Creative Mindsets, Reaching Goals, & Encouraging Accountability – BSW #197
In the Leadership and Communications segment, we discuss the creative mindset, CMMC challenges, work from home security is still lacking security, you may not get it right the first time, reaching your goals, increasing productivity with music, tackling bottlenecks, and more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
Jason Albuquerque
Chief Operating Officer at Envision Technologies
Paul Asadoorian
Principal Security Evangelist at Eclypsium
- 1. CMMC ChallengesThinking you are secure or compliant is but one thing: "According to Tier 1 Cyber research, many DoD contractors have a false sense of their cybersecurity preparedness. To make matters worse, only 12% trust their vendors to handle cybersecurity effectively."
- 2. The Role of Access Control in Information SecurityThis article is a deep dive into IAM, good stuff such as: "Every organization needs a good discretionary access control model, only granting permission to subjects with a business need to access various objects. By itself, this single simple access control could limit the damage from a ransomware attack or protect an organization from huge potential liabilities."
- 3. Now’s the Time to Revisit WFH Cybersecurity – Security Boulevard"Avoid mixing work and leisure activities on the same device to reduce risk. Work activities should be confined to work devices, while personal activities and social media belong on personal devices. Ensure that devices have updated anti-virus protection, along with the latest operating system and application updates, since new viruses and malicious sites continue to appear as this crisis continues. Use strong Wi-Fi encryption and a strong, unique password for access, and be sure to change the Wi-Fi router admin password from the default. Put a backup strategy in place and follow it, and make sure your backup plans cover all servers and workstations. Educate everyone on the danger of phishing scams and how to recognize them, so they don’t succumb to their virus-related scare tactics." - Yes, these are things, but things you should be doing anyhow. The questions are how and why? Few will do work on only one device, many will not get patches, no one changes their home WiFi password, and 50% of you users will succumb to an email phishing attack. So now what?
- 4. ‘Do the hard things first’: What Capital One prioritized in its cloud migrationI like this advice: "As you go on this journey, you're going to find a lot of paths that don't get you to where you want to go," said Perkel. "But you're going to learn from them. Know that that's okay. You're never going to get it right the first time, and what you thought was true at one point, was. But it's not true anymore."
- 5. How an Unintentional New Morning Routine Changed My DayThis was a great take-away: "Rushing around in the morning causes stress and anxiety. If you’re not someone who sets everything out the night before, then the extra time in the morning is key to starting your day on the right foot. You’ll become more intentional about tasks and have time to breathe."
- 6. How to actually reach your goalsTime-based learning vs. Goal-based learning, interesting (FYI, I would allow myself more time for the toilet, much to my wife's chagrin).
- 7. Can Music Increase Your Productivity?YES! I use music, and really awesome audio gear, to get me in the right mood, help me focus. The choice is key as it can be too distracting. I like the suggestion of trial and error.
- 8. Fix bottlenecks before tackling business process automationI am doing this right now, and it's fascinating: "The power of the VSM lies in its ability to track work from when it is identified to the point when it is completed,” says Anand. “By running collaborative workshops, stakeholders can gain a better appreciation of the work that goes on in other teams or departments."
- 9. How to Actually Encourage Employee AccountabilityThe best two questions are here: "When I first started as CEO, and they showed me the forms to fill out about my team’s performance, and they wanted me to put numbers in boxes, I thought, Why would anyone do this? I decided to simply ask people, “How do you feel things went?” — and they would often be harder on themselves than I would have. I would ask, “What do you need from me?” — and they would tell me. It seemed like a much more human approach to holding people accountable."