SlideShare a Scribd company logo

The Human Side of Information Security

Download as PPTX, PDF
Rob Arnold
Rob Arnold

The document summarizes key points from a presentation on the human side of information security. It discusses how managing technical experts can be challenging, even for technical managers. It emphasizes maintaining work-life balance through inbox and task management. It stresses the importance of building cohesive, interdependent teams through shared goals, recognition of accomplishments, and enriching jobs. It also recommends regular communication, marketing of successes, and organizational clarity.

Technology
1 of 30
The Human Side of Information Security Presented by: Rob Arnold, CISSP
Rob Arnold • Human for 47 years • Musician for 39 years • IT guy for 19 years • Security guy for 17 years • Manager for 8 years
Agenda • The Security Connection • The CEO of One • There are two “I’s” in team • Drill Deeper
THE SECURITY CONNECTION The Human Side of Information Security
When Worlds Collide • Security managers are usually senior security practitioners first • Managing (developing and retaining) technical experts is hard, even for a manager who is one of them • Receiving management support mentorship and training is the exception, not the rule • Best techs may not make the best managers
Demand > Supply • Understand the market – http://www.bls.gov/ooh/computer-and- information-technology/information-security- analysts.htm – http://www.bls.gov/oes/CURRENT/oes151122.ht m
Area: Kansas City, MO-KS Employment: 720 Location Quotient: 1.24 Employment per 1,000: 0.73 Annual mean wage: $79,550
THE CEO OF ONE The Human Side of Information Security
Maintain inbox zero • The four-D system – Delegate – Defer – Do – Delete • Only touch a piece of mail (or paper) once • Use rules, conditional formatting, and other mail client features to impose order
Manage your now • Planning at the 1-day time scale – Schedule your day, once a day – Weekly wrap-up of deferred work • Strategic deferral of work • Quick win: turn off notifications of new email
Track your success • Support your team by reviewing their individual accomplishments • Yes, this is resume building • Every quarter, review this list with each of your team
THERE ARE TWO “I’S” IN TEAM The Human Side of Information Security
The first: Identification • Actively seek inside jokes, code names, restrictive vocabulary • Find a common adversary • Not: tshirts, uniforms, pieces of flair • Focus on characteristics you share • Manage how your team is perceived
The second: Interdependence • Change the emphasis from “we’ll fail unless we pull together” to “cooperation is the best success strategy” • Let cooperation be the proxy for interdependence • Look out for undermining team members • Look out for “groupthink” • Make your team exclusive--“select” rather than “assign”
Open your mouth • Make it as close as possible to the result • Tell other people about your team’s successes • Make it in front of the team if at all possible • Your team hears your praise long after you give it
Set the tone • Don’t let the praise get diluted by a background level of indifference (or worse) • Talk to your team, and listen. • Quick win: Make a list – Mark a + by the people you greet regularly – Mark a 0 by the people you greet occasionally – Mark a – by the people you greet rarely
Enrich their jobs • This is not “more work to do” • Think vertical, not horizontal • Look for opportunities to engage with your organization’s senior leaders • This is an effective way to challenge and reward high performers • Increases a sense of mastery
Stand up your meeting • Quick win: Daily stand up meetings • Rules of engagement: – Mandatory – Standing – Only discuss today’s work plan • Benefits: – Visibility, accountability, reduced duplication of effort
Marketing is not a department • Marketing is: – Every time your staff answers the phone – Every email sent from your team – Every invoice you send – Every deliverable you generate for a customer • The sum total of all the things your team does
Cultivate organizational clarity • A healthy organization knows: – Why the organization exists – What values are fundamental – What business it is in – Who its competition is – How it is unique – What it plans to achieve – Who is responsible for what
DRILL DEEPER The Human Side of Information Security
Death by Meeting: A Leadership Fable...About Solving the Most Painful Problem in Business, Patrick Lencioni
The Man Who Lied to His Laptop: What Machines Teach Us About Human Relationships, Clifford Nass
Rework, Jason Fried and David Hansson
First, Break All the Rules: What the World's Greatest Managers Do Differently, Marcus Buckingham and Curt W Coffman
Total Workday Control Using Microsoft® Outlook, Michael Linenberger
• HBR Management tip of the day: @ManagementTip http://hbr.org/tip • Ask A Manager: @AskAManager http://www.askamanager.org/
Thank you! rarnold@ku.edu

