Monday, December 25, 2017

Prioritization - what breeds true success is counter intuitive



"...if you don't take care of yourself FIRST, how can you take care of anyone else..."?

Words to live by, this is not narcissistic, not self indulgent, it's just a cold hard fact.

Your CEO is depending on you to deliver, your boss is depending on you, your direct reports are depending on you!  If you don't have what it takes to get your team together for five minutes to discuss the problem and options for success, you may not be the leader you think you are.

With all of these people depending on YOU, don't you know that they demand that you are mentally and physically able to rise to the occasion?

Brett McKay over at "...the art of manliness podcast..." breaks it down into four easy to rememember parts, he's one sharp dude and worth you time.

Assume Responsibility - Cowboy Up!

2018 - The year of the personal strength revolution



Physical toughness can get you thru a lot in the business world.  It builds confidence, hardens you up to face life's little setbacks.

It's been said many times that the key to a happy life is a healthy life.  As Tyler Durden noted, being healthy is not looking line a Calvin Klein underwear add.  Being healthy has an over abundance of benefits:  a better sex life; better sleep; allows you to remain laser focused on the tasks at hand.

For those of us who don't want to get pretty, just get stronger, take a look at the "natmove" exercise programs out there.  Not Crossfit, not a traditional gym strength program either, it's something completely different.

Erwan Le Corre, the founder of NatMove has an interesting approach to physical strength, check out his video below.

Welcome to 2018 - make a commitment to yourself to get stronger this year.  Invest in yourself.

Move Naturally - Brief Video


Thursday, December 21, 2017

Focusing Deeply, a true game changer in the workplace



Staying focused. Focusing deeply on tasks can be a game changing skill in the business world. 

Our digital office is filled with technologies that are engineered to “…pull you in…” and not let you out! On the one hand they give us unprecedented access to information, on the dark side, they are engineered to captivate, distract and mesmerize. 

 Dr. Adam Gazzaley, the founder of Neuroscape at the University of CA, San Francisco shares groundbreaking insights into distraction and multi-tasking, as well as offering us valuable tools from his research on how you can beat these distractions and deliver more value to your business.

Ted Talk with Dr. Gazzaley

Friday, December 15, 2017

Social Awkwardness



Tongue tied during that last presentation? 

Communication Skills. You have them, chances are that they could use a tune up. 

A lot of IT professionals have trouble communicating, especially, in a public setting. When IT professional get nervous in a public setting, they default to what we know best and sometimes we come off as a know it all. 

Frances Cole Jones, in the Ted Talk video below has some great tips and techniques that might just be the "E" Ticket ride you're looking for.

Frances Cole Jones, TED talk

Thursday, December 14, 2017

Interpersonal Relationship Skills



Human interactions, communication, it's really our strongest tool.  

It's either a well honed tool we use every day or a dusty piece of shelf art. 

 Too often Information Security and Compliance Professionals are perceived as being from the Department of "...NO!..".  Time to make a course correction...time to work on your communication skills. 

Caroline Webb, a frequent contributor to the Harvard Business Review,  World Economic Forum, Fast Company, Quartz, Business Insider, Huffington Post and WIRED has come great insights to share on what works and what doesn't with hard science to back it up. 

Take a look at her video presentations and research here, nothing ventured, nothing gained...

Caroline Webb


Failure is NOT an option!....or is it?



Failure...how best to manage the possibility, failures plague the IT / Business interface...you must have an IT Program Management Office to manage the four types of IT work:

(1.)  Business Sponsored Project Work
(2.) IT Sponsored Project Work
(3.) Keep the Lights On [KLO] Work
(4.) Unplanned Work [the killer]

Depending on who you ask, anywhere between 40 and 70% of IT projects end in missed requirements (failure).  

How best to manage the IT / Business interface to ensure project success, as measured by the business?  Smart leaders let the IT PMO manage their IT investments.

Gene Kim of Tripwire fame started the dialog with his ground breaking book, "The Phoenix Project", the next phase of evolution should be a much wider adoption of the Program Management Office to actively manage the IT / Business interface and forever return IT to being a servant of the Business...

Gene Kim's excellent book, the "Phoenix Project"

Attention to Detail



Attention to Detail.  It's the mark of a true Professional.  

Anything you train to do, as a professional is worth doing precisely and efficiently. 

Cloud Information Security as noted here, is an opportunity to excel or diminish your brand, in a truly spectacular fashion.

Pentagon "shares" Top Secret NSA data via "CLOUD"





Skepticism



Skepticism. A little skepticism just might be a good thing.

It amazes me that we’re not more skeptical when it comes to Internet of Things (IOT) devices and SCADA security. Not in a Fear, Uncertainty and Doubt (FUD) kind of way, just a little old fashioned healthy skepticism please.

Bruce Schneier brings to light many of the “…unintended consequences…” we will eventually face as we roll out more and more IOT connected devices and don’t ask enough skeptical questions.

A Computer as big as the world!

Don't allow your business to become over dependent on your technology...

Be Prepared. Worthless platitude or words to live by?

