Saturday, August 13, 2016

1.47 seconds

A friend of mine -- a retired CIA covert guy, who now lectures, drives race cars, sits on a few boards,
and has dinner with me occasionally, does a two hour lecture that he calls "1.47 seconds". 1.47 seconds is the amount of time between the Boston bomb blast and when people in the ally behind were hit with schrapnel from the blast.

The questions he postulates is, what, or how, could people outside of direct contact of the bomb have been warned in that 1.47 seconds to make them take cover?

It's an interesting question, and one I think about often when I write a blog, publish a report, or, send a victim notification.  In fact, one question I consider often is even if I tell them, will they listen? Will they know what to do with the information I'm providing them?  For the customers we're used to serving, the answer is yes, but for many (probably 90% of the market) the answer is a resounding no.

So why does "1.47 seconds" stick with me? Because I watch the market churn --and the same companies targeted over and over by noisy marketers hawking some of the best, and some of the worst products, and I wonder to myself, what in 1.47 seconds could we do to cut through all that marketing b*ll sh*t, to get a real message out with real impact? What could we do to get the word out in such a way that it's easily understood, easily consumed, and actually used?

So we've been experimenting with a couple of non-marketing techniques --yes, I realize my blog has a bit of a slant --we're a cash flow company --no investors. We can't hire mountains of marketing people and sales people in every city, so, my blog becomes a bit slanted. It's literally the only marketing we do (except maybe sponsor an occasional high school robotics).

Our latest experiment is fairly simple.

  • We've been posting the executive summary and product meta-data in the Wapack Labs blog. It was time to move readership from my personal blog to the company blog. 
  • We've focused much of our analysis on being proactive. Instead of simply analyzing past events, we look for indicators of coming events --and yes, we've been quite successful.
  • We're focusing our intelligence team on 'desired objectives by select bad guys' before the event occurs. That way, companies know what's coming, and we sometimes know who and how before it happens.
  • And we've been working intelligence as a team sport --converged with the needs of physical and industrial security personnel. 
Every time a new product gets published, the executive summary gets posted to  Every product that has indicators, has a link to our indicator database (Threat Recon) or our Soltra Edge instance ( 

We've offered up our raw collections (key loggers, sinkholes, etc.) to others who'd like to use them in their own analysis --that API should be up shortly, but today, roughly a hundred people have run queries against our backend.  

So, 1.47 seconds? Stand by. More to follow... That's where we're heading. 

In the mean time, please follow We publish almost daily. The reporting is a mix if cyber, physical executed via cyber, or intelligence collected via cyber.  

If we can help, call us. We're busy as hell, but that keeps us going!

Until next time,
Have a great weekend!