Ehud Barak is current Israeli Minister of Defense, former IDF Chief of Staff and former Prime Minister  that led the disastrous withdrawal from Lebanon that fomented Intifada II and then Lebanese War II.  Barak is famous for quotes like “If I was a Palestinian, I would also be a suicide bomber” or “If I was an Iranian, I would also build nuclear weapons“.

During her military service as an assistant in the Central Command bureau Anat Kamm secretly copied over 2,000 classified documents, copied the documents to a CD and leaked it to the Israeli Haaretz journalist Uri Blau. Kamm  was recently convicted of espionage and leaking confidential information without authorization and sentenced to 4.5 years in prison after a plea bargain.

Former Mossad chief Meir Dagan has recently voiced unrestrained criticism of the current administration’s defense policy in the service of his political activism; criticism which is supposedly based on his inside knowledge from the Mossad.

Meir Dagan, together with Gen. Gabi Ashkenazi (former chief of staff), Gen. Amos Yadlin (former head of military intelligence), and Yuval Diskin (former head of Shin Bet), opposed an attack on Iran. While in office (they all retired between November 2010 and May 2011), the Gang of Four successfully blocked attempts by Netanyahu and Barak to move forward on the military option.

Of the four, only Dagan has spoken openly, after leaving office, about what he considers to be the folly of an attack on Iran —  and openly criticized Netanyahu and Barak for irresponsibly pushing Israel to an unnecessary war, relying on his former position of responsibility as chief of intelligence as as implying that what he said must be true.

It was unclear why Dagan would speak of plans best left undisclosed. Unclear, at least until last week, when Dagan announced his plans for a movement to change the method of Israeli government, leaving his options to enter politics in the future open.

I wish Dagan luck.  I’m not happy with his way of publicizing his political activism at the risk of treading the thin line of information leak. It places him on the same slippery slope as Anat Kam who lamely attempted to justify her actions as an act of political protest.

In comparison with Dagan, Barak is circumspect (despite his unfortunate quotes and bad decisions).

Barak was asked about the possibility of making a decision on attacking Iran in the Israeli daily Ha’aretz.

Arguing for the right of people to use the Internet freely is an appropriate policy for the United States, both because it aligns with the strategic goal of strengthening civil society worldwide and because it resonates with American beliefs about freedom of expression

By switching from an instrumental to an environmental view of the effects of social media on the public sphere, the United States will be able to take advantage of the long-term benefits these tools promise.

Oooh – I just love this stuff “resonates with American beliefs” and “environmental view of the effects of social media on the public sphere“

“Some ideas are so stupid only intellectuals believe them.”

George Orwell

Twitter and Facebook are communication tools. Not values.

It is the height of foolishness to assert that a communications tool like Facebook and Twitter is a substitute for values. Sure it makes it easier for 80,000 people to attend demonstrations someone else is funding, but don’t forget the agendas of the people funding the demonstrations.

The US will not be able to “to take advantage of the long-term benefits these tools promise” unless it takes a moral and value position, clearly delineating the basic dos ( for starters - honor your parents, honor freedom of religion) and don’ts (not killing your citizens, not raping your women, not chopping off hands of thieves, not funding Muslim terrorists, not holding the world at gun-point over the price of oil).

There is no evidence that social media changes government policy

Look at Egypt. Look at Israel. Look at Wall Street.

Social media hype is escapism from dealing with fundamental issues

Let’s assume that the US has an agenda and responsibility to make the world a better place.

Green / clean energy.  Healthy people.

I think we can all agree these are  good thing for the world. Did social media play any kind of role at all in the blunders of  the Obama administration in their energy or healthcare initiatives? Does the administration have a good record or a bad record with these initiatives?

Solyndra is an illustration of how a major Obama contributor took half a billion in loan guarantees and walked away without exposure.   The factory employed about 150 people and stimulated the pockets of a small number of wealthy people.   And, do not forget, Solyndra is kids stuff compared to the $80 Billion in real money that the US government squandered on Afghan electrification projects with no oversight on the cost-plus contractors that delivered zip to Afghanistan.

