Security Methods

Competing in Modern Business: Learning from the Hackers and Revolutionaries

Competing in Modern Business: Learning from the Hackers and Revolutionaries

The average lifespan of a company on the S&P 500 has declined from 67 years in the 1920s to 15 years today, and we can assume that a large part of this decline can be attributed to technological innovation outpacing corporate agility. Corporations that are designed for the industrial age, where you can turn a profit doing one (or a few) thing(s) relatively well, are having difficulty adjusting to the rapidly changing technological landscape.

So, how do we promote corporate agility?
 

Google made waves in the modern world of business by pioneering (or, probably more accurately, perfecting and publicizing) this small-team method of management.  By creating multiple small teams, on which a single person may reside in different capacities, you create a non traditional management hierarchy and a more robust meritocracy.  Plus, you have the added benefit of cutting back on mob mentality and bureaucracy, while also boosting your response time.

In hindsight, this should have been obvious to companies the world over.  Smaller teams means less effort for more coordination, more accountability and transparency, and less mob mentality taking over. The evidence and historic precedence is there to support small team leadership, the only question is, how am I - a middle manager on the Island of Obscure Project Management - going to implement these philosophies into my every day life?  So, I'm going to close with three concrete and actionable steps you can take to start your career, if not your company, down a more productive path:

  1. Break up large groups whenever possible.  If you have a team of fifteen people working on a project, focus on creating smaller group meetings based on specific specialties before holding a larger group meeting.  For example, if you're implementing a new software package, host a small group meeting with the application developers and a separate meeting with the system analysts, before hosting a town hall meeting.
  2. Diversify your (employees') skills.  No one (not you or your employees) are mindless drones capable of only doing one thing repeatedly.  Stretch yourself and your employees by placing them in tangential roles on multiple projects.
  3. Promote employee buy-in. Make sure that your projects are not being dominated by one or two self-assured individuals; ensure that all team members feel comfortable contributing and, most importantly, feel that their contributions are valued by the other members of the team.

Defense In Depth

Defense In Depth

Security can be an overwhelming topic to get started and as a result, a concept known as Defense in Depth has been making its way across the industry for the last couple of years.  Defense in Depth is an organized and systematic way to ensure that your network is as unattractive to hackers as reasonably possible. Keep in mind that there is no such thing as “unhackable,” so the object of security is to make the costs of attacking your network more than the benefit of doing so without incurring more cost in defense than your network’s security is worth. Defense in Depth does this by breaking the security process down into eight distinct phases.

  • Security Through Obscurity
  • Establishing Identity
  • Encryption and Hashing
  • Hardening your Devices
  • Preventing Intrusion
  • Adhering to Laws
  • Routine Maintenance
  • User Education

These sections are only a snippet of the fifteen pages that I've dedicated to security and privacy in my 140pg book, Understanding IT: Decoding Business and Technology. I've posted this to introduce the concept of Defense in Depth as it relates to the Malware Business Model and as a precursor to Cutting The Cord, Episode Four: Securing Your Network [Episode One and Two]. The topics covered here may be broad strokes, but before a specific technical understanding can be reached, the frameworks have to be established.