Sometimes you might not have enough resources to do all of
the things that really are important.
We can model three types of execution:
Critical projects tied to a commitment which has resources
and a champion.
Key projects with resources that are important but for which
you, as the senior cyber leader, might be the only champion.
Other projects that are important but without sufficient resources.
One approach to dealing with this last group might to set expectations
that you plan to take a “kick the can down the road” approach. Progress still
can be formally measured but within the following constraints:
Reduced effort.
Limited investment.
Longer timeline.
You'll need to set expectations correctly for executives before you start kicking any project cans downs down the road.
Each month, you might plan on giving a project a 4 to 8 hour
kick down the road with appropriate objectives set for the time invested. Do
this each month and after some number of months, you’ll look back and have made
significant progress.
Scale such projects across each member of your team as their time allows and now
you’ll purposefully move the needle across your cyber security program even in
some places without enough resources.
Progress is always good.
Like what you've read
enough to follow me on Twitter? @Opinionatedsec1.
SEE ALSO
No comments:
Post a Comment