From Problem to Plan - Part 2

Welcome back everyone. In this part of the course, we're going to go through the six mental moves that are going to help you become a genius at problem solving in IT and cyber security. And this is not a claim that I'm making without knowing that this will be the case. If you learn how to apply those moves to every single situation that you encounter in your career. Before we go into the moves, I want to explain exactly how and why they're going to help you think better. I want to refer to a paper that I strongly recommend you download and read after watching this course. This paper is called the parareto structure of thoughts empirical discovery of the six foundational mental moves. In it, you will find a research study that was done on tens of thousands of people to discover exactly how they think when they are presented with a problem to solve. I quote the paper, "When thinking through a problem," quote, "Most people identify and name things, but far fewer break them into parts, relate those parts, or take alternative perspectives. " End of quote. And this is why most project fail because the people that were working on the solution were obsessed without realizing it. They had a bias towards identifying and naming things. We call this making distinctions. But they were not breaking things into parts, relating those parts which is systems and relationships or taking alternative perspectives which is perspectives in this diagram. This is concretely what this means and how it impacts you. It impacts the team of people that you're working with. Imagine you have a team and they've been tasked to think through a problem. Five out of 10 get stuck and do nothing. are going to identify things and zero out of 10 consider alternatives. Two and a half out of 10 are going to try breaking the problems into parts. We're going to call this zooming in. But zero out of 10 consider the context in which the problem appears. We call this zooming out. One and a half of them out of 10 is going to consider how the elements of the problem are related. But zero out of 10 will specify action and reactions. And less than one out of 10 is going to identify more than their own perspectives. And zero out of 10 will identify their own bias. And this is why so many IT and cyber security projects fail because the solution to begin with was based on an understanding of the problem that was incomplete. And so how do we solve this? Well, there is something called the six mental moves. I did not invent this. I will have a slide in a second that gives credit to the two leading worldleading even researchers that have discovered these moves and that are teaching them. But those moves are is and is not list zoom in zoom out parts barbell and perspective circle. And these moves are you're going to learn them in the next five 10 minutes. I'm going to explain them, but you can apply them to absolutely everything, anywhere, under any context.

In this course, I'm only going to focus on it and cyber security because that's why you're on this channel. However, I really want to encourage you that once you've learned these moves, you look for them everywhere. because they are everywhere. So you want to become an IT genius that is capable of thinking systematically. Well, the way you do it is once again you're going to learn these six moves starting in the next slide. And then the key though is to apply these moves consistently on every single problem and every single situation that you encounter. The first move is called is and is not. You can present this either in a table or a list. I prefer the table when I show it on a slide like this. But essentially, you take a concept that we all need to understand the same way when we're trying to solve a problem. And you explain what the concept is and not. And this is going to help us clearly identify definitions and be on the same page about those definitions. So, here's how it works. Imagine that you've just come across a term that you've never seen before. In this example, we will use the term volatility framework. You don't know what it is, but it's been used in a meeting that you were part of or you've seen it on an MCSI exercise. Well, you could do some research on the volatility framework and write down exactly what it is. So, it's a memory forensic framework used to analyze RAM captures. It's especially valuable for detecting fless malware, code injection, stealthy processes, and in-memory artifacts. It is a tool though that requires understanding of the operating system internals to be used properly. What volatility is not is it's not a generalpurpose digital forensic suite for any kind of evidence that you encounter. It's specifically for RAM captures and nothing else. It's also not a tool that gives you a guarantee that it's going to be able to detect automatically malicious activity. It's actually a tool to inspect the RAM of a computer and for an analyst to search for manual for malicious activity. And it's also not a beginner friendly tool. You need to know how to use the command line and you need to learn how to use this tool and in some cases write scripts to be able to automate tasks in this tool. Now when you work on solving a problem, chances are you are going to encounter terms and concepts that you don't understand fully. And by doing is and is not, this is how you're going to improve your mental map to figure out what these terms mean and therefore how they are part of the solution that you need to build now for this move but not the other moves but only for this one. I think that chat GPT generally speaking does an actually pretty good job at building is and is not tables. So you could be picking up an MCSI exercise. Maybe you're coming across a term you've never seen before and now you should be able to ask Chad GPT to write you a table and generally speaking what it puts into this table is okay. uh so that will save you a lot of time compared to doing research. However, you should still validate that the output you've gotten from chat GPT is at least correct. Now the next move is called zooming in. This is when we take a concept, a term, an idea and we break it into parts.