Mr. Obama and his yea-sayers like Clay Shirkey need the hifalutin talk about the importance of social media and free speech, to deflect voter attention from  rewards to their campaign contributors, financial service institutions, government contractors and Beltway insiders and winning the next Presidential election.

What is happening in the US healthcare space is fascinating as stimulus funds (or what they call in the Middle East – “baksheesh”) are being paid to doctors to acquire an Electronic Health Records system that has “meaningful use”. The term “meaningful use” is vaguely  defined in the stimulus bill as programs that can enable data interchange, e-prescribing and quality indicators.

Our hospital recently spent millions on a emr that does not integrate with any outpatient emr. Where is the data exchanger and who deploys it? What button is clicked to make this happen! My practice is currently changing its emr. We are paying big bucks for partial data migration. All the assurances we had about data portability when we purchased our original emr were exaggerated to make a sale. Industry should have standards. In construction there are 2×4 ‘s , not 2×3.5 ‘s.
Government should not impinge on privacy and free trade but they absolutely have a key role in creating standards that ensure safety and promote growth in industry.
Read more here:  Healthcare interoperatbility pains

Mr Obama’s biggest weakness is that he has huge visions but he can’t be bothered with the details so he lets his team and party members hack out implementations, which is why his healthcare initiatives are on a very shaky footing – as the above doctor aptly noted.  But perhaps something more profound is at work. The stimulus bill does not mention standards as a pre-requisite for EHR, and I assume that the tacit assumption (like many things American) is that standards will “happen” due to the power of free markets. This is at odds with Mr. Obama’s political agenda of big socialistic government with central planning. As the doctor said: “government absolutely (must) have a key role in creating standards that ensure safety and promote growth in industry”.  The expectation that this administration set is that they will take care of things, not that free markets will take care of things.  In the meantime, standards are being developed by private-public partnerships like HITSP – enabling healthcare interoperability

The Healthcare Information Technology Standards Panel (HITSP) is a cooperative partnership between the public and private sectors. The Panel was formed for the purpose of harmonizing and integrating standards that will meet clinical and business needs for sharing information among organizations and systems.

It’s notable that HITSP stresses their mission as meeting clinical and business needs for sharing information among organizations and systems.   The managed-care organizations call people consumers so that they don’t have to think of them as patients.

I have written here, here and here about the drawbacks of packaging Federal money, defense contractors and industry lobbies as “private-public partnerships”.

You can give a doctor $20k of Federal money to buy EMR software, but if it doesn’t interact with the most important data source of all (the patient), everyone’s ROI (the doctor, the patient and the government) will approach zero.

Vendor-neutral standards are key to interoperability. If the Internet were built to HITSP style standards, there would be islands of Internet connectivity and back-patting press-releases, but no Internet.

The best vendor-neutral standards we have today are created by the IETF – a private group of volunteers, not by a “private-public partnership”.

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The IETF Mission Statement is documented in RFC 3935.

However – vendor-neutral standards are a necessary but insufficient condition for “meaningful use” of data.  There also has to be fast, cheap and easy to use access in the “last mile”.  In healthcare – the last mile is the patient-doctor interaction.

About 10-15 years ago, interoperability in the telecommunications and  B2B spaces was based on an EDI paradigm with centralized messaging hubs for system to system document interchange. As mobile evolved into 3G, cellular applications made a hard shift to a distributed paradigm with middleware-enabled interoperability from a consumer handset to all kinds of 3G services – location, games, billing, accounting etc running at the operator and it’s content partners.

The healthcare industry is still at the EDI stage of development – as we can see from organizations like WEDI and HIMSS

The Workgroup for Electronic Data Interchange (WEDI)

Improve the administrative efficiency, quality and cost effectiveness of healthcare through the implementation of business strategies for electronic record-keeping, and information exchange and management...provide multi-stakeholder leadership and guidance to the healthcare industry on how to use and leverage the industry’s collective technology, knowledge, expertise and information resources to improve the administrative efficiency, quality and cost effectiveness of healthcare information.

What happened to quality and effectiveness of patient-care?

It is not about IT and cost-effectiveness of information (whatever that means). It’s about getting the doctor and her patient exactly the data they need when they need it.   That’s why the doctor went to medical school.

