A month later and the world has shifted underneath us all. Most of us are working from home and adjusting to the new normal of having drinks with friends over video chat and conducting work from slack only. If you’re like me you’ve probably found yourself becoming an amateur virologist and epidemiologist very quickly. While I usually read dozens of security articles each month to curate a nice list of articles that are critical for security leaders, like yourself, to be aware of, this month I’ve found myself grappling with COVID and the fastest financial slide in history.

Our primary goal of ReThink is to provide you with timely security insights for security leaders. So I will lead with security related news. However, if I can provide some insight into what I’ve learned about COVID or the financial market over the last month that can help you make good leadership decisions then I want to do that too.

To that end I have added two new special sections to the April newsletter, Economics and COVID. In each section I have written a short paragraph on my thoughts on the topic and then a list of pertinent articles follow.

Recent ReThink Articles

Are You a Firefighter or a Building Inspector - Deservedly so, we put a lot of stock into the heroics that firefighters perform, but the battles that building inspectors wage each day against poor construction or dangerous electrical systems may save more lives and structures. In security our front line devs and pen testers often make company headlines by finding and fixing security issues in real time, but just like the building inspector we have to give respect to the security architects, managers, and trainers that keep issues out of software in the first place.

More Security Headlines

Zoom is having a bad month as security researchers comb through their application for security issues. At first I thought this was just a matter of them developing too quickly and not having an eye for security. The more I look into it the more it seems like the entire stack is poorly written with little understanding of security functionality or the implications around privacy and security. If it was just one or two issues I could chalk it up to a mistake here or there. The sheer number of issues over time show a real misunderstanding of how to build secure software or how to protect their users first. It’s critical to do proper threat and risk modeling to help drive decisions. It’s ok to accept risk when you understand it. It is not OK to be blindsided by an angry mob of security people because you’ve never thought about how a feature could be misused. Bruce Schneier wrote a good piece about this that goes deeper into the details. Interestingly, there has also been some backlash against the security community for pointing out Zoom’s problems. In this time of stress, there are voices pushing for security by obscurity and against ‘shaming’ Zoom.

I really like what HD Moore has done with Rumble. I’ve met HD a few times over the years and always been impressed with his sheer mental horsepower and breadth of knowledge. He’s put that to work building a new company and tool at Rumble. Since his days building Metasploit he’s been really research focused. The coronavirus hasn’t slowed him down with a recent post about Session Prediction in SMB2.

SMB2 Session Prediction & Consequences

I speak more about this in the Economics section of this newsletter, but CSO Online has a good article about how CISOs are changing behavior quickly while they deal with COVID-19. This virus is doing more than just making people sick, it’s putting stress on the entire economy. Overnight CISOs are slashing spending on anything discretionary including security and hiring. We may be able to hold off for a little while, but we’re all going to have to pay the piper sooner or later. I predict an increase in security incidents and breaches in three to six months. This trend of reducing security spend will quickly conflict with the actual need for more security as the workforce shifts increasingly to remote work.

3 ways COVID-19 is changing CISO priorities | CSO Online


COVID-19 has changed the way we work. Some companies are laying off or furloughing huge portions of their staff in response to travel bans and social distancing guidelines. Spending for Travel, Hotels , Leisure, Retail , Airlines , and more are being cut drastically. These industries are hard hit, but so too are some new gig economy companies, who needs a Dogwalker when we are already at home ? The longer the shutdown goes on, the more deeply it drive a wedge into the economy. White collar jobs are next. The New York times has an interesting article about this as well: Start-Ups Are Pummeled in the ‘Great Unwinding’

Other industries are booming - the CEO of Slack, Stewart Butterfield , wrote an amazing and honest twitter thread about their growth as thousands of companies explored how much of their business and communication can move to online only. Microsoft has seen cloud services demand up 775 percent .

Companies who have resisted work from home policies in the past are now struggling to figure out how to support their employees from home. I predict they’ll quickly learn that employees can work as well and be happier when they have flexibility to work or from wherever they’re most effective. This will drive adoption of work from home solutions, new businesses, and more flexible work opportunities. The companies that fight this change will find it difficult to recruit and maintain top talent.


3Blue1Brown has some great videos on YouTube to explain all kinds of math concepts. He does it in such a lovely and exploratory way that I always loved watching. He’s recently turned his focus toward simulating how an epidemic spreads. This is one of the best examples I’ve seen.

Simulating an epidemic - YouTube

There are a lot of live COVID trackers out there, but I’ve really grown to like Bing’s map. It’s straightforward and easy to understand. I find it helpful to get a big picture look at the trends and outbreaks across the globe and tounderstand the impact across different regions.

Coronavirus (COVID-19) live map tracker from Microsoft Bing

Tomas Pueyo wrote one of the best articles I’ve seen on the pandemic, called Coronavirus: Why You Must Act Now , a month ago pleading for people to act now to contain COVID. His predictions were very accurate and his recommendations, while severe, are sound. His next two article are absolutely worth reading.

Coronavirus: The Hammer and the Dance - Tomas Pueyo - Medium

Coronavirus: Out of Many, One - Tomas Pueyo - Medium

There’s a lot of great research happening to help increase the number, efficiency, and effectiveness of COVID tests. Understanding how many people have the disease is a critical first step to containing it, especially considering the long incubation period. There is likely a lot of people transmitting the disease without knowing it. The lack of testingalso makes transmission and death rates very difficult to estimate. I’m encouraged by new research in this area.

Abbott Launches 5-Minute Covid-19 Test - Bloomberg

COVID-19 home test kits launch in King County

Please subscribe to our newsletter. Each month we send out a newsletter with news summaries and links to our last few posts. Don’t miss it!