Practice-Based Cyber Security Research

I recently read about David Gauntlett's "basket of things" approach. It gave me validation to my thinking and the apporach i'd been taking in my own research. for years, the only real inspiration was drawn from a paper by Linda Candy, who had written about practice-based research many years before. 

Guide to Practice-Based Research for Beginners

Practice-based research, also known as research-creation, distinguishes itself from traditional research methodologies by integrating hands-on creative practices into the exploration of research questions. Unlike conventional approaches, practice-based research sees making, experimenting, and experiencing as integral components of the research process, leading to the generation of new insights.

Key Principles

Here are some key principles that underpin practice-based research:

• Exploration Through Practice: The core idea is that the researcher doesn't just observe or analyze existing phenomena but actively engages in the creative process of making. This could involve designing artefacts, developing workshops, composing music, or any other form of creative activity relevant to the research question. 
• "Basket of Things" Approach: As described by David Gauntlett, a practice-based research project often unfolds as a journey, gathering a collection of processes, experiments, and experiences. Instead of a single, rigidly defined project, practice-based research often involves a series of interlinked "mini-projects" that emerge from the research process itself. Each "mini-project" might offer a partial solution or insight, leading to new questions and the next stage of exploration.
• Real-World Validation: Practice-based research emphasizes the practical relevance of findings. Validation often involves case studies, knowledge transfer to practitioners, and demonstrable impact on real-world practices.
• Ethical Considerations: The sources stress the importance of ethical conduct in practice-based research, particularly in sensitive fields like cyber security. Researchers must carefully consider informed consent, data confidentiality, and the potential impact of their findings.

Tools and Techniques

Practice-based research borrows tools and techniques from both creative practices and qualitative research methods:

• Conceptual Frameworks: These are visual representations that help to organise key concepts and their relationships, evolving as the research progresses. An example is the LACES (Local Authority Cyber Ecosystem) framework, which emerged from a decade-long practice-based research project.
• Ethnography: This method emphasises immersive observation and participation to understand behaviours, motivations, and beliefs within a specific context. The LACES project used ethnography, with the researcher acting as an observer-participant over the ten-year research period.
• Reflective Documentation: This involves systematically recording thoughts, decisions, challenges, and insights throughout the research process. Reflective documentation can take various forms, such as research diaries, journals, or annotated portfolios of creative outputs.

Examples of Practice-Based Research

• The LACES Project: This project exemplifies practice-based research in cyber security. It involved a ten-year study of cyber security in UK local governments, leading to the development of the LACES framework. The research included surveys, workshops, presentations, and case studies to refine and validate the framework.
• Developing a Cyber Security Awareness Game: A researcher might design an interactive game to educate users about cyber threats and prevention methods. The game's effectiveness could be evaluated through user testing and feedback, with findings potentially informing cyber security awareness training programmes.
• Creating a Simulated Phishing Attack Platform: A researcher could develop a platform that allows organizations to simulate phishing attacks on their employees. This platform could be used to assess vulnerabilities, provide training, and improve organizational resilience to phishing attacks.

Reporting Practice-Based Research

Reporting practice-based research often involves a combination of text and creative outputs. A written thesis provides context, explains the research process, and analyzes the findings. However, the creative outputs themselves are crucial for a complete understanding of the research. The thesis might include descriptions of how to interpret the creative outputs, highlighting their significance and contribution to knowledge.

Key Considerations for Beginners

• Clearly Define Your Research Question: Start with a well-defined research question that can be explored through creative practice.
• Embrace the Iterative Process: Be prepared for the research to unfold in unexpected ways, leading to new questions and directions.
• Document Your Journey Thoroughly: Keep detailed records of your thoughts, decisions, and the evolution of your creative outputs.
• Seek Feedback and Validation: Engage with practitioners and experts in your field to get feedback on your work and its practical implications.
• Reflect on Ethical Implications: Carefully consider the potential impact of your research and take steps to mitigate any potential harms.

Practice-based research offers a powerful approach to investigating complex issues and generating new knowledge that is grounded in real-world experience. By embracing the principles and tools of practice-based research, beginners can embark on a journey of discovery and make meaningful contributions to their field.

Enjoy the journey! 

 

Understanding the LACES Framework

The LACES  (Local Authority Cyber Ecosystem) model is a comprehensive framework developed by Mark Brett in 2024 for managing and enhancing cybersecurity posture within organisations, particularly in the context of local government in England and Wales. It acknowledges the intertwined nature of physical and digital security, adapting to various situations and use cases. The framework revolves around six interconnected variables: Governance, Assurance, Processes, Data, Resilience, and Knowledge Sharing.

Governance

• Purpose: Provides the overarching direction and oversight for cybersecurity activities.
• Key Aspects:
  • Establishing clear policies, procedures, and structures to manage cyber risks.
  • Defining the organisation's risk appetite and tolerance for information risks.
  • Ensuring compliance with relevant regulations, such as the Data Protection Act and GDPR.
  • Defining roles and responsibilities, often utilising tools like the RACI matrix.
• Examples:
  • Corporate Information Governance Group: Utilising the LACES framework for strategic planning, developing work programs, and offering templates for implementing new systems and services.
  • Data Protection Policies: Setting clear policies for data handling and protection.
  • Risk Appetite Statements: Articulating and agreeing upon a shared understanding of acceptable information risks among senior management.
  • Minimum Cyber Security Standard: Adhering to the standard published in 2018 to ensure a baseline level of security.
  • Training Regimes: Implementing education and training programs to prepare stakeholders for cyber incidents.

Assurance

• Purpose: Focuses on evaluating and mitigating cybersecurity risks through a continuous cycle of assessment and improvement.
• Key Aspects:
  • Conducting risk assessments, vulnerability management, and security audits to identify weaknesses.
  • Assessing the effectiveness of security controls and processes.
  • Reviewing and validating the security of operational processes.
  • Evaluating the organisation's resilience capabilities and identifying areas for enhancement.
• Examples:
  • Stocktake Surveys: Evaluating cybersecurity posture in local authorities.
  • Cyber Essentials Plus Certification: Obtaining certification to demonstrate compliance with cybersecurity controls.
  • Penetration Testing: Simulating cyberattacks to uncover vulnerabilities in systems and networks.
  • Physical Penetration Testing: Assessing physical security controls.

Processes

• Purpose: Encompasses the operational workflows, systems, and procedures employed to manage and safeguard information assets.
• Key Aspects:
  • Defining workflows for handling data, managing access, and responding to incidents.
  • Implementing security controls within systems and services.
  • Maintaining detailed documentation of processes and procedures.
  • Integrating resilience measures to ensure operational continuity in the event of disruptions.
• Examples:
  • Cyber Incident Response Plans and Playbooks: Outlining clear steps for detecting, containing, and recovering from cyber incidents, encompassing roles, responsibilities, and communication protocols.
  • Information Asset Registers: Creating and maintaining records of hardware, software, data, infrastructure, and outsourced services, supporting a detailed understanding of the digital environment.
  • Data Backup and Recovery Procedures: Implementing processes for data backup and restoration to mitigate data loss risks.
  • Emergency Procedures: Establishing procedures for responding to physical security incidents.

Data

• Purpose: Represents the information that needs to be protected, focusing on its confidentiality, integrity, and availability.
• Key Aspects:
  • Classifying data based on its sensitivity and implementing appropriate security controls.
  • Adhering to data protection regulations and policies, such as the Data Protection Act and GDPR.
  • Conducting data protection impact assessments (DPIAs) to identify and mitigate privacy risks.
  • Implementing data security measures, including encryption and access control systems.
• Examples:
  • Data Encryption: Using techniques to protect data at rest and in transit.
  • Access Control Systems: Implementing systems to manage user access.
  • Data Handling Guidelines: Regularly revising guidelines for information management, assurance, and governance.
  • Physical Storage of Sensitive Data: Implementing secure storage for physical documents.

Resilience

• Purpose: Ensures the organisation's ability to withstand and recover from cyber incidents and disruptions, maintaining business continuity.
• Key Aspects:
  • Developing cyber resilience plans to address potential cyber threats and vulnerabilities.
  • Conducting cyber resilience exercises to test and improve response capabilities.
  • Establishing disaster recovery plans to restore IT systems and data after major incidents.
  • Learning from past incidents and exercises to continuously enhance resilience measures.
• Examples:
  • Cyber Resilience Exercises: Simulating cyberattacks to test the organisation's response capabilities.
  • Disaster Recovery Plans: Outlining steps to restore IT systems and data.
  • Business Continuity Planning: Developing plans to ensure the continuation of critical operations during physical disruptions.

Knowledge Sharing

• Purpose: Emphasises the importance of disseminating cybersecurity knowledge and best practices, both internally and externally.
• Key Aspects:
  • Fostering a culture of knowledge sharing and collaboration within the organisation.
  • Establishing communication channels to share cybersecurity information.
  • Providing training and awareness programs to educate staff and stakeholders.
  • Collaborating with external partners to exchange threat intelligence and best practices.
• Examples:
  • Warning, Advice and Reporting Points (WARPs): Peer support groups in the public sector for sharing cyber threat information.
  • CyberShare Fusion Cell: A collaborative approach to cyber incident response and coordination, involving information sharing and joint analysis.
  • Cyber Technical Advisory Group (C-TAG): Providing technical expertise and guidance to support cyber resilience in local government.

Key Concepts and Tools

• Cyber Unique Organisation Reference Number (CUON): Randomly assigned to organisations for pseudo-anonymisation in information sharing and incident reporting.
• Consequence Relevance Acceleration Severity and Harm (CRASH) Gate: A matrix model for assessing cyber incident escalation and defining trigger points for response actions.
• Fast-Time Communications: Enabling rapid information sharing and collaboration during cyber incidents.
• Information Asset Ecosystem: A visual representation of the interconnectedness of information assets and their relationships within an organisation.

The LACES framework provides a comprehensive and adaptable approach to managing cybersecurity risks, fostering a strong security culture, and building robust resilience against evolving cyber threats. It underscores the importance of collaboration, knowledge sharing, and continuous improvement in the face of an increasingly complex digital landscape.

 

Threats and Opportunities of AI for UK Local Government

Exploring the 'Adjacent Possible': A Catalyst for Research, Creativity, and Innovation

 

The ideas presented in the sources about serendipity, chance encounters, and the environments that foster innovation deeply intertwine with the concept of the adjacent possible, even though it is not explicitly mentioned. This concept, brought to light by Stuart Kauffman, proposes that, we're surrounded by a range of possibilities that directly border our current understanding and capabilities. It's about the ideas, discoveries, and inventions that are within reach based on what we already know and have at our disposal. The sources provide a rich exploration of how this space of the adjacent possible fuels advancements in research, creative expression, and innovative breakthroughs.

The Adjacent Possible and Research: Embracing Unexpected Insights

Scientific progress often unfolds at the edges of knowledge, where unexpected findings pave the path to groundbreaking discoveries. This resonates with the concept of "serendipity" - those fortunate accidents that researchers often encounter when they venture beyond the confines of their initial hypotheses. The sources highlight how embracing the unknown and remaining open to unforeseen connections can unlock the potential of the adjacent possible in research.

• The Power of "Incompleteness": The sources emphasize "incompleteness" as a catalyst for serendipitous discoveries. Acknowledging the gaps in our understanding, the "unknown unknowns", is crucial for stepping into the adjacent possible. It's within these gaps where researchers often find the most surprising and valuable insights.
• Unexpected Data as a Guide: The sources discuss how encountering "unanticipated, anomalous and strategic" data can be a hallmark of serendipity in research. This aligns with the idea that the adjacent possible isn't always a product of meticulous planning but can emerge from unexpected observations that redirect a research trajectory towards a new breakthrough.

The Adjacent Possible and Creativity: Fostering Novel Combinations

Creativity flourishes when we dare to connect seemingly disparate ideas, disciplines, or even physical objects. The sources illuminate how this fusion of different elements echoes the exploration of the adjacent possible, where novel combinations ignite the spark of creative breakthroughs.

• "Cross-Contacts" as Creative Collisions: Highlighting "cross-contacts" as a serendipity dimension, the sources emphasize the importance of bringing dissimilar resources into contact. Whether it's the juxtaposition of different artistic styles, the blending of scientific disciplines, or even the unexpected combination of everyday objects, these collisions within the space of the adjacent possible can give birth to entirely new forms of creative expression.
• The Role of "Playfulness": The sources emphasize "playfulness" as a personal characteristic that can unlock serendipity. Approaching a creative challenge with a spirit of experimentation and a willingness to embrace unexpected outcomes allows us to swing within the adjacent possible, making novel connections and discovering unconventional solutions.

The Adjacent Possible and Innovation: From Idea to Impact

Innovation transcends mere creativity; it's about transforming creative potential into tangible solutions that address a need or opportunity. The sources give us valuable insights into how the adjacent acts as a fertile environment for the development and success of transformative ideas.

• "Liquid Networks" and the Flow of Information: In "Where Good Ideas Come From", the concept of "liquid networks" is explored, highlighting environments where information can flow freely and connect in unexpected ways. These networks, whether physical spaces like vibrant cities or digital platforms like collaborative online communities, mirror the structure of the adjacent possible, enabling the serendipitous collisions of ideas that spark innovation..
• "Slow Hunch" and the Incubation of Ideas: The sources discuss how embracing "slowability" can lead to serendipitous findings. Similarly, "Where Good Ideas Come From" introduces the concept of the "slow hunch", where ideas need time to incubate and connect in the background of our minds before blossoming into significant innovations. This incubation period often involves revisiting ideas, connecting them with new information, and allowing them to evolve within the ever-expanding realm of the adjacent possible.

In conclusion, while not explicitly named, the adjacent serves as a recurring theme throughout the sources, connecting seemingly disparate concepts and providing a framework for understanding how we discover the new, create the unexpected, and innovate for a better future.

References: 

https://link.springer.com/referenceworkentry/10.1007/978-3-319-98390-5_100-1#:~:text=The%20%E2%80%9Cadjacent%20possible%E2%80%9D%20can%20be,9).

https://thezeitgeistmovement.se/files/Books/Where_goog_ideas_come_from.pdf

The Pocket PhD

 

The Pocket PhD: An alternative Guide to Navigating the Doctoral Journey

For anyone embarking on the challenging yet rewarding journey of pursuing a PhD. Drawing inspiration from personal experience over a long time, undertaking a practice based PhD, this blog post introduces the concept of the "Pocket PhD," a personalized and adaptable approach to managing the doctoral experience. The approach will apply equally to any major project of undertaking. 

Beyond the Traditional: Reframing the PhD Experience

The sources emphasize that a PhD is not merely an academic pursuit; it's a transformative journey of self-discovery, intellectual growth, and creative exploration. They encourage doctoral students to view themselves as both writers and researchers, embracing the iterative and often messy process of knowledge creation.

The traditional model of a PhD often emphasizes linear progression and solitary study. The Pocket PhD, however, encourages a more flexible and adaptable approach, recognizing that the doctoral journey is rarely straightforward.

Essential Elements of the Pocket PhD

1. Cultivating the Right Mindset

• Embrace the "Adjacent Possible": This concept, highlighted in the sources, encourages exploring ideas and connections that emerge unexpectedly during the research process. It's about being open to serendipitous discoveries and recognizing that seemingly unrelated areas of knowledge can often provide valuable insights.The adjacent possible is a concept that describes the range of possibilities available to a given entity at a specific time. It can be used to understand how new possibilities emerge and how they are discovered, developed, and explored.
• Master Motivation and Manage Procrastination: The sources provide a range of tools and techniques to help maintain momentum and overcome procrastination, including:
  • The Dilts Pyramid: This model helps identify potential roadblocks to progress by examining various levels of experience, from the environment to personal beliefs.
  • Time Management Strategies: Employ techniques like the Pomodoro Technique, the 80/20/80 rule (achieving 80% of the results with 20% of the effort), and David Allen's Getting Things Done (GTD) method to optimize productivity.
• Develop Self-Awareness: Understand your learning style, personality type (using tools like the Myers-Briggs Type Indicator), and preferred work environment to create a sustainable and productive routine.

2. Creating Your "Office in a Bag"

Recognizing that inspiration can strike anywhere, the sources suggest creating a portable workspace—an "Office in a Bag"—equipped with essential tools and resources:

• Analogue Tools: Notebooks, index cards (for the Zettelkasten method), and highlighters for capturing ideas, making connections, and building a personal knowledge repository.
• Digital Tools: Laptops, tablets, e-readers, and smartphones loaded with note-taking apps, reference management software (like EndNote or JabRef), and mind-mapping tools (such as Mindjet).
• Hybrid Tools: Consider devices like the Alphasmart Neo2, a digital typewriter that allows for distraction-free writing and can be integrated with other digital workflows.

3. Embracing the Power of Place

While an "Office in a Bag" provides portability, the sources also highlight the importance of having a dedicated physical space that fosters focus and creativity:

• The "Studio" or "Workshop": This could be a home office, a quiet corner in a library, or even a co-working space—the key is to find an environment that allows you to enter a state of "flow."
• Embracing the Outdoors: Nature can be a powerful source of inspiration and rejuvenation. Consider incorporating walks in nature, outdoor writing sessions, or even just taking breaks to observe your surroundings.

4. Building a Toolkit of Techniques and Resources

The sources offer a wealth of practical techniques and resources for managing the research and writing process:

• The Root Processing Method: This involves organizing research materials in a hierarchical structure, similar to a computer's file directory, using mind maps and digital tools to visualize connections.
• The Amazon Brown Paper Thinking Method: This technique uses the sheets of brown paper to you throw away in your Amazon parcels, to brainstorm ideas, outline arguments, and visually map out the structure of chapters or sections.
• Leveraging Technology: Explore AI-powered tools for thought assistance, content generation, and research analysis. However, use these tools ethically and critically, ensuring that they enhance rather than replace your own critical thinking and creativity.

The Pocket PhD is not a one-size-fits-all approach; it's about customizing the doctoral experience to your unique needs, preferences, and circumstances. By adopting a flexible mindset, creating a portable workspace, curating a supportive physical environment, and building a toolkit of effective techniques, you can navigate the challenges and embrace the transformative potential of the PhD journey. This will all be explored further in a forthcoming book of the same title......

"Want To," "Have To," and "Need To"

 

 "Want To," "Have To," and "Need To"

Time Management: “Why I can't do that here” - Considering the Analogue approach in a Digital World

“Why I can't do that here” - Considering the Analogue approach in a Digital World

NLP (Neurolinguistic Programming) has a fundamental model developed by Robert Dilts, the “Dilts Pyramid” (https://youtu.be/hrK9_ZPo790?si=cnpZqvU_lwSYYxOy) Which discusses “Logical Levels”. I first discovered it twenty odd years ago and it has served me well on a daily basis. 

The model  provides a great way to understand a problem and help you understand what is “blocking” you progress (Blocking also features in agile, when we talk about “Blockers”. If you feel unable to get on with something, your not in “flow” or simply feel anxious about an issue or project, a quick dive into the model can help you understand where in the stack the issue is. It might just be the place (environment), so go somewhere else and do it! You might not know “how” to do it (Capability), so try fail fast, learn and repeat (Another agile trait!).  You get the idea. The point is there are layers to what might be holding you back, Flow is an alignment of the entire hierarchy, “When the planet align”. 