When I was in the Military, we used to have a saying “…six ways in, twelve ways out…”. While at the Doctors office today, all I heard was “…the internet is down, we can’t help you, go home!...”. Satisfied customers?

Arthur C. Clarke once wrote a short story, “Superiority”, penned in 1951, it should be required reading for every business leader about being too enamored by technology.

Does your team have twelve ways out?

"Superiority" by Arthur C. Clarke

Friday, October 13, 2017

Microsoft should take a lesson from US Admiral McRaven



For the love of all that is holy, publish timely, accurate, helpful documentation on your products and services!

I attended a "Security Seminar" at Microsoft's office yesterday, oddly, it was interesting. Lot's of sales pressure to be sure, interesting speakers (oddly), some interesting content (even more interesting), lunch was out-freaking-standing, but...the Evil Empire (my old Alma Mater, Microsoft) is suffering more and more each week with "...can't see the forest from the trees..." syndrome. In their rush to make everything "Azure Cloud Enabled" they are violating the 6"P's" of the Information Technology World, namely, their documentation sucks like a black hole!

Competent product documentation is expected for a company like yours, if you can't get the little things right, how can we trust you with the big stuff?

Learn to make your bed every morning dog gone it!

They could really take a lesson from US Navy Admiral McRaven's 2014 University of Texas commencement speech, made famous on Youtube, you are Microsoft for crying out loud, we expect you to do great things, but for the love of all that is Holy, do the little things right, but NO! Their product documentation really, really sucks, and the really sad part is that in the seminar yesterday, when I asked about this, they freely admitted it. They asked me to upload my documentation for them to plagiarize!

For the last few months, we've been working with Microsoft's new Data Loss Prevention [DLP] suite (a mix of some E3 and E5 level products) and they have very compelling capabilities, a rich Chinese Menu approach to DLP, somewhat difficult to explain to Engineering and Software Development Managers (we've got over twenty-five of them), but we've developed some cheat sheets, etc...to take the sting out of the Organizational Change Management [OCM] aspects of the adoption. The OCM aspects are by far the most difficult part of the implementation to date.

The big hurdles have been:

(1.) Finding relevant documentation.

If we could have found relevant documentation on the concepts, basic building blocks, product names (which seem to change almost daily), capabilities, etc...things would have gone so much more smoothly. I mean...really? The power of "scoped policies" in the Azure Information Protection blade, a total white wash in your documentation, a veritable King Kong powerhouse in reality.

(2.) "How To" articles that make no sense whatsoever.

You are not wanting for articles entitled, "blah, blah, blah deployment Roadmap...", if only it WAS a roadmap! Ninety-nine times out of one hundred it was just some engineers mental masturbation about how cool his dream is and how stupid you are for not sharing the dream and understanding his user experience to support his dream. An endless parade of embedded hyperlinks in the online documentation that takes you farther and farther down the rabbit hole and provides little to no value to the "roadmap" you are looking for in the first dang place!

I mean, now really, even Perry Clarke would have trouble figuring out how to enable AIP based outbound mail rules in this fine kettle of fish.

(3.) Blog articles that promise to be timely and relevant.

The best was the Information Security Blog article that talked about their fabulous new Tech Writer and his/her valiant efforts to bring things up to date and make them relevant. Nice idea, but, five months after the article, none of this has materialized. We used to joke that "...Microsoft has the worlds worst software and the worlds greatest marketing!...". It is no less true in 2017 that Microsoft still has the worlds best marketing (lord knows I got a refresher bombardment of marketing yesterday) and now they have the worlds worst product documentation.

Proud Moments to be certain.

RECOMMENDATION

Guys, take a breather like you did with your "...secure computing..." initiative and bring in a small army of Tech Writers, and make your Product Marketing Managers and Engineers work with them to provide we, your customers [you know, those annoying people that pay you?], with documentation worthy of the name "Microsoft", not shiny, not flashy, not "gameificationed" just helpful.

But you wont...

So, Microsoft guys and gals, if your still reading, go read this book, we, your frustrated and very technical customers will be glad you did:

Admiral McRaven's book on Amazon


Thursday, October 5, 2017

LESSONS IN LEADERSHIP



Just to prove that I am NOT the only person with great ideas, this gem is from Jeff Haden over at INC Magazine (online). It certainly resonates to those of us that worked for tyrannical managers (don't refer to managers as Leaders typically).





https://www.inc.com/jeff-haden/9-surprising-signs-youre-an-exceptional-boss-that-most-people-never-consider.html

Many people are good bosses. Some people are great bosses.

A handful go even further: They're phenomenal, not only because of what you see them do but also because of what you don't see them do.

If you're a truly phenomenal boss, what your employees see is far from everything they get.

1. You look past the action to understand the motivation.

Sometimes an employee makes a mistake or does the wrong thing. Sometimes an employee takes over a project or a role without approval or justification. Sometimes an employee jockeys for position, plays political games, or ignores company objectives in pursuit of a personal agenda.