Recommended

Sustainable Leadership: How to help leaders in a VUCA-world with David Ducheyne
Sustainable Leadership: How to help leaders in a VUCA-world with David DucheyneSustainable Leadership: How to help leaders in a VUCA-world with David Ducheyne
Sustainable Leadership: How to help leaders in a VUCA-world with David DucheyneICF Team and Group Coaching Community of Practice
 
Scorecard 2
Scorecard 2Scorecard 2
Scorecard 2dmdk12
 
5.13 ppt great leaders are great communicators and motivators
5.13 ppt great leaders are great communicators and motivators5.13 ppt great leaders are great communicators and motivators
5.13 ppt great leaders are great communicators and motivatorsTauseef Akhtar Ansari
 
004 philosophy
004 philosophy004 philosophy
004 philosophyAbi Bellamkonda
 
Culture9 info
Culture9 infoCulture9 info
Culture9 infokabirmahlotra
 
Netflix Culture - Benchmarking for Pathway Group
Netflix Culture - Benchmarking for Pathway GroupNetflix Culture - Benchmarking for Pathway Group
Netflix Culture - Benchmarking for Pathway GroupThe Pathway Group
 
Linkedin talk aug 14.2
Linkedin talk aug 14.2Linkedin talk aug 14.2
Linkedin talk aug 14.2Fred Kofman
 
Creating a Culture to Empower your Team, Erik Devetak, Xeneta
Creating a Culture to Empower your Team, Erik Devetak, XenetaCreating a Culture to Empower your Team, Erik Devetak, Xeneta
Creating a Culture to Empower your Team, Erik Devetak, XenetaUXDXConf
 

Recommended

Sustainable Leadership: How to help leaders in a VUCA-world with David Ducheyne
Sustainable Leadership: How to help leaders in a VUCA-world with David DucheyneSustainable Leadership: How to help leaders in a VUCA-world with David Ducheyne
Sustainable Leadership: How to help leaders in a VUCA-world with David DucheyneICF Team and Group Coaching Community of Practice
 
Scorecard 2
Scorecard 2Scorecard 2
Scorecard 2dmdk12
 
5.13 ppt great leaders are great communicators and motivators
5.13 ppt great leaders are great communicators and motivators5.13 ppt great leaders are great communicators and motivators
5.13 ppt great leaders are great communicators and motivatorsTauseef Akhtar Ansari
 
004 philosophy
004 philosophy004 philosophy
004 philosophyAbi Bellamkonda
 
Culture9 info
Culture9 infoCulture9 info
Culture9 infokabirmahlotra
 
Netflix Culture - Benchmarking for Pathway Group
Netflix Culture - Benchmarking for Pathway GroupNetflix Culture - Benchmarking for Pathway Group
Netflix Culture - Benchmarking for Pathway GroupThe Pathway Group
 
Linkedin talk aug 14.2
Linkedin talk aug 14.2Linkedin talk aug 14.2
Linkedin talk aug 14.2Fred Kofman
 
Creating a Culture to Empower your Team, Erik Devetak, Xeneta
Creating a Culture to Empower your Team, Erik Devetak, XenetaCreating a Culture to Empower your Team, Erik Devetak, Xeneta
Creating a Culture to Empower your Team, Erik Devetak, XenetaUXDXConf
 
Teamwork at a2i for Service Innovation
Teamwork at a2i for Service InnovationTeamwork at a2i for Service Innovation
Teamwork at a2i for Service InnovationAnir Chowdhury
 
Wendy Safety Leadership[1]
Wendy Safety Leadership[1]Wendy Safety Leadership[1]
Wendy Safety Leadership[1]wendystein
 
Why leaders in 21st century fail
Why leaders in 21st century failWhy leaders in 21st century fail
Why leaders in 21st century failRajul Lokhandwala
 
Generational diversity in the workplace may 2010
Generational diversity in the workplace may 2010Generational diversity in the workplace may 2010
Generational diversity in the workplace may 2010The Chicago School of Professional Psychology
 
Mickey Lahmann
Mickey LahmannMickey Lahmann
Mickey LahmannWSU Cougars
 
Y Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a TeamY Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a TeamFabien Grenet
 
Why leaders in 21st century fail – an
Why leaders in 21st century fail – anWhy leaders in 21st century fail – an
Why leaders in 21st century fail – anRajul Lokhandwala
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityCase IQ
 
