Im Not Happy Till You're Not Happy: Building better Information Security relationships


Published on

Published in: Technology, Sports
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Not trying to feed you a bunch of fluff. We’re talking about requirements, here.
  • As an Information security professional, you are an excellent defender of NASA… if you can pull off a magical balancing act.
  • You’ve probably gotten to the point where you have to say NO incredibly often. Are you saying it more than yes?
  • Now, if it goes too far….
  • It could have an impact on the mission
  • Think about what exactly you are saying no to
  • Let’s talk about the people you work with
  • What are they trying to do? Do you even know? Have you asked?L’Enfant’s Plan for DC
  • They are trying to build things Diehl
  • Marvelous things, complex thingsDealing with complex people, processes and requirements of their own, in order to contribute to even greater, more complex things Diehl
  • So, if they present you with a solution, have you asked what they are trying to accomplish? What problem they are trying to solve?Or are you comfortable not understanding?
  • You can be part of the success. In Information Security, you are an enabler.
  • See the person, and what problem they are trying to solve. Diehl
  • Because you can offer alternatives. Ones that meet security requirements, and integrate with the constraints of our environment… Diehl
  • With knowledgeable questions, you can break down defensive postures… or maybe the motivation you perceive isn’t actually true.
  • Do you want the relationships to be better? Go in with noble intent. Assume noble intent. Don’t sabotage the relationship from the start.
  • You may find that sometimes what looks like anger [and hostility], is actually pasta.
  • And remember that badgering gets you nowhere.Badgers: Original flash animation: Your Meme:
  • If you make yourself an obstacle to completing their work, your customers will actively go around you, ultimately creating more risk.
  • Because they just want to do their work
  • So, how do you see the people and their requirements in the organization?
  • While most have same basic requirements, their individual roles often come with a not-so common set of additional requirements.
  • The more personally invested you become, the easier it is to do these things:Asking “How can I help?” “what are you trying to do?”And learning that “No” is most often too simple of an answer, and actually makes more work for you in the end.
  • Have you made yourself part of it?Do you know it?Are excited by it?Are *curious* about it?
  • You can be a hero for them on a daily basis… when your security role helps them to do their jobs better
  • Im Not Happy Till You're Not Happy: Building better Information Security relationships

    1. 1. I’m not happy ‘till you’re not happy<br /><br />
    2. 2. Building better Information Security relationships<br />Heather Diehl, PMP | Enterprise Architecture | ITCD, 702<br />Information Assurance @Goddard<br />June 27, 2011<br /><br />
    3. 3.<br />
    4. 4.<br />
    5. 5.
    6. 6.
    7. 7.<br />
    8. 8.
    9. 9.
    10. 10.
    11. 11. My photo. Thanks!<br />
    12. 12. My photo. Thanks!<br />
    13. 13.<br />
    14. 14.<br />
    15. 15. My photo. Thanks!<br />
    16. 16. My photo. Thanks!<br />
    17. 17.<br />
    18. 18.<br />
    19. 19.<br />
    20. 20.<br />
    21. 21.<br />
    22. 22.<br />
    23. 23.<br />
    24. 24.
    25. 25.<br />
    26. 26.<br />
    27. 27.<br />