A zero trust model is dynamic and constantly changing. After your system verifies the user and device and assures minimum access, it’s vital to monitor, learn and adapt. That means zero trust is a growing, adaptable process.

Here’s what you need to know about zero trust, and why in today’s cybersecurity threat landscape, it’s really the only way to go. 

Malware can show up where you least expect it. Researchers discovered a logic bomb attack in the Python Package Index (PyPI) repository, which is code repository for Python developers and part of the software supply chain. Attackers aimed to get honest software developers to include the bombs in their applications by accident.

Here’s how to defend yourself against a logic bomb attack.

The tablet is a provocative beast.

Make a big one, and people argue over whether it could replace a laptop. Make a small one, and some users want it to be a giant phone. These conversations have repeated themselves since then-CEO Steve Jobs announced Apple’s ground-breaking iPad in 2010.

It was a pointless conversation at the time. Only the most dedicated tech nerds with specific kinds of work could even contemplate a stunt like replacing a phone or laptop with a tablet. Despite all the talk, few even attempted it.

Neither the world, nor the tablets, were ready — so the iPad and other tablets were relegated to lean-back, content-consumption device status.

But suddenly, the idea of actually using a tablet as a work laptop or a tablet as a work phone makes sense for some users, and is possible for most. This is especially true with either this year's 12.9-in. iPad Pro or the new 8.3-in. iPad Mini 6 unveiled this week.

Here’s why tablets can replace phones and tablets now. 

The rise of remote work is arguably the biggest change in how we work since the introduction of the networked PC. Yet so many unknowns remain.

When will pandemic-mandated remote work end? We don’t know.

What percentage of those now working from home will return to office work? We don’t know.

Is remote work, on balance, good for business? Or bad? Nobody agrees.

But we have learned a great many things about not only remote work, but office work, too — and the whole way business has been conducted in the past few decades. Because of what we’ve learned, business will function far better in the future.

Here are the eight ways remote work improved business by teaching us how to work together better.

No, really! I’m actually working!

Work, work, work. 

I found a perfect spot to work for awhile — very socially distant!

Here comes the video: