Andy Ellis
@csoandy
Followers
19,217
Following
817
Media
5,775
Statuses
80,916
Jew. Partner, @YLVentures . Author, 1% Leadership. Hall of Fame CSO, Board Director, Investor, Leadership Coach.
Boston/Tel Aviv
Joined February 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
الهلال
• 611764 Tweets
Butler
• 606074 Tweets
#KadınaVeÇocuğaDokunma
• 226999 Tweets
Macron
• 217043 Tweets
#turkishwomenneedhelp
• 141906 Tweets
Drew
• 73147 Tweets
#WWEBadBlood
• 69294 Tweets
ناصر
• 58651 Tweets
Carvajal
• 54641 Tweets
Phillies
• 51950 Tweets
Valverde
• 41151 Tweets
سالم
• 31802 Tweets
Vini
• 28252 Tweets
جيسوس
• 23720 Tweets
Iowa
• 22274 Tweets
الشوط الاول
• 21026 Tweets
Mizzou
• 20868 Tweets
Wheeler
• 18346 Tweets
Ohio State
• 17562 Tweets
الشوط الثاني
• 15343 Tweets
Handi
• 15288 Tweets
#BallandoConLeStelle
• 14044 Tweets
Vandy
• 12220 Tweets
Modric
• 11675 Tweets
Goldberg
• 11239 Tweets
Pinned Tweet
We often tell stories from the point of view of the hero. But heroes don't notice everything; examining a story from the point of view of the villain can be informative. Let's look at Harry Potter. 1/20
15
49
262
“Your microwave needs an Internet connection.”
“Why?”
“To get patches so it isn’t vulnerable to network attacks. And DST.”
26
637
677
There goes a binary palindrome year (11111011111), exchanged for a sorted binary year (11111100000).
17
911
672
Employees don’t get paid if they don’t click links from Payroll.
Employees are subjective to disciplinary action if they don’t click links from HR.
Employees are fired if they don’t click links from the ticketing system.
Tell me how you’re training them not to click links.
"I don’t care how many times you train people from not clicking on those unsolicited emails, people do. When you get to the nation-state advanced persistent level, sometimes those emails can be really well-crafted where it’s not an unreasonable thing for somebody to click on."
3
7
60
15
110
407
Remember how when the NFL peanut gallery would argue about whether Brady or Manning was the greater QB, as peers who came in at about the same time?
Peyton just got selected to the Hall of Fame. Tomorrow, Tom is starting in his TENTH Super Bowl.
Good times.
7
54
398
@iamchrisscott
@LawyerLiz
I wonder if that was a stock answer she gave, and now it’s March 31st….
“How many books do I have to write now?
1
0
380
@BriannaWu
@TaliaKhan_MIT
Welcome to another day that starts with ‘Yom’. In every generation it is this way for Jews: literally half of our holidays are observances of that time somebody tried to kill all of us, and it always starts with the slander.
36
11
370
@noatishby
@RecordingAcad
@AnnieLennox
And she has
#globalfeminism
in her bio … she left out
#exceptforJews
.
76
14
343
@Dustinkcouch
@LadyLovesTaft
That’s just because Dumbledore spent Books 1-5 stalling for time.
We often tell stories from the point of view of the hero. But heroes don't notice everything; examining a story from the point of view of the villain can be informative. Let's look at Harry Potter. 1/20
15
49
262
4
25
301
@SwiftOnSecurity
Any sufficiently complex system is indistinguishable from a simple system to the casual observer.
10
46
233
All 3 kids in the house got
@MartysaurusRex
#HugFootballMarty
pillows, which means 3 heart surgery patients at
@BostonChildrens
also get em.
2
14
188
First: kudos to
@Cloudflare
for transparency here and throughout their incident.
Next: some thoughts on safety in distributed systems like this. (I don’t know how CF does it, so don’t take this as criticism of their practices, merely some musings from similar experiences) 1/
so that cloudflare outage was a caused by a single regex rule deployed globally in one go🤦♂️
55
830
2K
6
62
197
@CampusJewHate
@Columbia
A searchable database, maybe integrated with a course calendar, would be an awesome output.
7
3
180
What if the lottery is merely a government-run test to find precognitives?
7
59
161
@DrEliDavid
I hate to quibble, but in Brachos 44A, the Talmud subtweets Jesus, commenting that the fruit of the Genosar is very sweet, but not at all filling, and should be taken with a grain of salt.
6
5
136
Me: Why do people who hate the Patriots waste their energy watching them just to taunt?
Also me: stays up late to watch the Steelers lose. 🍿🍿🍿
6
9
147
From a prep call for a conference today: “The two people you never want to have ask to speak with you:
@taviso
and
@briankrebs
.”
Although, if necessary, I’d rather hear from them than not.
5
15
146
I’m increasingly convinced the Twitter 140 character limit is doing more to eliminate the double space after a period than anything else.
6
35
136
This is what happens when the about-to-be-8yo asks
@gisellis
for a
@stampylongnose
cake. (In progress)
http://t.co/obDUuVIMNj
20
26
119
Did you realize the ~40% of cyber security vendors' EULAs forbid even publishing a review about them? We've been so busy arguing about "responsible" disclosure for vulnerabilities, that we've been ignoring the basics around vendor transparency.
6
35
123
Wakes up.
Checks Twitter.
Sees some Internet issue.
“Not my problem anymore.”
Goes back to bed.
5
2
115
Really good write up by
@hacks4pancakes
on the intersection of IOT, home renting (and leasing at scale), physical security, and information security.
3
59
111
@Devon_Eriksen_
It wasn’t just the takedown (which was excellent), it was also the beauty of the English language in your hand.
4
0
109
Thought: humans learn best by being conscious of being wrong. In environments where it’s unsafe to be wrong, humans tell themselves (and others) stories about how they were really right all along — which negates any learning value. And they were still wrong.
4
25
101
@BriannaWu
@TaliaKhan_MIT
We have no other choice: we live like this, we celebrate our joys, or we let those who hate us destroy us.
But when we’ve spoken up in progressive spaces, we get mobbed & unpersoned. So many Jews have had to lock up their voice to support others.
6
4
96
Received CoViD jab.
Have not developed mutant powers.
Do not appear to be a 5G hotspot.
Highly disappointed in the hype.
8
4
93
@StandUp2JewHate
Why is he being called to Torah at that hour? Or are we trying to mislead those who call in threats?
10
0
81
@BritishArmy
@USArmy
@USArmyEurope
@BritishArmyUSA
Your tea is just fine, with a little Boston salt water added to it!
But blood is thicker than that.
0
0
65
First, you really want to have a good target body to jump into. Ideally, they're part of the Peverell clan, which has a long history of access to cool powers, and maybe you can get some. 11/20
1
6
78
With apologies to
@jk_rowling
, for using her characters to illustrate this point: Rarely is someone the villain in the story they tell. Usually, that's because they aren't a villain. But Albus Dumbledore and Ritual of Immortality? He’s the villain. 20/20
4
10
82
How quickly can one change one’s name? Asking for a friend...
If your first name starts with P-A-T and you’re flying into or out of BOS or ATL today, this one’s on us! We’re crediting the base fare of your flight to your JetBlue Travel Bank. Check your email for details.
#JetBlueOfficialAirline
98
350
1K
3
4
70
One path to immortality is life extension, like with the philosopher's stone. Problem? You still age. After a while, you're spending all your time fighting with Medicare Part B billing. 3/20
2
4
72
Your annual pre-RSAC pro tip. Take care of your wellness, it’s the greatest asset you control.
4
6
76
Inspired by PechaKucha, here is my attempt at telling a story -- The Villain's Quest in Harry Potter -- via Twitter. 20 "slides", one every 20 seconds. For good or ill, it'll be over soon. 0/20
4
20
71
I’m not sure who needs to hear this, but: You are more awesome than others know or give you credit for.
One day, they’ll find out.
2
12
75
@USConst_Amend_I
My contrarian take is that there are 6, not 5; that the anti-establishment right is distinct from the free exercise right.
11
2
70
It's worth remembering that not only are we not yet back to where we were in 1939, but the global genocide against Jews wasn't orchestrated by just the Nazis in Europe, but a lot of Arab nations also participated in wiping out their Jewish populations.
Ahead of Holocaust Remembrance Day in 2024, there are 15.7 million Jews worldwide.
That's still lower than the global Jewish population in 1939, before the Holocaust wiped out more than 1/3 of the world's Jews.
That's what actual genocide looks like.
81
401
1K
3
23
69
1
0
62
Ask everyone in the company two questions:
* What’s the most useless security practice we have?
* What the most glaring hole in our security near you?
You probably now know more than your predecessor. Go.
New CISOs, ISOs, and other security leads can often find themselves accidentally in this critical role.
What are the first steps a security officer should do when taking over the protection and security of an infrastructure (system, network, etc)?
59
31
148
1
11
66
You know, I’ve long been an advocate of eliminating passwords altogether, but I didn’t quite mean it this way.
0
14
64
I survived. I think the nurses are happy to be rid of their chatty & inquisitive patient. 😹😹😹
12
0
62
@brandincooks
glad you’re well enough to tweet! May the One who brings healing grace you with a speedy and full recovery.
#NotDone
2
0
60
I love it when stores have the Rosh Hashanah candy next to the Sukkot candy, even if they flipped them left/right. (Cc
@JewWhoHasItAll
)
3
3
58
And security folks wonder why marketing has a love/hate relationship with us.
4
14
59
Last week, I got to fly in the Chiefs’ equipment. This week, I’m flying with a much better package…. (cc
@MikeReiss
)
3
1
57
Sounds like a Distributed DM Denial of Service on
@SwiftOnSecurity
. Our first ever DDDoSoSoS.
HELP: I can't work with Twitter DMs anymore at my scale. Are there good 3rd-party, high-volume tools you recommend? Outlook interface?
27
11
50
1
4
53
My first day of unemployment involved 4 meetings/events and 3 calls.
I might be doing this wrong.
4
0
56
@SwiftOnSecurity
Arguably, machine decision-making will be about distancing humans from hard choices, so we can nebulously blame the system* for bad outcomes.
* or whichever outgroup the mob dislikes this week,
1
11
52
@SwiftOnSecurity
This reminds me of the old X-NSA-Keywords header people would put into SMTP headers.
3
3
52
Well, I’ve got the
@McCourtyTwins
jersey half-autographed.
@devinmccourty
left a little bit of room for you,
@JasonMcCourty
…
0
1
51
Another challenge with body-hopping is that the other body probably has a soul in it, that doesn't want to leave. So you have to share. And sharing isn't caring. 6/20
1
2
46
30 ways to shoot yourself in the foot: how not to approach a CISO (25 is my pet peeve).
11
20
51
Every so often, a cold-emailer gets my vendor rebuf () and sends me back a snippy argument. I’m not sure they realize the brand damage they cause.
11
10
52
I’ll also have to write some new keynote material before all the conferences start back up. “One Score of CSO Years Ago...” has a nice ring to it as a topic, I think ;). (14/FIN (for now))
10
1
51
You know what I’d prefer before autonomous vehicles? Intelligent traffic lights with that full sensor suite, acting to reduce congestion.
7
5
49
@JewWhoHasItAll
Yes! Especially if it’s leftover candy from the Chaggim, but even if not, it’s covered by the gleanings rule from Ruth. Of course, it’s always better if both sides are anonymous, so wearing a masked costume offers dignity to them.
0
3
49
The horcrux downside, of course, is that you never know who is going to fall prey to it. You might end up having to go through puberty again, which probably isn't high on a wizard's wish list. 9/20
1
2
44
@shaunmmaguire
@AvivaKlompas
In fairness, she’s not exactly wrong: the pro-genocide Jews are the ones in the encampment, calling for their own genocide. It’s the rest of us who are anti-genocide.
20
1
46
@Devon_Eriksen_
“The law may be an ass, but this law is a bikini model's ass” is a beautiful piece of writing.
0
0
50
I’m excited to announce that I’ve joined
@ylventures
as an Operating Partner. Together, we’ll continue to accelerate the cybersecurity startup pipeline, from seed to lead, and continue to protect a better Internet.
14
1
48
@jk_rowling
If you would like to see the prose of this story of the villainy of Albus Dumbledore, there is prose at for your further reading pleasure. 21/20
2
1
47
And since Death wants you back, you have to do unpleasant things to stay alive. Like kill unicorns. And not the Silicon Valley unicorns, those awesome ones that wander in the forest. 7/20
1
2
42
@Devon_Eriksen_
I think you can safely say you did your marketing job with a banger of a tweet today.
1
0
48
If someone trusts you enough to let you see their work-in-progress, don’t critique it as if it were done. And don’t give obvious advice about their next step; you’re not their supervisor.
3
10
47
What does the villain want in Harry Potter? Immortality! It's easy to say, "Power," but the power that matters to the villain is not dying, and everything else will flow from that. 2/20
2
2
40
We built a world-class Information Security team. Nearly a hundred professionals, who govern risk, safety, intelligence, and compliance across our business. Over 40% of whom are women. (11/)
2
1
46