Trump - Mexican Flags

Donald Trump. At his rally in Costa Mesa, protesters were waving Mexican flags. That sends a message, it causes a perception. Some US citizens may identify with the Mexican flag, but far more with the American flag.

UK Daily Mail:
Police clashed with protesters outside Donald Trump's rally in Costa Mesa, California Thursday night
One group of protesters was filmed trying to flip over a police car outside the Pacific Amphitheater where he spoke
Hundreds of demonstrators flooded the streets, hurling rocks at motorists and forcefully declaring their opposition
One Trump supporter was seen bloodied after being punched in the face, while about 20 people were arrested

LA Times reports:
“Protesters chose to bring out the Mexican flag to demonstrate their culture and not their nationality,” Villanueva said. “In this election year, I find the fact that people are waving Mexican flags more important than people waving American flags because of the diversity within our own American culture.”

Source: Reuters

USA Today

The Dogs of Amazon

Amazon is in a perception management battle. There are tons of links complaining about Amazon's workplace condition. Nightline may have one of the best balanced reports:
https://www.youtube.com/watch?v=zknLfU7GJIw

Amazon, puts out their own material, such as the Dogs of Amazon:

And they have their own YouTube Inside Amazon channel, but most videos do not get much traction. This is one about Amazon women in engineering.

The implementation of Democracy in the USA

Huffington Post:

"More than half of American voters believe that the system U.S. political parties use to pick their candidates for the White House is "rigged" and more than two-thirds want to see the process changed, according to a Reuters/Ipsos poll."

GEICO automated billing does not inspire confidence

I am about to call 1-800-841-3000 and practice staying on hold. Why? Take a look.

I do know I have an insurance bill coming up, but I do not have and have not had a VISA card ending in 0264. So, I try to log in:

They appear to want me to put in my email address. But it is an odd way to do it. Two different problems means I probably need to call, sigh.

Pay what you want - Humble Book Bundle - Hacking

I am from the US. I find buying a car stressful. I have to negotiate, I am used to having the price posted, accepting or rejecting that price, and paying that price or abandoning the shiny object.

People from other cultures are used to negotiating, they expect it. But what about the business model where you name your price? Today, I received an email from No Starch:

San Francisco, CA (April 27, 2016)—No Starch Press, arguably the most widely respected publisher of books for hackers, teams up with Humble Bundle to offer a pay-what-you-want collection of ebooks called the Humble Book Bundle: Hacking. The bundle includes a selection of the company's finest—such as worldwide best seller Hacking: The Art of Exploitation; classics like Hacking the Xbox; and more recent best sellers like Automate the Boring Stuff with Python, Black Hat Python, and Practical Malware Analysis. This bundle is a true bargain—valued at over US $350—and with Humble Bundle's pay-what-you-want model, customers can pay whatever price they think is fair. That is quite a deal I have read and reviewed Black Hat Python, in fact it is at my desktop within arm's reach. I have read Hacking: The Art of Exploitation, nice book. I am not sure what Xbox is, *grin* so that is a pass. I think I will buy Automate the Boring Stuff, or maybe they will let me review it . . . that is how I was trained. I own the Smart girl's guide and have read it. It is OK, covers the basics, targeted not at security people, but teenage girls. But Violet Blue is some sort of porn writer and I am not sure what the secondary effects of giving a young girl this book would be. That is probably another study in perception management. Some of these are own my shelf. Silence on the Wire is probably at least ten years old now, but if you can check it out from your local library or company bookshelf, the points he makes are very valid even if the technology has changed. Python Crash Course is a way to get your career on track. You can't be fully successful in cybersecurity if you don't know the basics of Python. "Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope," says Bill Pollock, founder of No Starch Press. "True hackers never stop learning, never stop pushing boundaries. Our core mission is to produce the books that hackers really want and need, and we're not pulling any punches here. We've included several of our best sellers to make this bundle right for just about anyone." So the bottom line. Some great books. I do not know how the name your price campaign will be received, but I would love to hear your comments. Stephen Northcutt is an advisor for the SANS Technology Institute, a cyber-security graduate school and chair of the upcoming SANS Boston 2016, August 1 - 6 where he will be teaching MGT 512, Security Leadership Essentials.

Linkedin and the "land of small numbers"

Linkedin and the "land of small numbers"

I was asked to be chair for SANS Boston 2016. The responsibilities include managing the marketing. I am a scientist and I try to track the success or failure of everything I attempt. So I keep a log. At this point I have about 10k followers, but if I create an update or post, at best, I reach ten percent of that and two percent would be a norm. I live, (and try to market), in the land of small numbers. Is it me, is my stuff that boring, or is it a function of the mysterious Linkedin content algorithm?

