Empowering cybersecurity professionals with the non-technical skills they need to thrive.
The top 10 lies we tell ourselves in security
Hey there, Have you ever found yourself working in a toxic security culture? Maybe it was one that bullied its users. Maybe it was one that was terrified of all risk. Culture has a powerful effect on everything happening around it, whether it's team or organizational culture. This week, we wanted to take a little bit of a different approach and explore some toxic narratives that are so prevalent in our field. Self-talk plays a significant role in how we perform and feel about ourselves on a personal level. That same sort of dynamic can occur within teams that start reinforcing narratives amongst themselves. Those narratives can be positive, or they can be really negative. When it takes a turn for the worse, it can be a slippery slope for the broader culture. Finger-pointing, user blaming, doomsday hypothesizing, and more. In this article, we're going to break down 10 lies that I've seen security teams tell themselves that can be incredibly harmful. |
Action itemTake an inventory of each item in this week's article and honestly ask yourself if your team does any of these things. If so, which ones? How bad is it? Is it localized to some people or a group? When you figure this out, you'll have a place to start seeking a better way. But if you never know you've got an issue brewing, you'll never be in a place to fix it! In case you missed itInteresting resources across the webThis section breaks down some relevant resources across the web for you to check out. 👉 Slack talks about some elements of building a high-performing team culture 👉 Mayo Clinic article on the power of self-talk on a more individual level 👉 Radical Candor by Kim Scott talks about the power of having really open conversations within a team and how it can totally transform the overall performance and culture Keep growing, - Rob & Frank 113 Cherry St #92768, Seattle, WA 98104-2205 |
Soft Side of Cyber
Empowering cybersecurity professionals with the non-technical skills they need to thrive.
How often have you been in a room full of cybersecurity people, only to observe them mocking those who are "social" or "non-technical" in their skills? We don't train on it. We don't seem to value it. So why bother talking about emotional intelligence and social skills? It's because we believe it's at the core of actually getting things done in cybersecurity. It's the intangible yet valued things that separate the effective from the ineffective. In this week's article, Frank explores...
Hey there, Compliance is so often looked at in security circles as a burden. It’s a thing to do. It’s expensive. It’s not equating to actual security. Those are just a few of the many reasons that security teams are typically not the biggest fans of compliance. This week’s article focuses on how you can get the most out of compliance so it can actually help your business instead of hamper your team’s resources and energy levels. If you’re leading a security team or involved in the day-to-day...
Hey there, Are you aspiring to climb the ladder in your cybersecurity career but unsure where to start? Whether it’s the prestigious CISO role you’re eyeing or a leap into a more strategic position, understanding the intricacies of career advancement is crucial. Our latest article, "So You Want to Get Promoted in Cybersecurity?", is a treasure trove of insights tailored just for you. It delves into the different pathways you can take in the field, whether it’s the individual contributor or...