Debriefing | Ask the Paranoiac

By Scott Berinato

October 17, 2007 — CSO — Readers seek advice from Dr. Paranoiac.

To Whom It May Concern: After a lengthy career growing profits at a military contract firm that manufactured PowerPoint presentations for military contract firms, I'm now a newly minted, private industry CSO. My problem can be broken down into three sections, which are shown here in this agenda slide. The surveillance program. The acceptable computer use policy. And employee morale. Let's dig down into each of these one at a time... -New Executive
Dear New Executive: I've cut off your e-mail, sparing our readers the ensuing 58 pages and 371 bullet points. You're a CSO now; put the PowerPoint down! As for employee morale, the answer is easy: More surveillance and monitoring! Employees can't remain unenthusiastic if you can always see and promptly modify their behavior, right?

P: I am dismayed that you hide behind this pseudonym. Do you not have the cojones to stand behind your opinions? - Anonymous
p.s. Please don't publish my name, company, or other personally identifying information.
Dear Brian: Thank you for writing. I love what you've done with the garden at the summer place, but the master suite color is dreadful. Don't forget your license expires this month. Also, Lucinda knows; you should be more careful.

Paranoiac: I'm a veteran CISO. Recently, the CEO took me to a crowded, noisy bar. He ordered a microbrew. I followed suit. He said, "So hows this malware problem going to affect us?" I told him we were in a strong position to mitigate those risks. He said "Mm-hmm" but not in that uninterested way—more like in that way you say it when you're kind of interested but at the same time you've already made up your mind. Anyway, all of this obviously means he's going to cut my budget in half. Please help me with this forthcoming crisis. -Empty Pockets
Dear EP: Happy to help. Using a secure, disposable cell phone, call 011 7 555 2436764. A man will answer. You say to him, "Great vodka has no flavor, just a kick." The man will hang up and a massive denial-of-service attack against your network will have begun. This should keep your budget intact for six more months. No charge, good luck!

Dear Paranoiac: Recently I was eating a jelly doughnut while opening my mail. While reading one letter from a disgruntled user upset with our monitoring-goes-home-with-you policy, I noticed a white powder on the letter. My pocket magnifier seemed to indicate the powder was indeed crystallized sucrose, but you can never be too careful. I've enclosed a sample for you to examine. Bill Jones, CSO
Mr. Jones: Thanks for sending. As you know, after my mail arrives in a hermetically sealed box it gets X-rayed and tagged and passes through an irradiation chamber. A robotic arm in a clean room opens all my packages. Hi-def cameras then allow me to view the mail from another room. I had the powder sample delivered through a sealed, negative-pressure vestibule between the rooms. I then tasted the powder. It's not sugar. Good luck!