Let's use a case in point. We ran a contest as part of the marketing efforts where my friend Judy Novak created a PCAP containing a secret message. 4/20/16 we announced the contest to 101k people. There were no immediate solutions. Over the weekend I started to get nervous, what if nobody solves it? So I posted to Facebook, Linkedin, Twitter. Still no results. Monday, 4/25/16 I announced the contest to the GIAC Advisory Board and there were four solutions in about an hour. So, I went back to Linkedin and created a post about the solutions. In addition to the Linkedin content algorithm that either is or is not displaying it to my Linkedin followers, I announced it to the GIAC Advisory Board and wrote a piece for NewsBites. 24 hours after I posted it, there are 1093 views. While getting over 1,000 pageviews is a banner success for me, considering the firepower I employed it is a terrible result. There are a couple possible reasons for this:

• Nobody knows or cares about a PCAP file
• The Linkedin content algorithm is not causing it to be displayed
• My advertising is that lame
• People are so overwhelmed with content, this is just a blip

I am trapped in the land of small numbers, but I have hope in the law of small numbers

This is a blog about perception management. I am probably not succeeding in going viral, but that is not my charter. I am supposed to market SANS Boston 2016. Before I began this journey, I reread The Tipping Point.

The tipping point is that magic moment when an idea, trend, or social behavior crosses a threshold, tips, and spreads like wildfire. Just as a single sick person can start an epidemic of the flu, so too can a small but precisely targeted push cause a fashion trend, the popularity of a new product, or a drop in the crime rate. 

Small, precisely targeted push! This marketing campaign depends on small targeted pushes. While I do not expect to go viral, I expect to achieve good registration results and I am counting on the law of small numbers even while trapped in the land of small numbers. There are many definitions of the law of small numbers. For this discussion let's use this one from econlib based on the work of Kaheman and Tversky:

"One bias they found is that people tend to believe in “the law of small numbers”; that is, they tend to generalize from small amounts of data. So, for example, if a mutual fund manager has had three above-average years in a row, many people will conclude that the fund manager is better than average, even though this conclusion does not follow from such a small amount of data. Or if the first four tosses of a coin give, say, three heads, many people will believe that the next toss is likely to be tails. Kahneman saw this belief in his own behavior as a young military psychologist in the Israeli army. Tasked with evaluating candidates for officer training, he concluded that a candidate who performed well on the battlefield or in training would be as good a leader later as he showed himself to be during the observation period. As Kahneman explained in his Nobel lecture, “As I understood clearly only when I taught statistics some years later, the idea that predictions should be less extreme than the information on which they are based is deeply counterintuitive."

Each push may only reach 100 people. But of that 100 people, a few have already decided to take a SANS course, the question is which one and where. Others are thinking about taking a SANS course, they have not decided. Still others are thinking about taking a course from someone, somewhere. Between all the communication channels available to me, (Linkedin, Facebook, Twitter, NewsBites, the three email blasts, blogs), the strategy is that touchpoints will occur:

"Marketing touch points are any methods or modes of contact between a company and the consumer. Touch points can be face-to-face discussions, promotional fliers, online ads and anything else that involves a business marketing message, brand name or logo reaching the customer. The amount and effectiveness of your small business marketing touch points can determine your level of success and the ways your marketing can be improved."

If I can reach my targeted population AND the law of small numbers works, if there are enough touch points, it will be possible to help them along their buyer's journey from Awareness, (knowing SANS and SANS courses exists), to Consideration, (looking into courses that meet their needs), to Decision, (Choosing and registering for a SANS course and, (holy grail), doing it at SANS Boston),

How does Linkedin actually work?

I was researching a lady who is using social media very effectively, Candice Galek. She wrote a viral post titled Is This Appropriate For Linkedin? The story got picked up by a Forbes blog:

"When Candice’s posts on LinkedIn started to go viral, the social network’s content algorithm kicked in, proactively deleting her post and profile picture without her notice. Rather than reach out in righteous indignation, however, Candice chose to engage intelligently with the team at LinkedIn.

After speaking to high-level employees of the company on a near-daily basis, Candice managed to get all of her posts and pictures put back in place. In fact, she is now has her own follow button, and her posts now generate almost as much engagement as well-known business leaders like Sir Richard Branson and Bill Gates."

What is this content algorithm? I tried looking it up on Google and found this post, which says:

"I conducted a study which analyzed 561 Top Posts featured in 48 Pulse channels with a single goal in mind: I wanted to know why the algorithm chose certain posts and ignored others."

Channels? What are channels? I guess that would be topic areas.

I would assume if I am in a channel, or if I can get in a channel, it would be technology, but most of my posts are tagged, the interface suggests you do that and I usually use cyber-security because that is what I do. So I did a search for cyber-security and at the bottom of page one of results was my friend Jim Voorhees and it listed two of his posts.

So I clicked on one of them and one of its tags is cyber-security. Now you may be wondering about the hyphen, typically people write cybersecurity as one word. But Linkedin forces the hyphen, you can't just make up any tag, they have a pool of them. When I did a search on cybersecurity I got vastly different results. So I went to my profile and changed my industry to Computer & Network Security. It will be interesting to see if that impacts my articles getting picked up.

Back to Candice Galek, what is her industry? Retail and that is not a channel either. Sigh, this is going to take some time.