So here on the right you see that in blue I have written the word credentials. If I break down into parts the word credentials in cyber security we often talk about secrets and keys. So now we have two parts. When we talk about secrets well there are many different types of secrets. You have user passwords, API keys, database connection strings, client secrets, and there are more. So now I've zoomed into secrets and I've broken it down into parts even more. When we talk about keys, we often have symmetric kings and asymmetric keys. So again here I've broken it down in two. This move of taking something and pulling it into part and zooming in is called zooming in. And you can apply this to any concept that you come across. The next move is zooming out. This is when I have a keyword like the word password and I want to figure out okay well what is password a part of? Well, it might be part of credentials. And so again, you can take anything and you can always zoom out to recover the context of a term. The next move is called part party. This is when we take different parts and we explain the relationship between the parts. So imagine I have four parts. I have the part user, ro and permissions. I can connect the word user to the word role because a user has a role and the word role to the word permission because a role gives certain permissions to a user. And this is how I now understand how these four concepts are linked together. The next move is called the RDS barbell. This is when we take two parts that have a relationship between each other and we zoom in onto the relationship. So for example on the Windows operating system there is something called objects and every object has permissions. But if I zoom in I can see that there are different types of attacks that happen because of this relationship. So we have a tech method like stealing an object, guessing the permissions or the credentials of an object, using the object to escalate privileges on a machine, abuse uh you know do certain abuse type techniques on a machine. So this is we take two parts and we zoom in and we explain how these parts are related. The next move, the final one is called the perspective circle. This one is incredibly important if you work in cyber security. You want to take a term, a concept, an object and you explain all the perspectives for this object. So for example, if the object in the middle here is MCSI exercise okay well one stakeholder would be the student and the student's perspective might be that they want to improve their cyber security skills and become more employable and that's why they would want to complete an MCSI exercise. At the bottom, we have an employer and their perspective might be that they want to hire employees with demonstrated skills and a passion for cyber security and therefore if an MCSR exercise help them select candidates that have demonstrated skills and a passion that's helpful to them. And then we also have the instructors. The instructors want to give students feedback that's going to help them improve. So you see, I take a thing and then I think about what could be all the perspectives around that thing and I explain those perspectives. So these are the key questions that you can apply on literally anything. You can do is and is not by asking yourself what is X, what is not X. Zooming in and zooming out. What are the parts of X? What is X a part of?

And then you can do part party. Well, what is the relationship between X and Y? How are the parts of X related to each other? And then finally the perspective circle which is can we think of X from multiple perspectives. Now these moves you can apply them to any problem. It's not just that you can you should you must apply them to any problem that you want to solve before you start solving the problem. The goal is first we use the moves to understand the problem and then we go out and we design a solution and then once the solution's been designed only then do we implement it or we build it. So the way to get better at these six moves once again is to just practice them. You can practice them on anything. You could take an MCSI exercise and apply them. You could pick up a book on cyber security that interest you. Start with a term you don't understand and do is and is not. Then once you've understood this term, find out what else. What are the parts is this related to. Zoom in on the relationships between the parts and do the RDS barbell. Then build a system map. Show how all the parts are related to each other to a perspective circle. Think of all the different perspectives around this term. And if you did that consistently time and time again until it becomes a habit, until it's almost unconscious, you just do it. I can guarantee you for a fact that people are going to start thinking that you're an absolute genius because you're thinking of things that others are not thinking about. You're seeing connections that people are not seeing. You're connecting perspectives that people hadn't even thought needed to be considered. That's how you become a master thinker in this field. And I want to give credit to two incredible people, Dr. Derek Cabrera and Dr. Laura Cabrera, that are the ones that have done this groundbreaking research on the six mental moves. And there is a lot more that they teach via the system thinking institute. And so to all of you out there that want to be really serious about becoming really good thinkers, I would strongly encourage that you go check out the system thinking institute and that you even consider buying their courses. They run discounts quite regularly on YouTube and I think that if you want to become a better thinker, this is absolutely going to help you 100% guaranteed. So, we'll pause here for now, and in the next video, we're going to play a little game where I'll show you diagrams that I've made, and you're going to have to spot the moves.