When that happens, it's easy to assume that person won't listen or doesn't care. But there is almost always a deeper reason: The individual feels stifled, feels they have no control, feels marginalized or frustrated--or maybe is just trying to find a sense of meaning in their work that pay rates and titles can never provide.

Effective bosses deal with actions. Great boss search for the underlying issues that, when overcome, lead to a much bigger change for the better.

2. You forgive...and more importantly, you forget.

When an employee makes a mistake--especially a major mistake--it's easy to forever view that employee through the perspective of that mistake.

I know. I've done it.

But one mistake, or one weakness, is just one part of the whole person.

Great bosses are able to step back, set aside a mistake, and think about the whole employee.

If you're a great boss, you can also forget that mistake because you know that viewing any employee through the lens of one incident may forever impact how you treat that employee. (And you know the employee will be able to tell.)

To forgive may be divine, but to forget can be even more divine.

3. You place importance on employee goals as much as on organizational goals.

Good bosses inspire their employees to achieve company goals.

The best bosses make their employees feel that what they do will benefit them as much as it does the company. After all, for whom will you work harder: a company or yourself?

Whether they get professional development, an opportunity to grow, a chance to shine, or a chance to flex their favorite business muscles, employees who feel a sense of personal purpose almost always outperform employees who feel a sense of company purpose.

And they have a lot more fun doing it.

If you're a great boss, you know your employees well enough to tap the personal, not just the professional.

4. You support without seeking credit. This is MASSIVE!

A client gets upset. A supplier feels shortchanged. A colleague gets frustrated. Whatever the issue, good bosses support their employees. They know that to do otherwise undermines the employee's credibility and possibly authority.

Afterward, most bosses will say to the employee, "Listen, I took up for you, but...."

If you're a great boss, you don't say anything afterwards. You feel that supporting your employees--even if that shines a negative spotlight on you--is the right thing to do, and is therefore unexceptional.

Even though we all know it isn't.

5. You make fewer public decisions.

When a decision needs to be made, most of the time the best person to make that decision isn't the boss. Most of the time, the best person is the employee closest to the issue.

Decisiveness is a quality of a good boss. Great bosses are decisive too, but often in a different way: They decide they aren't the right person to make a decision, and then decide who is the right person.

You do it not because you want to avoid making certain decisions, but because you know you shouldn't make certain decisions.

6. You don't see control as a reward.

Many people desperately want to be the boss so they can finally call the shots.

As a great boss, you don't care about control. So your employees don't see you as someone who exercises control.

And that's great, because you would rather be seen as a person who helps.

7. You let your employees learn their own lessons.

It's easy for a boss to get heavy-handed and turn a teachable moment into a lesson learned.

It's a lot harder to let people learn their own lessons, even though the lessons we learn on our own are the lessons we remember forever.

Great bosses don't scold or dictate; they work together with an employee to figure out what happened and what to do to correct the mistake. They help find a better way, not a disciplinary way.

After all, great employees don't need to be scolded or reprimanded. They know what they did wrong. That's why you know that sometimes staying silent is the best way to ensure they remember.

8. You let your employees have the ideas.

Years ago, I worked in manufacturing and my boss sent me to help move the production control offices. It was basically manual labor, but for two days it put me in a position to watch and hear and learn a lot about how the plant's production flow was controlled.

I found it fascinating, and later, I asked my boss if I could be trained to fill in as a production clerk. Those two days sparked a lifelong interest in productivity and process improvement.

Later he admitted he had a larger motive. "I knew you'd go in there with your eyes wide open," he said, "and once you got a little taste, I knew you'd love it."

If you're a great boss, you see the potential in your employees--and you find ways to let them have the ideas, even though the outcome was what you hoped for all along.

9. You always go home feeling you could have done a little better.

Leadership is like a smorgasbord of insecurity. You name it, bosses worry about it.

That's why the best leaders go home every day feeling they could have done things a little better, or faster, or smarter. They wish they had treated employees with a little more sensitivity or empathy.

Most importantly, they go home feeling they could have done more to fulfill the trust their employees place in them.

And that's why, although other people can't see it, when you walk in the door every day, you make a silent commitment to do your job even better than you did yesterday.

Why? Because you're a great boss

I agree with most of this, that being said, I'd like to tip my hat to some great bosses and employee decision makers that I have known:

Ron Glickman - a visionary CIO if there ever was one.

Jeff Hekmati - a great INFOSEC skillset, coupled with humility, the heart of a servant, a rapier like wit and an Einstein like intellect

Tomas Byrnes - light years ahead of the pack, a great friend, a great father, a Modern Tesla intellect

The list goes on...

Friday, September 29, 2017

THE HR DEPARTMENT DILEMMA - PART 2



Live Free or Die Hard, or, why do "Consulting Companies" promote slavery?

Talent acquisition is a key success factor to any business. So, why does my in house HR department and their bevy of flesh merchants have such a hard time, sorting the wheat from the chaff?

It's as if, when we talk, they are either not actually listening, or they are biding their time, waiting for their opportunity to speak.

They never seem to send candidates until I pester them, and when they do, the candidate is not an INFOSEC person, they are a shoe maker, turnip truck driver, etc...