Creative Mindsets, Reaching Goals, & Encouraging Accountability – BSW #197

Thinking you are secure or compliant is but one thing: "According to Tier 1 Cyber research, many DoD contractors have a false sense of their cybersecurity preparedness. To make matters worse, only 12% trust their vendors to handle cybersecurity effectively."

This article is a deep dive into IAM, good stuff such as: "Every organization needs a good discretionary access control model, only granting permission to subjects with a business need to access various objects. By itself, this single simple access control could limit the damage from a ransomware attack or protect an organization from huge potential liabilities."

"Avoid mixing work and leisure activities on the same device to reduce risk. Work activities should be confined to work devices, while personal activities and social media belong on personal devices. Ensure that devices have updated anti-virus protection, along with the latest operating system and application updates, since new viruses and malicious sites continue to appear as this crisis continues. Use strong Wi-Fi encryption and a strong, unique password for access, and be sure to change the Wi-Fi router admin password from the default. Put a backup strategy in place and follow it, and make sure your backup plans cover all servers and workstations. Educate everyone on the danger of phishing scams and how to recognize them, so they don’t succumb to their virus-related scare tactics." - Yes, these are things, but things you should be doing anyhow. The questions are how and why? Few will do work on only one device, many will not get patches, no one changes their home WiFi password, and 50% of you users will succumb to an email phishing attack. So now what?

I like this advice: "As you go on this journey, you're going to find a lot of paths that don't get you to where you want to go," said Perkel. "But you're going to learn from them. Know that that's okay. You're never going to get it right the first time, and what you thought was true at one point, was. But it's not true anymore."

This was a great take-away: "Rushing around in the morning causes stress and anxiety. If you’re not someone who sets everything out the night before, then the extra time in the morning is key to starting your day on the right foot. You’ll become more intentional about tasks and have time to breathe."

Time-based learning vs. Goal-based learning, interesting (FYI, I would allow myself more time for the toilet, much to my wife's chagrin).

YES! I use music, and really awesome audio gear, to get me in the right mood, help me focus. The choice is key as it can be too distracting. I like the suggestion of trial and error.

I am doing this right now, and it's fascinating: "The power of the VSM lies in its ability to track work from when it is identified to the point when it is completed,” says Anand. “By running collaborative workshops, stakeholders can gain a better appreciation of the work that goes on in other teams or departments."

The best two questions are here: "When I first started as CEO, and they showed me the forms to fill out about my team’s performance, and they wanted me to put numbers in boxes, I thought, Why would anyone do this? I decided to simply ask people, “How do you feel things went?” — and they would often be harder on themselves than I would have. I would ask, “What do you need from me?” — and they would tell me. It seemed like a much more human approach to holding people accountable."