Strengths-based Leadership Development
Strengths-based Leadership DevelopmentStrengths-based Leadership Development
Strengths-based Leadership DevelopmentJennifer Lambert
 
Innovation culture
Innovation cultureInnovation culture
Innovation cultureLassonde School of Engineering
 
Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11AmplifyFest
 
Empowerment-TRAINING
Empowerment-TRAININGEmpowerment-TRAINING
Empowerment-TRAININGKanaidi ken
 
Class 14 power n politics 2
Class 14 power n politics 2Class 14 power n politics 2
Class 14 power n politics 2manikanta malla
 
Tools for diagnosis
Tools for diagnosisTools for diagnosis
Tools for diagnosisSupritha Kannan
 
Possible's For-Impact Culture Code
Possible's For-Impact Culture CodePossible's For-Impact Culture Code
Possible's For-Impact Culture CodePossible
 
UC leadership
UC leadershipUC leadership
UC leadershipRoxanne Missingham
 
A Trusting Workplace
A Trusting WorkplaceA Trusting Workplace
A Trusting WorkplaceJ Mark Walker
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 
Developing Enlightened Leaders
Developing Enlightened LeadersDeveloping Enlightened Leaders
Developing Enlightened LeadersTraining Industry Conference & Expo
 
Investing in People 2013
Investing in People 2013 Investing in People 2013
Investing in People 2013 Peter Cosgrove
 
Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)Ron Lichty
 
Staffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development OfficeStaffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development Office4Good.org
 

More Related Content

What's hot

Teamwork at a2i for Service Innovation
Teamwork at a2i for Service InnovationTeamwork at a2i for Service Innovation
Teamwork at a2i for Service InnovationAnir Chowdhury
 
Wendy Safety Leadership[1]
Wendy Safety Leadership[1]Wendy Safety Leadership[1]
Wendy Safety Leadership[1]wendystein
 
Why leaders in 21st century fail
Why leaders in 21st century failWhy leaders in 21st century fail
Why leaders in 21st century failRajul Lokhandwala
 
Y Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a TeamY Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a TeamFabien Grenet
 
Why leaders in 21st century fail – an
Why leaders in 21st century fail – anWhy leaders in 21st century fail – an
Why leaders in 21st century fail – anRajul Lokhandwala
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityCase IQ
 
Strengths-based Leadership Development
Strengths-based Leadership DevelopmentStrengths-based Leadership Development
Strengths-based Leadership DevelopmentJennifer Lambert
 
Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11AmplifyFest
 
Empowerment-TRAINING
Empowerment-TRAININGEmpowerment-TRAINING
Empowerment-TRAININGKanaidi ken
 
Class 14 power n politics 2
Class 14 power n politics 2Class 14 power n politics 2
Class 14 power n politics 2manikanta malla
 
Possible's For-Impact Culture Code
Possible's For-Impact Culture CodePossible's For-Impact Culture Code
Possible's For-Impact Culture CodePossible
 
A Trusting Workplace
A Trusting WorkplaceA Trusting Workplace
A Trusting WorkplaceJ Mark Walker
 

What's hot (17)

Teamwork at a2i for Service Innovation
Teamwork at a2i for Service InnovationTeamwork at a2i for Service Innovation
Teamwork at a2i for Service Innovation
 
Wendy Safety Leadership[1]
Wendy Safety Leadership[1]Wendy Safety Leadership[1]
Wendy Safety Leadership[1]
 
Why leaders in 21st century fail
Why leaders in 21st century failWhy leaders in 21st century fail
Why leaders in 21st century fail
 
Generational diversity in the workplace may 2010
Generational diversity in the workplace may 2010Generational diversity in the workplace may 2010
Generational diversity in the workplace may 2010
 
Mickey Lahmann
Mickey LahmannMickey Lahmann
Mickey Lahmann
 
Y Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a TeamY Combinator Startup Class #10 : Company Culture and Building a Team
Y Combinator Startup Class #10 : Company Culture and Building a Team
 
Why leaders in 21st century fail – an
Why leaders in 21st century fail – anWhy leaders in 21st century fail – an
Why leaders in 21st century fail – an
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and Security
 
Strengths-based Leadership Development
Strengths-based Leadership DevelopmentStrengths-based Leadership Development
Strengths-based Leadership Development
 
Innovation culture
Innovation cultureInnovation culture
Innovation culture
 
Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11Jon_Katzenbach_Amplify11
Jon_Katzenbach_Amplify11
 