Why - Purpose

I - Identity

Can’t - Belieifs

Do - Capabilities

That - Behaviour

Here - Environment

Making schedules about what you want to do where you want to do it when you want to do it how you want to do it and most importantly, why? Setting Goals, critically with a due date or at least a review date is paramount. The Franklin Covey “Urgent v Important” matrix can help here.  The old Time Manager International  “Key Results Areas” structure,  staying focused dealing with procrastination and ensuring progress. Key Results is about having a maximum of ten areas of focus, major parts of your life, interest and work. These Key Results Areas are then broken down into task and activities. The Whole is the tree trunk, the Key Area is a branch and the task are the twigs with activities being the leaves. The roots, being the beliefs and other aspects of the Dilts Pyramid, to help ground you and keep you focused. That’s me conjoining the two approaches. 

Using and adapting a time manager system

Everything has a date on it, if relevant the time as well, books, papers, reports, diagrams, notes 

doodles, random things. No date, no context later. You’ll thank me, that random note you rediscover “O my, I thought about that twelve years ago!”. 

You will forget when over time. It matters, with it down!! It validates the future you, to your past thinking.  Moving things forward is the key constant progress. Most people find true happiness in progress. Happiness is never a destination, it’s about being grateful today for what we have achieved to date. It is about making progress, solving problems, over coming obstacles. It’s never easy, it’s not meant to be. Be brave, move forward, make progress. Everyone is different. There is no right or wrong way to get things done or organise yourself. 

You’ll work it out eventually! I still love the words to Sunscreen by Bazz Lahrmann.  https://en.wikipedia.org/wiki/Wear_Sunscreen Those words and that song, are so true. I also ascribe to The lyrics of Affirmation by Savage Garden https://genius.com/Savage-garden-affirmation-lyrics

And love the wisdom still of “IF” by Rudyard Kipling: https://poetryace.com/if There’s enough philosophy in those three things for most people to live by, just add the Scout Law & Promise and your done!

https://www.scouts.org.uk/volunteers/learning-development-and-awards/training/trainers/delivering-the-modules/delivering-training-for-all-appointments/fundamentals-of-scouting-module-5/fundamentals-details/the-promise-and-law/

Being able to stay hyper focused, is very difficult today. Over the past twenty years, I’ve felt the change, from being able to be focussed, to the distraction driven social media world we all now live in. I guess it’s one of the reasons I’m bothering to write this on New Years day 2024. It’s important to get it out of my head, acknowledge it and share my thoughts, with others who may find some value in my ramblings. 

There’s a great book, call Deep Work by Cal Newport: https://www.shortform.com/summary/deep-work-summary-cal-newport

The book really validates the concept of having to get into “Flow” which is a mental state and another great book by Mihály Csíkszentmihályi  https://www.goodreads.com/en/book/show/66354 Once your in a flow state, the Dilts Pyramid aligns and you can perform creative miracles!

A great way to stay focused for small set amounts of time, is the  Pomodoro technique: https://www.forbes.com/sites/bryancollinseurope/2020/03/03/the-pomodoro-technique/

Quite simply, you use a timer, digital, or analogue, even a kitchen timer. You then work in solid blocks of 25 minutes follower by a guilt free enforced break, then move on or repeat.  This approach of time boxing the project can help enforce discipline. Another great book is Write it down make it happen:

https://www.simonandschuster.co.uk/books/Write-It-Down-Make-It-Happen/Henriette-Anne-Klauser/9781471108402

 

Also another classic, Bird by Bird Anne Lamont : https://archive.nytimes.com/www.nytimes.com/books/97/08/17/reviews/lamott-bird.html

It’s all about setting the goal, having the destination on the horizon and getting there step by step. Coming from someone who is still working on a PhD after twenty five years, I too need to finish (PhD = Project Half Done!!!). I seriously need to get it finished and after publishing eight articles, I’m now doing it by prior output. Not the traditional route, but the destination on the horizon remains the same. 