Compare EDI-style message-hub centric protocols to RSS/Atom on the Web where any Web site can publish content and any endpoint (browser or tablet device) can subscribe easily. As far as I can see, the EHR space is still dominated by the  ”message hub, system-system, health-provider to health provider to insurance company to government agency” model, while in the meantime, tablets are popping everywhere with interesting medical applications. All these interesting applications will not be worth much if they don’t interact enable the patient and doctor to share the data.

Imagine the impact of IETF style standards, lightweight protocols (like RSS/Atom) and $50 tablets running data sharing apps between doctors and patients.

Imagine vendor-neutral, standard middleware for  EHR applications that would expose data for patients and doctors using an encrypted Atom protocol – very simple, very easy to implement, easy to secure and with very clear privacy boundaries. Perhaps not my first choice for sharing radiology data but a great way to share vital signs and significant events like falling and BP drops.

This would be the big game changer  for the entire healthcare industry.  Not baksheesh. Not EDI. Not private-public partnerships.

An article published in the Federal Times states that Cyber attacks on Federal networks are up 40% from last year according to a report compiled by the OMB (Office of Management Budget) that  is based on numbers reported by the DHS.

The US spends a lot of money on cyber security, over half of which goes to contractors like Raytheon and SAIC- who are part of the Obama Administration euphemistic private-public “partnership”.

A recent report by INPUT — “Federal Information Security Market, 2010-2015” — predicts that federal investment in information security will rise from $8.6 billion in 2010 to $13.3 billion by 2015 at a compound annual growth rate of 9.1 percent, nearly twice the rate of overall federal IT spending.

“Over the last year, federal agencies have seen a 78 percent growth in cyber incidents. This demand for increased information security is greater than any other current technology, leaving it more immune to the recent federal budget cuts.” Key drivers for the expected increase in investment in information security include a 445 percent increase in cyber security incidents since 2006, a shortage of qualified security professionals, and an increasingly complex and interconnected technology environment. “

In the relationship between the US government and IT security contractors, it’s actually in the interests of the contractors for the number of cyber attacks to go up – since if they went down – they might be out of a job.

The data from the DHS supports this hypothesis by revealing that over 2/3 of Federal agencies have unacceptable data security monitoring systems.

One would assume that the OMB would require Federal agencies to take affirmative action to improve their data security by linking budget to improved data security metrics but instead, the report makes a parveh politically-correct recommendation to improve IT security worker effectiveness instead of IT security countermeasure effectiveness.

In order to improve IT security countermeasure effectiveness in the US Federal Government, the OMB should reduce base payments to contractors and vendors who provide IT security services and data security technologies and link their compensation to a reduction in the damage caused to US government data and network assets.   By using metrics and well-defined targets (like 90% of the government agencies doing data security monitoring),  it’s possible to reduce Federal value at risk, but as long as contractors are feeding off the Federal milk cow at GSA rates it’s not likely to happen in our lifetime.

Federal agencies suffered 41,776 cyber attacks in 2010, up from 30,000 the previous year, according to the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT), which is tasked with defending the dot-gov domain and sharing information with industry and local governments.

Almost two-thirds of US Government agencies are not yet continuously monitoring their systems for vulnerabilities and intrusions at an acceptable level, and 8 percent of agencies had no monitoring program in place.

Last fiscal year, civilian agencies spent 74 percent of their IT security budget on government personnel salaries and benefits and contractors. Overall security spending made up 16 percent of agencies’ IT budgets. Contractors accounted for 54 percent of their staff, and government made up 46 percent. At the Defense Department, 68 percent of IT security workers are government employees.

I normally blog about data security issues – I specialize in helping medical device manufacturers secure their software, protect their patient data and comply with regulations like HIPAA.

However – the recent terror flotilla to Israel, the double moral standard of the UN Human Rights Council condemning Israel 25 times in the past 3 years without condemning once human rights violations in Iran and Darfur – makes one pause to think.

In Israel there is a general feeling that Israelis are to blame for the world hating Israelis.

