Fear is often used as a lever for action in cyber security.
Fear arrives in our inbox and onto our browsers daily. Fear looms, persists, dwells.
Fear is disruptive and, when a constant planning factor, exhausting.
Fear can become part of the conversation that we use to
convince executives to do things. A security program built on fear is purely reactive.
Unfocused. Always working from whatever might be on the top of the pile.
Once used, fear has a decreasing return thereafter.
The alternative to fear is a focused plan followed by purposeful
work towards an outcome. When we choose to work purposefully, we aren’t
reacting to the fear but focusing on the plan. An outcome that isn’t focused on
a particular threat but on a defensive capability that negates a range of
threats.
Shaping conversations with executives around capabilities or
lack thereof tends to be more compelling than fear. Capabilities infer a plan.
Progress. Outcomes that are memorable.
And there is less to fear as you build out robust capabilities.
Follow me on Twitter for discussion and the latest blog
updates: @Opinionatedsec1. Or, start your own discussion using #crazygoodcyberteams
on twitter or Linkedin and I'll read it.
SEE ALSO
No comments:
Post a Comment