Friday Books and Talks 01/30/2015

Archive for January, 2015

Friday Books and Talks 01/30/2015

Posted by

How Did That Happen?
by Roger Connors, Tom Smith

The economy crashes, the government misfires, businesses fail, leaders don’t lead, managers don’t manage, and the people we count on for the results that affect our own performance don’t follow through, leaving us asking, “How did that happen?” Surprises caused by a lack of personal accountability plague almost every organization today, from the political arena to every large and small business. How Did That Happen? offers a proven way to eliminate these nasty surprises, gain an unbeatable competitive edge, and enhance performance by holding others accountable in a positive, principled way.

 

 

The Definitive Drucker
by Elizabeth Haas Edersheim

For sixteen months before his death, Elizabeth Haas Edersheim was given unprecedented access to Peter Drucker, widely regarded as the father of modern management. At Drucker’s request, Edersheim, a respected management thinker in her own right, spoke with him about the development of modern business throughout his life-and how it continues to grow and change at an ever-increasing rate. The Definitive Drucker captures his visionary management concepts, applies them to the key business risks and opportunities of the coming decades, and imparts Drucker’s views on current business practices, economic changes, and trends-many of which he first predicted decades ago. It also sheds light onto issues such as why so many leaders fail, the fragility of our economic systems, and the new role of the CEO.

Friday Books and Talks 01/23/2015

Posted by

Drucker on Leadership
by William A. Cohen, Ph.D.

Although Peter Drucker, “The Father of Modern Management,” died in 2005, his timeless teachings are studied and practiced by forward-thinking managers worldwide. His lessons and wisdom on the topic of leadership-the central element of management-are in constant demand, yet he wrote little under that actual subject heading. In Drucker on Leadership , William A. Cohen explores Drucker’s lost leadership lessons-why they are missing, what they are, why they are important, and how to apply them. As Cohen explains, Drucker was ambivalent about leadership for much of his career, making it clear that leadership was not by itself “good or desirable.” While Drucker struggled with the concept of leadership, he was well aware that it had a critical impact on the accomplishment of all projects and human endeavors. There is no book from Drucker specifically dedicated to leadership, but a wealth of information about leadership can be found scattered throughout his 40 books and hundreds of articles. Drucker’s teachings about leadership have saved many corporations from failure and helped guide others to outstanding success. Many of the leadership concepts revealed in this book will surprise and perhaps shock Drucker’s followers. For example, who would have thought that Peter Drucker taught that “leadership is a marketing job” or that “the best leadership lessons for business or any nonprofit organization come from the military”? Written for anyone who values the insights of the man whose name is synonymous with excellence in management, Drucker on Leadership offers a deeper understanding of what makes an extraordinary leader.

 

 

Just Listen
by Mark Goulston

The first make-or-break step in persuading anyone to do any thing is getting them to hear you out. Whether the person is a harried colleague, a stressed-out client, or an insecure spouse, things will go from bad to worse if you can’t break through emotional barricades. Drawing on his experience as a psychiatrist, business consultant, and coach, and backed by the latest scientific research, author Mark Goulston shares simple but power ful techniques readers can use to really get through to people–whether they’re coworkers, friends, strangers, or enemies. Getting through is a fine art but a critical one. With the help of this groundbreaking book readers will be able to turn the “impossible” and “unreachable” people in their lives into allies, devoted customers, loyal colleagues, and lifetime friends.

Sitting people down and lecturing them rarely works, because it makes them defensive and when they’re defensive, they hide things from you. Work side by side with them in a cooperative activity, however, and you’ll lower their guard and get them to open up.

Shelfware and Constraint Analysis

Posted by

Risk management and, indeed, all security activities do not happen in a vacuum. We need buy-in and time from business end-users, IT professionals, and more. Yet all to often, we plan these activities without doing a joint constraint analysis. The result is work that is understaffed and simply does not get done.

A recent survey highlights this condition. “According to Osterman Research, of the $115 per user respondents spent on security-related software in 2014, $33 was either underutilized or never used at all. In other words, in an organization of 500 users, more than $16,000 in security-related software investments was either partially or completed wasted.” IT staff “was too busy to implement the software properly, IT did not have enough time to do so, there were not enough people available to do so, or IT did not understand the software well enough,” the report states.

Personally, I am not ready to throw the IT staff under the bus. Let’s hold up a mirror. When was the last time we planned risk mitigation while taking into account IT’s time and knowledge? When was the last time we included training and staffing in our business case?

All to rarely. It is time to take constraints into account.

Friday Books and Talks 01/16/2015

Posted by

I am revisiting some classic books, investigating ideas about constraint management.

