What is a great quote on cooperation?

Leave a reply

..the story of passengers and crew revolting and trying to take control of the plane back from the terrorists. They came together in about 20 minutes, they came up with a plan, they voted on that plan, and took action. I would hope that message of cooperation would live on today. 15 years later it hard to see that message living on, but, you know  these were folks from all over world that came together and did something great. Gave the country something bright on a dark day ~ Tim Lambert (2016, Interview Heard on NPR’s Morning Edition)

What is a good quote on writing skills and leadership?

Leave a reply

Clear leadership, expressed in writing, creates alignment and boosts productivity. For example, in writing email, managers from the CEO on down must set an example by communicating exactly what they want, clearly, in the subject line or title and the first two sentences of everything they write. The workers reading it will just skip to the key facts anyway, so lose the filler and don’t waste their time.

….Clear writing uses well-organized, active-voice sentences to explain what is happening, what ought to happen, and what people need to do. Conversely, inexact and passive language reflects gaps in thinking…Requiring clear, direct, active language has two benefits. It forces writers to think through what they really mean and the arguments they can use to support it. And it makes smart people stand out. If you prize clarity, the clear thinkers will rise to the top. ~ Josh Bernoff (2016, Bad Writing is Destroying Your Company’s Productivity).

What is a quote on self awareness?

Leave a reply

Highly accomplished people have an inner voice and pay attention to it. They understand the defining moments of their lives and thereby better understand their own strengths, biases, and weaknesses as leaders. And that understanding provides them with a deep well of energy and passion that they draw on throughout their lives. We may not all have careers that match the 100 people I interviewed, but we can all share their ability to grasp — and harness — the turning points of our lives and careers~ Bernie Swain (2016)

What 100,000 Tweets About the Volkswagen Scandal Tell Us About Angry Customers?

Leave a reply

A critical component of managing a cyber security incident is crisis communication. Swaminathan and Mah (2016) recently published, “What 100,000 Tweets About the Volkswagen Scandal Tell Us About Angry Customers” in  the Harvard Business Review. Their analysis focused on more than 100,000 tweets related to the Volkswagen Scandal. Their conclusions are relevant to CISOs and their cyber-incident management plans.

The Takeaways :

  1. Incident management plans need to include an analysis of tweets. As Swaminathan and Mah state, “by analyzing the topics most frequently discussed, managers can better understand what consumers are discussing and apply appropriate recovery strategies.”
  2. CISOs need to collaborate with their partners in Public Relations in managing the communication with customers..
  3. Understand that tweets change in terms of volume, valence and topics over the course of the incident. The figure below illustrates the three major changes from Swaminathan and Mah

Capture_tweets

Is there a quote by President Obama on cybersecurity?

Leave a reply

Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls. Increasingly, I find myself looking to medicine and thinking about viruses, antibodies. Part of the reason why cybersecurity continues to be so hard is because the threat is not a bunch of tanks rolling at you but a whole bunch of systems that may be vulnerable to a worm getting in there. It means that we’ve got to think differently about our security, make different investments that may not be as sexy but may actually end up being as important as anything.

What I spend a lot of time worrying about are things like pandemics. You can’t build walls in order to prevent the next airborne lethal flu from landing on our shores. Instead, what we need to be able to do is set up systems to create public health systems in all parts of the world, click triggers that tell us when we see something emerging, and make sure we’ve got quick protocols and systems that allow us to make vaccines a lot smarter. So if you take a public health model, and you think about how we can deal with, you know, the problems of cybersecurity, a lot may end up being really helpful in thinking about the AI threats (President Obama, Oct. 2016)

 

Is there a quote on hard work by a former US president?

Leave a reply

It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat. ~ Theodore Roosevelt (1910)

Is there a model for organizing an Information Security department?

Leave a reply

Every CISO wonders about the following questions:

  • What key functions does my  office cover?
  • How should I structurally organize these functions?
  • Who should I seek advice, input and guidance from within the organization?
  • How can I identify gaps in my program and fill them?

On Feb 22, 2016, Nader Mehravari and Julie Allen, both from the Software Engineering Institute at Carnegie Mellon Univerity, released  a blog post and white paper to help provider answers to these questions.

Key Functions

Screen Shot 2016-02-22 at 7.47.20 AM

4 Key Functions of CISO (Mehravari and Allen, 2016)

Organizational Chart

ciso_blog_figure2

Four Organizational Units of the CISO Office (Mehravari and Allen, 2016)

Advisory Group for the CISO

  • chief operating officer
  • chief information officer
  • chief financial officer
  • legal/privacy
  • human resources
  • communications / marketing
  • business unit VPs
  • engineering VP
  • information technology VP

Identifying and Closing Gaps

  • Map your current CISO structure to our recommended structure, departments, sub-functions, and activities
  • Determine which organizational units can continue as is, which need to change (i.e., expand or contract), and whether new units need to be created
  • Develop an implementation roadmap

The Bottom Line

  • Read the blog posting and more detailed whitepaper
  • Adapt recommendations and apply process outlined in the “Identifying and Closing Gaps” section

What is the difference between Good, Better and Best?

Leave a reply

As we consider various choices, we should remember that it is not enough that something is good. Other choices are better, and still others are best. Even though a particular choice is more costly, its far greater value may make it the best choice of all.

Consider how we use our time in the choices we make in viewing television, playing video games, surfing the Internet, or reading books or magazines. Of course it is good to view wholesome entertainment or to obtain interesting information. But not everything of that sort is worth the portion of our life we give to obtain it. Some things are better, and others are best. ~ Dallin H Oaks (2007, Good, Better, Best).