There are at least six versions to this way of thinking – first is anti-semitism (people hate Israelis because they are Jewish), a second version is that extreme left university professors have provided the political rhetoric and ammunition for our enemies,  a third version is that our political leaders are weak and or corrupt (Bibi and Barak),  a fourth version is that the occupation has corrupted Israeli morals, making Israelis despicable in the eyes of the world, a fifth version is that if we would only get our public relations sorted out and speak with a British accent – then the world would accept Jewish presence and a sixth version says that the Palestinians, Iranians and Syrians really want peace – and that if Israel would only stop the occupation and down-size, then we would have peace and the world would accept the Jewish nation – once it had been reduced to an acceptably small, bite-sized portion.

I believe that all versions rest on one question which has not been fundamentally tested – which is what do our neighbors really want?

Deborah Fink from the organisation Jews for Boycotting Israeli Goods (J-BIG), said it was “disgusting” that so many children were present to support the Israeli state.

They’ve been brainwashed. We wouldn’t bring loads of children out to things like this. They go to schools where they’re brainwashed with Israeli propaganda.

Ms Fink is one of many British Jews who campaign for an end to the occupation of Gaza and the West Bank.

Apparently Ms. Fink is mind-controlled by Palestinian propaganda and has conveniently forgot that Israel does not occupy Gaza, having left that area almost 5 years ago. Read more at BBC News – Gaza Crisis. I recommend that Ms. Fink read about the unilateral disengagement from Gaza in August 2005.

Unfortunately, we – Israelis are mind-controlled as well and have forgotten our primary mission – which is the development of the state of Israel – not down-sizing, not outsourcing nor appeasing terrorists.

There is I believe, a fundamental misunderstanding of what makes terrorists tick.

In order to test the assumption behind the various Middle East peace plans of the past 30 years – it is important to test an important hypothesis – “Israel’s neighbors want peace”.

Let’s conduct  a “gedanken experiment”  using 2 assumptions, which I believe are accepted by most politicians today – and consistent with US, Russian and European foreign policy:

Since there is wide agreement in Israel, the US, Europe and Muslim countries, that Israel holds the keys to regional peace – then it becomes a question of price – how much are the other parties (Syria, Palestine, Iran, Turkey …) willing to pay to acquire that product – i.e. peace.

The price might be – how much land Syria is willing to give us in return for peace or how much water Turkey is willing to give us in exchange or how much land Palestine is willing to pay in return for peace or how badly Iran wants Israeli  technology for clean power generation.

Once we have agreed on the price – it’s just a question of agreeing terms of payment and issuing the PO.

If the thought experiment is correct then, the current Israeli strategy of paying the buyer to take our product seems ludicrous.

If the thought experiment is incorrect – then one or more of our assumptions must be false – either our neighbors don’t want peace, peace is not a valuable commodity or – Israel doesn’t hold the keys to acquiring peace in the Middle East.

Reading past the political vitriol of Iran and Abu Maazen,  it’s therefore important to examine our assumptions, starting with the question – “What do terrorists really want?”  and understand why Israel is losing the war against terror.

Here is a piece from a colleague and friend – Todd Walzer, Todd and I worked together at Intel Fab 8 in Jerusalem in the 80′s.

Working at Intel Jerusalem in the 1980′s, we were all in awe of Japan. Quality Circles, Just-In-Time Manufacturing – Japan was way ahead.  20 years later, it’s still a quality-first country, but there are a few chinks in the armor.

Recently I paid a visit to a top-tier auto makers’ factory.  After the factory-floor discussions, we walked over to the office building, which maintains a traditional “lean and mean” atmosphere.  Little more than a tin hall, with lines of desks in open space, lights switched off by sensors above unmanned desks. The small open-space “meeting area” has high tables with no chairs. Meetings are held standing up – short and to the point.

In the meeting area is a bulletin board, and one posting caught my eye.  It was a list of “This Month’s 10 Worst Suppliers”, replete with graphs and defect counts.

I can’t recall this methodology from any of my business school textbooks, and still not sure what to make of it. One way or another, it left an impression on me.  I bet it made an even greater impression on those 10 companies.

The recent Toyota crisis is not without its cultural hypotheses on the Japan side.  ”The U.S. is bashing Toyota for displacing GM as #1.”  ”Toyota’s failure stems from adopting too many foreign parts suppliers as part of its aggressive expansion”.

