This blog (perilocity) has to do with extending risk management strategies for the Internet. It starts with security and goes into new territory most people haven’t thought about in relation to the Internet.

rootanim Probably after Slammer and SoBig and Scob and the northeast power outage and assorted cable cuts, we’re all ready to admit that it’s no longer enough to say “the Internet just works.” And while we all try to keep up with patches and run firewalls, often plus intrusion detection, content caching, etc., Slammer demonstrated that even Microsoft wasn’t keeping up with its own patches, and recently we saw that even Akamai and Amazon can have at least a mini-outage. What do you do when all of the technical and procedural solutions fail?

It turns out that, especially if you look at other industries, there are many answers to that question, and this blog will talk about some of them, ranging from diversity to insurance to SOX to cat bonds to Basel II. For purchasable solutions involving such things, I recommend my employer.

Here in this blog I’m speaking for myself, not for anyone else. Here you’ll see opinions and pointers, musings and memes. Things I think might be useful, and things I just think are amusing.

Is it about security? Yes.
Performance? Yes.
Financial instruments? Yes.
Reputation systems? Yes.
Shipping and joint venture companies and chronometers? Yes.
About why you should care, and how these things are related? Yes.

Topics will vary widely, and the common thread will be perilocity.

Meanwhile, Peter Cassidy has suggested a more pithy definition:

Perilocity rhymes with velocity and stands for potential impact of a potent and manifest risk.
You may be wondering why am I doing this. Well, it seems almost everybody I know who has a blog (and that seems to be almost everybody I know) has provided cogent arguments for why a blog is just the ticket for getting a new idea into the communal thoughtstream. It also fits with my usual writing style of many short pieces (I started the first for-pay non-academic newsletter published over the Internet in 1991) getting expanded into longer pieces (I’ve been known to write two columns a month) and sometimes into books (seven and counting).

The blog is not a book; it’s more like my conference talks, except shorter. Sort of stand-up networking through the network.

So here’s Perilocity!


PS: See also the NSF-funded research project on reputational rankings for economic security incentives, SpamRankings.net.