Myers Briggs Personality Types 

I also suggest having an idea about your personality type, The Myers Bridges Type Indicator, can really help you know yourself, there are 16 types and each will have a different world view and approach to getting things done see: https://www.16personalities.com or https://eu.themyersbriggs.com/en/tools/MBTI for me in 1993, it was life changing. As an INFJ, it made me realise a lot about myself. Thirty years later MBTI/NLP and these other things I’m writing about, have been great friends on the journey. 

Micro Learnings

Use the TMI Location approach "I can do that there”. When you have a day in the Office, plan for maximum productivity. (Office only stuff). Hard rule that any distractions are written down, noted and ignored.

Procrastination

Procrastination is a fear of failure. Everything starts with the first step of action. Break the problem down until that is possible. I honestly believe procrastination is an imposter. If your trying to do a creative thing and your not in the mood, either get yourself into the zone somehow, music, environment, whatever works, or leave it for now. Do something meaningful, walk, talk, house work or another distraction. You’ll feel guilty, but likely come back and smash it when your in the mood, it maybe your subconscious is still percolating the idea. It’s not ready to hatch at that moment!

Never leave a thing without writing the next step down, then you don't need to think when you return to it, just crack on.

Minimum Viable Products, (MVP), if it's a one-off deposable, just do it on paper. Apply the 20-80-20 rule, good enough and move on. Perfection is often an excuse to linger. Think about outcomes and effects, it's the result that matters, getting there can be chaotic if need be. Know the intended outcome, how long has it got to last for? What the budget and expectation. 

Pilots are good, Agile approach, Alpha, Beta and Production. 

Quality is relative. Good enough is often all that’s needed

https://www.agileneuro.com/wp-content/uploads/2018/08/problem_solving_model_Agile_neuro.png

Micro moments - 

At points during your day, you’ll have micro moments, - use these to reflect, plan be grateful.  Carry some blank index cards to write on. If you only have a few minutes, you can still “capture the moment”, write down the passing thought and then move on.

Often our sub conscious mind will keep chewing a problem in the background, in fact our subconscious mind is always going just that. The problem happens when it spits a great idea out at us, we need to just scribble it down and then process it later. Index cards, scraps of paper, voice memos on your phone. A quick note app like Drafts on iPhone is brilliant. Index cards work great for this or just write it in your day book. Your journal is your day book, these are what use to be called common place books. 

If it doesn’t exist, build it or make it yourself

See: Van Neistat: https://www.youtube.com/@vanneistat/videos

During lockdown, I went on a journey building thinks from scrap wood, pallets and other junk I had knocking around. Forget what other think of you, this is about your journey and your creativity. Cardboard boxes and duck tape can make desk accessories, card storage boxes or any other folder or holder you might want to try. If you like what you’ve made, iterate and improve, use your “MVP” as the template and make a nicer version. 

For the record, I spent most of the day writing this and have decided to just publish it so it’s out there. Look down my other posts, there’s more detail on a fair bit of this ….

Navigating the AI Revolution: Data, Automation, and the Future of Work

The paradigm shift in AI is not just underway; it's reshaping how we think about technology, work, and society.

"AI is not just a tool; it's a new lens through which we view and shape our world."

Artificial Intelligence (AI) has long ceased to be a mere buzzword and has become a pivotal part of our digital ecosystem. It's about data and automation, about redefining workflows, and, most intriguingly, about the radical possibilities opened up through natural language interaction. But as we stand on the brink of this AI revolution, it's crucial to address the pressing issues of responsible AI, including explainability, content safety, and the ethical implications of AI deployment.