The Japan economy, stagnant the past 20 years, is in need of positive thinking.  I expect a turnaround with the change of generation, in 5-10 years time. My modest wish: on a future visit to this factory, I hope to see a Best Ten Suppliers List tacked up next to the Worst Ten.

Where the Americans are focussed on finance and bonuses and Obamacare – the Japanese are still focussed on quality and manufacturing – after having adopted Deming’s philosophy of Total Quality after WWII – the Americans are adrift on their own home turf, printing money to fund socialist public policy and setting world records in executive fraud and data security breaches.  The Japanese may need to have more positive thinking but in my opinion, the Americans need to get back to basics of innovation and quality manufacturing.

When I talk about employee data security vulnerabilities, I like to bring examples of how gambling or cyber-stalking can threaten an employee and make them vulnerable into being exploited and disclosing or manipulated company information. A competitor or criminal may offer to help with a gambling debt in return for stealing some documents.   That’s a bribe of course. When an employee steals proprietary company documents and leaks them to a competitor the damage is done – even if the company is not immediately aware.

Bribes are way of doing business in some countries.   In Russia, it’s institutionalized, on the table and part of the process. In the US – it’s been wrapped, packaged and prettified as media consultants, management consultants and congressional lobbyists.  In Russia, it’s acceptable to talk about paying 50,000 US Dollars to get the name of the official in Moscow municipality who approves vending machine permits.  In the US – it’s still taboo to ask how much Obama paid a media consultant to get his name to the top of list of the Nobel comittee.

Of all the the talkbacks I saw the past few days heaping scorn or praise on the Nobel Peace Prize committee, not a single comment was made on when the Obama application was added to the list of 205 candidates for the Peace Prize.   Since – it appears trivial that the selection process takes close to a year and Obama has been in office only 9 months, one may assume that the decision to promote Obama for Peace was taken sometime in the beginning of the presidency.   I can visualize a process where a consultant was retained to identify the key movers and shakers and then additional influencers retained to promote Obama with the key movers and shakers who would then make sure the committee made the right decision – which aligns the particular left-leaning political agendas of both the committee and the US President.

Timing is an important element in a bribe. If you need to make a bubble payment on your mortgage – it’s money you need now. If you’re a President with a declining popularity rating, it’s political capital you need now.  I don’t really see the difference between the two.

However, federal agencies cannot move effectively to more secure systems unless you shift the emphasis of the FISMA assessments from paper reporting to automated monitoring of essential controls. …  Two weeks ago, a federal CIO told me, “I have a CISO who always gets me to green on my FISMA grades, but the reports he produces have no impact at all on security of our computers or networks, I am setting up a separate group to do real security.” This CIO can do both because of a surge of funding his organization has received from the new stimulus bill.

One of the biggest sins of man is hubris. The Obama administration is guilty of hubris. As an American living outside the US in the Middle East – I can say that where I live – we see a US President who projects an image of a superstar/saviour/me​dia-star, who turns his back on old relationships, who delivers ultimatums, who waffles on dictators and who bases his foreign policy on appeasement and his domestic policy on regulation.

OK – now that I got that rant out of my system – let’s talk about data loss prevention and the sin of hubris.

A good deal of data security spending on products from companies like Fidelis Security Systems, Verdasys, Mcafee, Websense, Symantec and RSA is driven by privacy compliance and to a lesser degree (since it’s less direct) by corporate governance (SOX says you shouldn’t cook the books which is not exactly a data loss threat but DLP is often part of an enterprise security policy for monitoring data leakage inside the company and detecting certain types of fraudulent activity).

It is a given that the US economy is the most highly regulated on earth – over 1percent of the GDP is spent on corporate governance and compliance to laws like SOX and GLBH. It is a simple observation that despite privacy compliance regulation – the US is a world leader in large scale data loss events.

Therefore – it stands to reason that privacy regulation and all the technology we’re throwing at the problem is not an effective data security countermeasure. IT spend on security and governance is what – about $10BN/year?

And we pretend to be able to prevent data leakage?

This is a sin of hubris.