Empowerment-TRAINING
Empowerment-TRAININGEmpowerment-TRAINING
Empowerment-TRAINING
 
Class 14 power n politics 2
Class 14 power n politics 2Class 14 power n politics 2
Class 14 power n politics 2
 
Tools for diagnosis
Tools for diagnosisTools for diagnosis
Tools for diagnosis
 
Possible's For-Impact Culture Code
Possible's For-Impact Culture CodePossible's For-Impact Culture Code
Possible's For-Impact Culture Code
 
UC leadership
UC leadershipUC leadership
UC leadership
 
A Trusting Workplace
A Trusting WorkplaceA Trusting Workplace
A Trusting Workplace
 

Similar to The Human Side of Information Security

Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 
Investing in People 2013
Investing in People 2013 Investing in People 2013
Investing in People 2013 Peter Cosgrove
 
Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)Ron Lichty
 
Staffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development OfficeStaffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development Office4Good.org
 
Webinar - Learn How To Upgrade From Executive To Leader PPT
Webinar - Learn How To Upgrade From Executive To Leader PPTWebinar - Learn How To Upgrade From Executive To Leader PPT
Webinar - Learn How To Upgrade From Executive To Leader PPTAbhishek Prasoon
 
TPP Recruitment - The Journey of a Fundraiser
TPP Recruitment - The Journey of a FundraiserTPP Recruitment - The Journey of a Fundraiser
TPP Recruitment - The Journey of a FundraiserTPP Recruitment
 
Finding, Hiring and Engaging Superstar Employees for Your Small Business
Finding, Hiring and Engaging Superstar Employees for Your Small BusinessFinding, Hiring and Engaging Superstar Employees for Your Small Business
Finding, Hiring and Engaging Superstar Employees for Your Small BusinessKabbage
 
Crash Course: Managing Software People and Teams (Code Camp '12, SV)
Crash Course: Managing Software People and Teams (Code Camp '12, SV)Crash Course: Managing Software People and Teams (Code Camp '12, SV)
Crash Course: Managing Software People and Teams (Code Camp '12, SV)Ron Lichty
 
Creating a good workplace
Creating a good workplaceCreating a good workplace
Creating a good workplaceMario Clement
 
Product talk good sw mgmt 11.13.12 (startup product meetup)
Product talk good sw mgmt 11.13.12 (startup product meetup)Product talk good sw mgmt 11.13.12 (startup product meetup)
Product talk good sw mgmt 11.13.12 (startup product meetup)Ron Lichty
 
Product talk: Good Software Management: 11.13.12 (startup product meetup)
Product talk: Good Software Management: 11.13.12 (startup product meetup)Product talk: Good Software Management: 11.13.12 (startup product meetup)
Product talk: Good Software Management: 11.13.12 (startup product meetup)Ron Lichty
 
Advance Manager Training
Advance Manager TrainingAdvance Manager Training
Advance Manager TrainingAdam Patterson
 
Ob ppt communication 21 sept
Ob ppt communication 21 septOb ppt communication 21 sept
Ob ppt communication 21 septPooja Sakhla
 
9.2 managing your board.pptx
9.2 managing your board.pptx9.2 managing your board.pptx
9.2 managing your board.pptxRick Rasmussen
 
Executive branding how to position your leader
Executive branding how to position your leaderExecutive branding how to position your leader
Executive branding how to position your leaderAniisu K Verghese
 
Become the CEO: An Employee Excitement Survey
Become the CEO: An Employee Excitement SurveyBecome the CEO: An Employee Excitement Survey
Become the CEO: An Employee Excitement SurveyArgyle Executive Forum
 

Similar to The Human Side of Information Security (20)

Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
 
Developing Enlightened Leaders
Developing Enlightened LeadersDeveloping Enlightened Leaders
Developing Enlightened Leaders
 
Investing in People 2013
Investing in People 2013 Investing in People 2013
Investing in People 2013
 
Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)Do you want to be a manager (are you sure)
Do you want to be a manager (are you sure)
 
Staffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development OfficeStaffing Software Management Positions in a Development Office
Staffing Software Management Positions in a Development Office
 
Webinar - Learn How To Upgrade From Executive To Leader PPT
Webinar - Learn How To Upgrade From Executive To Leader PPTWebinar - Learn How To Upgrade From Executive To Leader PPT
Webinar - Learn How To Upgrade From Executive To Leader PPT
 
