Did you listen to my appearance on the Down the Rabbithole Security Newscast for April 7?

What started as a guest spot to share some insights on the Target breach has turned into a regular appearance on the Down the Rabbithole (DtR) Security Newscast with Raf Los (@Wh1t3Rabbit)  and James Jardine (@JardineSoftware). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. It marks a long-overdue return to podcasting for me. As a participant, I'm drawn to the combination of our energy and the ease with which we explore different perspectives. More bluntly, we don't always run with the herd, and we're happy to share. For me, that keeps it interesting. I think it will for you, too. We don't always agree, but we're agreeable, and tackling tough issues in enterprise security with an eye toward how our … [Read more...]

How to use visualization to move faster and create more value

How to use visualization to move faster and create more value

Success is built on value. Value is realized when connected to people. The challenge is finding and focusing on the right elements in business that create value. Making the right decisions to advance the business, amplify value, and protect what is important means getting the right information and mutual understanding of what matters. The key to moving faster and creating value is visualization. This seemingly simple and often overlooked exercise allows people to actually "see" how things work. Done properly, individuals contribute their insight and experience to the process and emerge with a clear, mutual understanding. While the outcome is useful, the process matters more. It lends itself to questions; not of the person, but of the process. Bring people … [Read more...]

3 basic elements every good story needs

3 basic elements every good story needs

Stories are an important way to connect people to value. A popular topic during my keynotes and training sessions, I usually explore the importance with a simple question: “What are the three essential parts a story must contain?” I smile as I pose the question. People shift uncomfortably in their chairs. Eyes dart away. Confident business leaders don't want to be called on. They don’t know they’re safe; I don’t call on people (who does that?). As the silence builds, someone finally blurts out, “beginning, middle, and end?” More question than statement, the relief in the crowd is evident. Heads begin to nod again as eyes return focus on me. I smile and thank them for the courage to answer and assure the audience it's not a trick question. While I'm not sure … [Read more...]

Security Catalyst February mid-month review & update

With my writing  (and podcast appearances) spread over a few different platforms, including this blog, I wanted to put together a post capturing some insights that could prove useful for you. Please share this with anyone you think would benefit.  As we keep moving forward, hopefully the newsletter -- including the curated aspects -- will find a groove. Meanwhile, this is an attempt at keeping in touch. A way to share news on a more regular basis. An opportunity to outline some areas of research, and offer a heads-up about future writing topics. Maybe it affords us a reason to connect and chat. Consider it an invitation to educate me and have your own experience amplified for others. Also seeing a welcomed interest in Into the Breach. Did you know it's available … [Read more...]

Why problems defined in terms of solutions decrease value and increase risk

We live in a world that demands action. Often action trumps results. The mere appearance of solving problems becomes more important than actually finding and addressing the right problems. This even happens to people with the best of intentions. Pressed for time, the search for solution takes precedence over defining the problem. When a suitable approach is discovered, the problem is hastily framed in terms of the solution. That's if the problem is defined at all. Many times, it's skipped in favor of making progress. Here's the problem: while it satisfies the need to demonstrate action, this approach increases friction (especially the friction of communication); the result is decreased value and increased risk. To avoid this trap, cultivate the discipline … [Read more...]