The Essence of AI: Data, Workflow, and Natural Language Interaction

At its core, AI is a blend of data sophistication and workflow automation. The emergence of natural language processing (NLP) technologies has brought a revolutionary aspect to AI, making interactions more intuitive and human-like. This evolution is not just a technical upgrade; it's a gateway to more personalized, accessible, and efficient digital experiences.

Responsible AI: A Commitment to Ethical Principles

The path to AI integration must be paved with responsibility. Key principles like explainability and content safety are not just optional extras but necessary conditions for ethical AI usage. Users need to understand how AI systems reach conclusions (explainability) and be assured that these systems are safe and reliable in parsing queries (content safety). These principles are crucial for building trust and ensuring AI's beneficial impact on society.

Prompt Engineering: Crafting AI Interactions

Microsoft's Prompt flow, involving retrieval-automated generation (RAG), is a testament to the advancements in prompt engineering. This technique is about crafting AI interactions in a way that they become more relevant, contextual, and effective. Meta prompts, which involve using metadata for secondary context, further enhance AI's ability to understand and respond to complex queries.

[Microsoft AI Blog]

https://techcommunity.microsoft.com/t5/ai-machine-learning-blog/harness-the-power-of-large-language-models-with-azure-machine/ba-p/3828459

AI in Search: Semantic Search Evolution

Semantic search, as explored by Microsoft Azure, represents a leap in search technology. By understanding the intent and contextual meaning behind queries, semantic search delivers more accurate and relevant results. This advancement exemplifies how AI can refine and redefine existing technologies.

[Azure Semantic Search]

https://learn.microsoft.com/en-us/azure/search/semantic-search-overview

AI and Cybersecurity: A New Frontier

The interaction of AI with Security Operations Centers (SOCs) and Security Information and Event Management (SIEM) systems represents a new frontier in cybersecurity. AI can automate the identification of Indicators of Compromise (IOCs), enhancing threat detection and response capabilities.

The AI-GAP Framework: Governance, Assurance, Policy

Understanding the broader implications of AI requires a robust framework like AI-GAP (Governance, Assurance, Policy). It's about ensuring that AI systems are governed ethically, operate with assurance, and are underpinned by sound policies. The UK Government's AI Strategy is an excellent resource for grasping the complex tapestry of AI governance and policy implications.

[UK Government AI Strategy]

https://www.gov.uk/government/publications/national-ai-strategy

The Future of AI: Challenges and Opportunities

As AI continues to evolve, integrating large language models (LLMs) into various applications, the challenges of ethics, bias, privacy, and copyright infringement become more pronounced. Moreover, the potential for secondary mining of metadata and issues around access control and data protection (including GDPR compliance) must be addressed.

AI and Knowledge Work: A Paradigm Shift

The shift from traditional knowledge work to data science signifies a fundamental change in the workforce landscape. AI is not just a technological tool but a catalyst for new forms of knowledge creation and dissemination. It encourages the development of new research fields and novel approaches to problem-solving.

Embracing AI: The Path Forward

As AI becomes more ingrained in our lives, from personal assistants like Siri and Alexa to more sophisticated applications in smart cities and IoT, our approach to AI needs to be both strategic and adaptive. The future holds immense possibilities for AI-enhanced solutions, but it also calls for vigilance to mitigate risks and safeguard ethical standards.

AI is indeed the most exciting and daunting technology of our times. As we navigate this transformative era, it's imperative to stay informed, adaptable, and ethically grounded. The journey into the AI-enhanced future is not just about technological adoption but about rethinking our relationship with technology itself.

Explore More:

[Artificial Intelligence and the Future]

https://www.smithsonianmag.com/innovation/artificial-intelligence-future-scenarios-180968403/

 [Microsoft's AI Upgrades]

https://joshbersin.com/2023/03/microsofts-massive-upgrade-openai-copilot-for-entire-ms-365-suite/

[Google's Generative AI]

https://workspace.google.com/blog/product-announcements/generative-ai

 [AI and White-Collar Productivity]

https://economics.mit.edu/sites/default/files/inline-files/Noy_Zhang_1.pdf