Archistry

Survivability by Design™ since 2006

  • Home
  • About
    • Who Is Andrew?
    • C2T System™
    • The Agile Security System™
  • Contact
You are here: Home / Archistry Daily / Discovering the secret sauce of the organizatiosaurus—can you do it?

August 29, 2019

Discovering the secret sauce of the organizatiosaurus—can you do it?

Share
Share on Facebook
Tweet
Tweet this
Pin
Pin this
Share
Share on LinkedIn

My son is on a bit of a dinosaur kick over the last few days. First it was the Lego version of Jurassic World on Netflix, and tonight, the book he picked was an amusing story called Tyrannosaurus Drip, where a reed-eating little guy who looks somewhat like a Parasaurolophus accidentally gets raised by a family of T-rex, and who, of course, saves the day and prevents his adopted family from feasting on his fellow hadrosaurs.

But it got me thinking about the one line in Jurassic World where they’re talking about the DNA splicing they did to bring the “normal” dinosaurs back to life on the island. Now, I don’t think I’m going to give away any spoilers here, but there was some scientific jiggery-pokery involved even before they genetically engineered the “suprasaurus” that nearly ate Manhattan.

What did they do?

Well, when you don’t know, you guess—or you find something “close”…

…and in this case, I think it was frog DNA they used to “fill in the gaps” for the missing patterns.

So why was I thinking about dino DNA?

Well…it’s not really a hyperspace leap to go from ancient animals to ancient organizations and outdated-security practices where it’s pretty clear in some cases there aren’t just “gaps” but rather large fissures in the way the security program actually plays out.

And, at least with the people I’ve been talking to recently, they know, and they’re spending quite a lot of time and effort into fixing it.

…but it’s just not quite gotten there. Because there’s something missing.

What’s that, you ask?

Well, it’s obviously the ability to discover the real DNA of the elusive organizatiosaurus that holds the true secrets to what security needs to do. And where are those secrets?

They’re in the minds of the “managers of managers” so often derided by technology people as not “getting it” and who naturally want nothing more than to have a flash-sale on the PII managed by the organization for the latest, business-driven pyramid scheme designed to weave the golden parachutes of the eternally disconnected and disinterested executive management team.

No?

Ok…well, maybe we’ll agree on “don’t get it” or “don’t care” and “don’t call me when it breaks” at least.

Unfortunately for us, our aptitude for discovering that elusive organizational DNA is really what will make or break any security program.

But it can be seen as a royal PITA or easily get tossed into the “too much work” or “no time today” piles, which is a pity.

Sure, you might need to step out of our comfort zone a bit to actually figure out how to connect with your business customers and ask them questions that don’t involve the words “cyber” or “threat” or “vulnerability” or anything of the sort.

And that does take a new vocabulary of sorts, and it also takes more than a few new concepts to get your head wrapped around.

But it isn’t the end of the world—especially when you have a system at your back doing its best to help you focus in the right places, and ask the right questions to the right people – the right “managers of managers” – that will eventually reveal…

…the organizational DNA you’re looking for.

Because if you have that, you can ask the right questions…

…and you understand how everything supports everything else…

…and once you do, you can connect the entirety of your world to the overriding concepts of time and money in the worlds of your customers…

…by only asking the right questions at the right times to the right people.

Sound too simple to be worth covering in the September issue of the print Security Sanity™ newsletter?

Maybe.

But the challenge so far this month hasn’t been trying to find stuff to put in…

…the challenge has been trying to figure out what I had to leave out.

All the powerful tools seem simple on the surface,

but they’re full of subtle nuance—and yes, I realize that’s a “very very” in disguise, which is precisely why I used it.

So if your organizational DNA decoder-ring needs a tune up, or your particular box of Cracker-Jacks was the one without the toy,

this is a skill you need to master if you want to become a true leader in security—whether that means you run the show or just a part. It’s a mandatory thing you need to be able to do.

You MUST be able to understand the worlds of your customers. And the September issue is all about ways you can do that, but the clock is ticking, since at the end of the month (only 3 more days), it goes to the printer, and if you miss it…

…it’s gone.

To make sure you get that snazzy envelope in your postbox in a week or so, depending on where you choose to send it,

go here: https://securitysanity.com

And mind “the gaps.”

Stay safe,

ast

—
Andrew S. Townley
Archistry Chief Executive

Share
Share on Facebook
Tweet
Tweet this
Pin
Pin this
Share
Share on LinkedIn

Article by Andrew Townley / Archistry Daily / Agile Security, Customer Trust, Principle #2, Stakeholder Engagement, Stakeholder Interviewing

  • Email
  • LinkedIn
  • Twitter
  • YouTube

EMAIL NEWSLETTER

Want to get DAILY email tips on how to build a more effective security program so you can prove your security investments deliver value to the business?

You can always unsubscribe at any time, and we won't sell your data to third parties.

About Us

Archistry works with you to ensure what you want to achieve actually gets done, linking strategy, risk, governance and compliance to enable sustained exceptional performance Read More…

Testimonials

Andrew is a highly skilled and experienced information systems architect and consultant, which in my view is a rare thing. He is innovative in his thinking and merits the title of 'thought leader' in his specialist domains of knowledge—in particular the management of risk. Andrew has embraced SABSA as a framework and, in doing so, has been a significant contributor to extending the SABSA body of knowledge."

— John Sherwood, Chief SABSA Architect

"Fabulous person to work with. Very engaging and insightful. Extremely good technical knowledge with ability to relate concepts together and overcome differing opinions. Makes things work."

— Kevin Howe-Patterson, Chief Architect, Nortel - Wireless Data Services

"Andrew was able to bring clarity and great depth of knowledge to the table. His breadth of thinking and understanding of the business and technical issues along with a clear and effective communication style were of great benefit in moving the process forward towards a successful conclusion."

— Doug Reynolds, Product Manager, MobileAware

"Andrew is a fabulous consultant and presenter that you simply enjoy listening to, as he manages to develop highly sophisticated subjects in very understandable way. His experience is actually surprising and his thoughts leave you without considerable arguments for any doubts in the subjects he covers."

— Biljana Cerin, Director, Information Security and Compliance

Recent Posts

  • If you want better security, you’d better have a better security architecture
  • The ultimate security song to keep you focused on what you’re doing
  • Security heroes
  • There’s always a people problem
  • Putting your data flow diagrams out to pasture…for good

Looking for something else?

  • Home
  • About
  • Contact

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Copyright © 2006-2025 Archistry Incorporated or its affiliates

"Archistry", the stained glass window logo, "Pragmantix" and the Pragmantix™ logo, "Archistry Execution Framework (AEF)", "Archistry Execution Framework, Cybersecurity Edition (ACS)", "The Agile Security System", "The Agile Business System", "Baseline Perspectives", "Architecture Wall", "Archistry Execution Engine", "Renegade Security", "Renegade Security System", "Security Value Delivery System (SVDS)" "Collapse-to-Traction", "Collapse-to-Traction System", "Adaptive Trust & Governance Model (ATGM)", and "Adaptive Trust & Governance Model for Organizations (ATGM4O)" are trademarks of Archistry Incorporated or its affiliates.