Yes I made a horrible pun (and did it before I knew about the misinformation film Plandemic). But I stand behind it. This is my current plan as of today for the pandemic moving forward.

It is clear that the SARS-CoV-2 aka COVID-19 outbreak is not going away. In spite of people talking about the different waves of this plague over the past 15-16 months, I’d say from early 2020 up until a couple of months ago was simply the first wave. Yes I am glad that my family and close friends are vaxxed up, and we’ve enjoyed publicly socializing where it is not in a Starbucks parking lot. But the COVID-19 mutations have changed things, and I anticipate a second wave.

The Second Wave

With four variants (the Delta variant getting the most headlines) causing more and more hot spots here in the USA, it’s time for me to begin a stricter self-lockdown. This means restaurants will once again be curbside only - if I go at all. Only vaccinated family and friends that follow mask discipline when in public will be allowed in the house. The very few retail stores we had begun to visit are back on the online order and home delivery list.

Why? I think most of you are aware there is no guarantee that we are immune, even if vaccinated. Various studies have shown COVID-19 vaccines are anywhere from 85% down to as low as 65% effective at preventing infection (depending on whose study you read). Thankfully the vaccine does prevent nearly all hospitalization and death cases if a vaccinated person gets COVID-19. In other words, I could potentially catch and spread COVID-19 to people close to me. As the wife and I were already not the healthiest people before the pandemic, we don’t want to risk getting extremely ill.

With vaccinations in the US still less than 50% and the Delta variant rising, we are going to end up with more COVID-19 cases. And with more cases we’re probably going to have more variants - possibly variants that the current vaccines cannot protect against. All in all, things look glum.

(Note: resources I used are listed at the end of this blog post)

Risk Assessment

How did we come to this decision? A part of what I do for a living is risk assessment, and as one who urges caution in all things computer and technology, it becomes fairly easy to start applying a few basic principles to other situations. It only makes sense that if there is a risk, one mitigates against it.

Within the Infosec community one stresses patching, avoiding shady websites, and using strong passwords. We recommend using two factor authentication, and even if only SMS is available you should at least use that. Similarly, for the pandemic the mitigations include getting vaccinated, avoiding close contact, and wearing masks. Wash your hands frequently and use hand sanitizer if you have it. In both scenarios you are trying to prevent a bad thing from happening - of course the steps are not perfect and not a 100% guarantee of no incidents, but they do mitigate a lot of the risk.

Work Impact

My day-to-day work will not be impacted, as the company I work for has always been all remote. So that part won’t change. However some of the things I liked to do pre-pandemic will still not be happening. Let’s take security conferences as a point of discussion.

With the first wave that started in 2020, a number of conferences were cancelled or switched from in person to virtual. I personally welcomed the change, and once I learned I could present remotely and even record my own talk, that was it. I hate slides, and I can get rid of them if I record my own video! However, I can’t lie - I do miss “hallway con” and the general “hanging out” with like-minded security folk, many who I have not seen in quite a while at this point.

Let’s take just the Vegas conferences as an example. Clark County in Nevada, home to Las Vegas and a wonderful series of security and hacker conferences in the summer, is experiencing a surge of new COVID-19 cases. I have friends that live there that report a huge lack of masks, and quite frankly even if residents were masking up I think I would reach the same conclusion about Vegas Summer Camp - I’m not attending in person. At this point I don’t plan on attending RSAC 2022 in person as I expect the second wave to still be at full stride. And based upon vaccination rates, it’s even money in my book that Vegas Summer Camp might be off the table in 2022 as well.

Again with the whole risk assessment thing, I have additional concerns. Even if I am masked up and vaxxed, if I am in Vegas and the shit hits the COVID-powered fan, I could be stuck there if the airports shut down or flights are cancelled. And in a new COVID crisis, I’d prefer to be at home with my family and close friends. There could be a new variant even more contagious than Delta that erupts there, turning every meal with friends into spreader events. And on and on. Lots and lots of risk.

So Here We Are

About a week ago, my wife approached me first, and said we needed to talk about possibly locking ourselves down. I had been thinking the same thing but had not worked up the courage to approach her yet - we were enjoying the freedom of going to a restaurant or shopping at an antique store, both really wanted to go on a real vacation, and I didn’t want to rain on the parade. But as a couple of paranoids (or “realists” as we try to present ourselves to others), we decided we needed to change things based upon the state of the pandemic, and we are back behind closed doors.

I hope we’re wrong and overreacting. I always hope that. But we were right when we did this in early February of 2020, and I’d rather be prepared and feel good about it than one of us get sick and the other watches in regretful agony.

Edit: I had planned to publish this blog post on Monday even though we made this decision a few days ago, but as the danger increases I decided to go ahead.

Resources

Here are some resources used. I didn’t try to rely too heavily on various news sites and tried to go to sources that just show trending and patterns:

• COVID-19 information from the World Health Organization

• The COVID-19 info from Our World in Data

• John Hopkins University Map

• Many of the sources for this Wikipedia page