TPP Recruitment - The Journey of a Fundraiser
TPP Recruitment - The Journey of a FundraiserTPP Recruitment - The Journey of a Fundraiser
TPP Recruitment - The Journey of a Fundraiser
 
Finding, Hiring and Engaging Superstar Employees for Your Small Business
Finding, Hiring and Engaging Superstar Employees for Your Small BusinessFinding, Hiring and Engaging Superstar Employees for Your Small Business
Finding, Hiring and Engaging Superstar Employees for Your Small Business
 
Crash Course: Managing Software People and Teams (Code Camp '12, SV)
Crash Course: Managing Software People and Teams (Code Camp '12, SV)Crash Course: Managing Software People and Teams (Code Camp '12, SV)
Crash Course: Managing Software People and Teams (Code Camp '12, SV)
 
Creating a good workplace
Creating a good workplaceCreating a good workplace
Creating a good workplace
 
2.1 your company.pptx
2.1 your company.pptx2.1 your company.pptx
2.1 your company.pptx
 
Product talk good sw mgmt 11.13.12 (startup product meetup)
Product talk good sw mgmt 11.13.12 (startup product meetup)Product talk good sw mgmt 11.13.12 (startup product meetup)
Product talk good sw mgmt 11.13.12 (startup product meetup)
 
Product talk: Good Software Management: 11.13.12 (startup product meetup)
Product talk: Good Software Management: 11.13.12 (startup product meetup)Product talk: Good Software Management: 11.13.12 (startup product meetup)
Product talk: Good Software Management: 11.13.12 (startup product meetup)
 
Advance Manager Training
Advance Manager TrainingAdvance Manager Training
Advance Manager Training
 
Ob ppt communication 21 sept
Ob ppt communication 21 septOb ppt communication 21 sept
Ob ppt communication 21 sept
 
Culture deck
Culture deckCulture deck
Culture deck
 
9.2 managing your board.pptx
9.2 managing your board.pptx9.2 managing your board.pptx
9.2 managing your board.pptx
 
Executive branding how to position your leader
Executive branding how to position your leaderExecutive branding how to position your leader
Executive branding how to position your leader
 
Qlc winning jack welch
Qlc winning jack welchQlc winning jack welch
Qlc winning jack welch
 
Become the CEO: An Employee Excitement Survey
Become the CEO: An Employee Excitement SurveyBecome the CEO: An Employee Excitement Survey
Become the CEO: An Employee Excitement Survey
 