Critical Chain
by Eliyahu M. Goldratt

“Critical Chain,” a gripping fast-paced business novel, does for Project Management what Eli Goldratt’s other novels have done for Production and Marketing. Dr. Goldratt’s books have transformed the thinking and actions of management throughout the world.
It’s Not Luck
by Eliyahu M. Goldratt

Learn more about the powerful techniques first presented in the best-selling business novel, The Goal. In this book, Dr. Goldratt, through examples in a variety of industries, shows how to apply TOC to sales and marketing, inventory control, and production distribution. In addition, techniques in conflict resolution are introduced on both a business and personal level.

Upcoming keynote: CampIT

Posted by

I am keynoting the upcoming Camp IT on Enterprise Risk / Security Management.

 

Donald E. Stephens Convention Center
5555 N River Rd
Rosemont, IL 60018

February 5, 2015
9:00am-5:00pm

Calculating Your Acceptable Level of Risk

With so many potential risks it can be difficult to determine which an enterprise can live with, which it can’t, and which it can cope with when reduced to an acceptable level of risk. Determining an acceptable level of risk needs to be undertaken when there is a significant change in a business’ activities within the environment. Examples are updating policies and training or improving security controls and contingency plans, the risks need constant monitoring to ensure the right balance between risk, security and profit.

In this session attendees will learn how to build a framework to define an acceptable level of risk.

Friday Books and Talks 01/09/2015

Posted by

Macrowikinomics
by Don Tapscott, Anthony D. Williams

In this follow up to their 2007 bestseller, Wikinomics, Don Tapscott and Anthony Willliams once again use original research to provide new examples of organizations that are successfully embracing the principles of wikinomics to change the world. Find out how in this executive book summary of Macrowikonomics.

 

Judgment on the Front Line
by Chris DeRose, Noel Tichy

Management experts Chris DeRose and Noel M. Tichy explain why frontline employees are so important and why it is crucial to involve them in decision making. Judgment on the Front Line provides a five-step process for building a frontline-focused organization and includes examples of frontline leadership in action.

  • Define a Customer-Based Vision.
  • Develop a Front Line–Focused Culture.
  • Obsess over Talent.
  • Define the Judgment Playing Field.
  • Live on the Line.

Finding And Using A Mentor

Posted by

Forbes posted several good tips on finding and using mentors. I thought I would add my experience from the information security perspective. You can read the original article here: How To Find And Use A Mentor.

 

“1. Examine yourself. Evaluate your strengths and weaknesses. Make a list of goals and objectives. How will you use a mentor? To find an internship? To help you hone your presentation skills? To advise you on your career path?”

Information security is a broad field with several specialities. Often, the first step of mentoring someone is for us to decide what they even want to learn. Doing the digging and researching what areas are of interest will save time for more hands-on mentorship.

“2. Decide what you want in a mentor. What are the qualities you seek in a mentor? Try to envision the ideal person. Is it Oprah? If so, why? Figure out what characteristics you’re looking for, perhaps a particular wealth of knowledge or set of skills.”

Information security is a wide community with several specialists. Finding the right person to provide guidance goes along way. Look for areas where they have researched, worked, or exceled. Match their strengths to your needs.

“3. Cast a wide net. Network. Use social media like LinkedIn. Parents and their pals can prove especially useful. Don’t forget professional associations and your schools’ career offices.”

For our field, make use of Twitter and IRC. Find the person, do your homework (osint style), and get an introduction.

“4. Be specific when you reach out. Ask for something specific, like a 20-minute meeting over coffee to learn about the person’s career path, or a short desk-side meeting to ask advice about internships. Use these meetings to build rapport before you make requests for more time.”

“5. Go after more than one mentor. One person may help you land an internship in your desired field; another may help you see the big picture of your unfolding career.”

Rinse and repeat the above steps, filling in the gaps in your knowledge and network.

“6. Offer something in return. Are you an expert at social networking? Offer your services and ideas generously and frequently.”

With information security, it is less about sharing social networking tips and more about building on a body of research. Most of the mentors you will reach out to have an active project list, with little time to explore. By offering to do the work, you help them by progressing the idea while you help yourself by learning.

“7. Be an active protégé. Show enthusiasm for your mentor’s help. Express gratitude.”

Don’t over do this one. I have had mentees go too far in the other direction, to the point of fawning. The ideal state is to show you are active and engaged, without overwhelming your mentor’s inbox.

“8. Follow up. Even after you’ve landed that internship or job, don’t let your communication with your mentor lapse. Keep her apprised of your progress.”

It has been said that 80% of success is simply showing up. I believe this. The number one mistake I see from newcomers to the field and from people seeking mentors is that they simply do not show up. Do not have one great conversation and then let the idea go cold. Do not have a great couple weeks and then disappear. Most people do. But you are different. If you want to make it in this field, you have to show up, be steady, and see projects thru to the end.