No, this is not going to be some clever April Fool’s joke kind of email. Personally, I’ve always hated those, but then I don’t have pointy ears, yellowish skin nor am I an escapee from a Peter Pan novel either.
Of course – and especially in light of what we’re seeing every day on the news and social media – a bit of levity now and then is necessary, and I hope you’re able to find some. But if you’re like a number of the people I’ve been talking to over the last couple of weeks, instead of being able to kick back, empty your liquor cabinet and binge on 3rd-level Netflix shows you never thought you’d enjoy…
…you’re probably pulling your hair out (along with your partner/wife/husband) trying to corral kids who’ve been out of school, don’t want to do any of the million assignments their teachers somehow think you’ll be able to get them to do, and instead are hogging all the uplink bandwidth playing Xbox with their friends…
…you now lose more than 20% of your day waiting for people to join/unmute/un-jitter conference calls
…and somehow, through all this crisis, the lack of space and the lack of focus, you’re being asked to do even more work than you were doing before as your organization is finally accepting the fact that – for a good while longer – the BC plan is going to be the BAU blueprint.
I talked about this briefly the other day, but even if Thanos could snap his fingers and COVID-19 suddenly blipped out of existence today, the world is a different place than it was before. Some things will be better, some things will be worse, and, most unfortunately, some people who otherwise should be just won’t be around anymore.
The main question hasn’t changed though: what are you going to do about it?
Now, as security professionals, we don’t really have the luxury of sticking our heads in the sand and pretending this isn’t real. We undoubtedly are facing more pressure, the employees we’re trying to keep protected so the information and resources of our organizations stay protected are on an emotional roller-coaster just like us…
…and without our internalized awareness and vigilance of how the bad guys are working really hard to take advantage of the situation.
And as I said above, our work environment is changing—maybe forever.
So, how likely is it that the way we were running our security program before is the same way as it should be run now?
Now, maybe things were screaming along like the banshee wail of a LeFerrari at 9,250rpm, and your security program was aligned to the business strategy with laser precision, your security architecture is the basis for every decision the security team makes, including keeping your DevOps infrastructure as code aligned and integrated with your organizational risk appetite AND assisting your front line threat and incident response teams in prioritizing and responding to the alerts they receive…not to mention having a clear understanding of your security team’s roles and responsibilities so there’s no overlap, no duplicate effort and you can laugh about siloed security teams like they’re monsters out of an ‘80s Nightmare on Elm Street sequel.
Or…maybe they weren’t.
And if things were hard to manage and your team was struggling to connect with the business, keep up the pace and respond in a timely and measured way to the endless SIEM events and 3rd-party vendor reports before…
…I’m sure it’s only gotten easier under lockdown, home schooling and residential connectivity.
You might think that the LeFerrari paragraph is the makings of an April Fool’s joke…that there’s no way something like that is possible—let alone thinking about aspiring to achieve.
As I said before, that’s not what this email is about. But…
Maybe for you, that’s true. Or, maybe the problem isn’t that you don’t know where you want to be…
…maybe the problem is that you’re just not sure how to get there from where you are today.
And maybe…just maybe…I might be able to help.
But until you book a call with me using the link below, we’re never going to find out:
https://securityleadershipcoaching.com
So you can wait…either because you’re too overwhelmed to think about making things any better (which we all know how that really plays out)…or because you just don’t need any help at all…
…or you can visit the link above, book a call, and see what we might be able to do together to improve the overall effectiveness of your security program—or even just the way you’re creating your security architecture.
As always, it’s up to you to decide you want things to change…to decide that you want to be better…to decide that your security program CAN actually be better than it is right now…
…even in the middle of a COVID-19 crisis.
Or not.
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