Recently uploaded

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

The Human Side of Information Security

  • 1. The Human Side of Information Security Presented by: Rob Arnold, CISSP
  • 2. Rob Arnold • Human for 47 years • Musician for 39 years • IT guy for 19 years • Security guy for 17 years • Manager for 8 years
  • 3. Agenda • The Security Connection • The CEO of One • There are two “I’s” in team • Drill Deeper
  • 4. THE SECURITY CONNECTION The Human Side of Information Security
  • 5. When Worlds Collide • Security managers are usually senior security practitioners first • Managing (developing and retaining) technical experts is hard, even for a manager who is one of them • Receiving management support mentorship and training is the exception, not the rule • Best techs may not make the best managers
  • 6. Demand > Supply • Understand the market – http://www.bls.gov/ooh/computer-and- information-technology/information-security- analysts.htm – http://www.bls.gov/oes/CURRENT/oes151122.ht m
  • 7.
  • 8.
  • 9. Area: Kansas City, MO-KS Employment: 720 Location Quotient: 1.24 Employment per 1,000: 0.73 Annual mean wage: $79,550
  • 10. THE CEO OF ONE The Human Side of Information Security
  • 11. Maintain inbox zero • The four-D system – Delegate – Defer – Do – Delete • Only touch a piece of mail (or paper) once • Use rules, conditional formatting, and other mail client features to impose order
  • 12. Manage your now • Planning at the 1-day time scale – Schedule your day, once a day – Weekly wrap-up of deferred work • Strategic deferral of work • Quick win: turn off notifications of new email
  • 13. Track your success • Support your team by reviewing their individual accomplishments • Yes, this is resume building • Every quarter, review this list with each of your team
  • 14. THERE ARE TWO “I’S” IN TEAM The Human Side of Information Security
  • 15. The first: Identification • Actively seek inside jokes, code names, restrictive vocabulary • Find a common adversary • Not: tshirts, uniforms, pieces of flair • Focus on characteristics you share • Manage how your team is perceived
  • 16. The second: Interdependence • Change the emphasis from “we’ll fail unless we pull together” to “cooperation is the best success strategy” • Let cooperation be the proxy for interdependence • Look out for undermining team members • Look out for “groupthink” • Make your team exclusive--“select” rather than “assign”
  • 17. Open your mouth • Make it as close as possible to the result • Tell other people about your team’s successes • Make it in front of the team if at all possible • Your team hears your praise long after you give it
  • 18. Set the tone • Don’t let the praise get diluted by a background level of indifference (or worse) • Talk to your team, and listen. • Quick win: Make a list – Mark a + by the people you greet regularly – Mark a 0 by the people you greet occasionally – Mark a – by the people you greet rarely
  • 19. Enrich their jobs • This is not “more work to do” • Think vertical, not horizontal • Look for opportunities to engage with your organization’s senior leaders • This is an effective way to challenge and reward high performers • Increases a sense of mastery
  • 20. Stand up your meeting • Quick win: Daily stand up meetings • Rules of engagement: – Mandatory – Standing – Only discuss today’s work plan • Benefits: – Visibility, accountability, reduced duplication of effort
  • 21. Marketing is not a department • Marketing is: – Every time your staff answers the phone – Every email sent from your team – Every invoice you send – Every deliverable you generate for a customer • The sum total of all the things your team does
  • 22. Cultivate organizational clarity • A healthy organization knows: – Why the organization exists – What values are fundamental – What business it is in – Who its competition is – How it is unique – What it plans to achieve – Who is responsible for what
  • 23. DRILL DEEPER The Human Side of Information Security
  • 24. Death by Meeting: A Leadership Fable...About Solving the Most Painful Problem in Business, Patrick Lencioni
  • 25. The Man Who Lied to His Laptop: What Machines Teach Us About Human Relationships, Clifford Nass
  • 26. Rework, Jason Fried and David Hansson
  • 27. First, Break All the Rules: What the World's Greatest Managers Do Differently, Marcus Buckingham and Curt W Coffman
  • 28. Total Workday Control Using Microsoft® Outlook, Michael Linenberger
  • 29. • HBR Management tip of the day: @ManagementTip http://hbr.org/tip • Ask A Manager: @AskAManager http://www.askamanager.org/

Editor's Notes

  1. My proudest accomplishment: training two excellent managers
  2. Four sections, but we may not make it to the last one
  3. Why is a talk about soft skills relevant at all at a security conference?
  4. Can’t approach management like an ascended technician and succeed. Don’t be a senior tech with a manager badge.
  5. Retention had better be a priority BLS is a ROBUST source of data
  6. This is conservative—doesn’t account for announced plans at federal level for expansion of infosec
  7. We are close to the median in KC, about $750 under Around 30-40 infosec job postings on indeed.com
  8. You can literally see the greener pastures Location quotient: location quotient greater than one indicates the occupation has a higher share of employment than average, and a location quotient less than one indicates the occupation is less prevalent in the area than average.
  9. “People don’t leave jobs, they leave managers” Before you can successfully manage others, learn to manage yourself.
  10. One bonus tip—the reference folder
  11. Plenty of other systems for this, GTD is popular
  12. Put a spotlight on accomplishments Discuss the merits of the master resume
  13. After you have the individual development working well, team development is next
  14. Story: how my analyst made a developer cry
  15. Story: how we handled a 170 person separation order
  16. Add discussion of written commendation—talk about the cumulative effect
  17. Human beings, not human resources Discuss open door policy and “drive-up window”
  18. Talk about succession planning Discuss how I share visibility of sr. leadership work downward
  19. Talk about why I choose to do mine at 9:50 and the relation to day planning
  20. Talk about holding your printed deliverables up next to Verizon DBIR or a PwC Global survey report
  21. Flexibility can be the enemy of clarity You can’t keep your options open Clarity lends power to the vision Don’t lead from fear or uncertainty Clarity supports accountability Your team can’t do your marketing without a clear understanding of your values and purpose
  22. Sharing resources to help you continue the journey
  23. Easy start, quick read, quick win. Lencioni’s other books are also worth reading.
  24. A psychologist develops significant insight about human interaction by studying human-machine interaction
  25. Ideas to challenge your acceptance of conventional wisdom
  26. Characteristics of the best managers 12 point assessment
  27. I like the twitter feeds as a way to get a small daily dose of management coaching