Connect with us

The Motivator

A LETTER TO MY YOUNGER SELF

Published

on

Dear younger self,

I will try to keep the spoilers to a minimum, but you have quite a journey ahead of you.

Over the course of your life you will see and do things you can’t even imagine right now. Your frame of reference is currently too limited in a small town like Rohtak, India. But, soon (at age 7) you will be heading off to boarding school. Life as you know it is going to change. The transition won’t be easy and it won’t be the last time you find yourself adapting to a new way of life. But trust me when I tell you that despite missing your mom terribly – you will be okay. In fact, it is in these moments – when you are pushed outside of your comfort zone – that you will learn and grow the most. So, hard as they may seem, seek out these opportunities. Don’t ever let yourself get too comfortable. You will be better for it.I also encourage you to surround yourself with people that inspire you, people you can learn from. That includes people who may not share your point of view – and believe me there will be plenty. Embrace the diversity in the world around you. Be open to new ways of seeing things. It will make your own vision that much clearer.

Equally important, learn to value your own voice. Don’t worry so much about fitting in or trying to be someone else – that is a recipe for failure. Hold tight to your values and speak up for the things you believe in. At this point I know you don’t have many well-defined opinions, but that will come with time. Just know that the sooner you realize the value of what you have to say, the sooner others will as well.

Now let’s talk about ambition. You are going to be a bit of a hard driver when you grow up. So, do me a favor… remember to take a breather every now and again, and don’t feel guilty about it. You don’t know this yet, but there will come a point in your career when you are going to hit a wall emotionally. Ironically, you will be burning out just as your career is taking off. Take the break you need. Don’t worry about what’s expected of you.

Hard work is essential. There are no short cuts in life and if you want to be successful you are going to have to put in the time and effort. But success should not come at the cost of your own health and happiness. Work will always be there. It’s life that will pass you by if you don’t make time for it. And guess what? That break you worried so much about taking? It will turn out to be the best decision you ever make (spoiler alert – not only will you re-ignite your passion for work, but you will meet the love of your life in the process!).

I don’t want to say too much more. Part of what makes this life so grand is that we never know what’s coming next and I don’t want to ruin the mystery for you. But, allow me just one last piece of advice: if you are so inclined, please re-think the decision to wear those tight jeans to your first job interview.

All my best, your older self

SOURCE,https://www.linkedin.com/pulse/letter-my-younger-self-punit-renjen?linkId=35267948

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Security

13 BIG CYBERSECURITY IDEAS FOR THE CISO BY CISOS

Published

on

Peers are a great source of information for the CISO because they are tackling the same security problems in different ways. Taking note of what they are doing is useful for replicating their successes in your own organization.

We recently sifted through dozens of interviews with, and reports about, CISOs, to uncover several knowledge gems. The emphasis highly effective CISOs place on the less tangible aspects of the job – leadership, culture and business savvy for example – is readily apparent.

What follows below is a roundup of useful comments, facts, and statistics – big cybersecurity ideas – for the CISO by CISOs.

1) Businesses do not exist to provide information security

It’s all too easy for security leaders to forget that the business of their business isn’t security – it’s to fulfill customer-demand for products or services:

“It is very easy to fall into a myopic view and focus strictly on information security without taking into consideration what is it ultimately that the organization is trying to accomplish strategically. So, keeping that front and center for our teams helps not only enable the business but keeps us all grounded because we, as a company, we exist because we sell toothpaste and tennis shoes and all of those things that customers count on us to provide. At the end of the day, we’re not in the information security business. So, the day that information security makes that prohibitively difficult, there is really no reason for us to be here, so we have to keep that organizational mission front and center.”

– Jerry Geisler, SVP & Global CISO, Walmart; source: Walmart’s Jerry Geisler on the CISO position, retail challenges by Kathleen Richards.

2) Understanding how IT supports the business

More than just understanding the IT infrastructure, security leaders need to understand how that infrastructure supports the business. While this comment stems from a healthcare security leader, it has broader applicability for any vertical market:

“CISOs need to know the entire architecture of a healthcare organization’s IT environment and how it supports each line of business. They need to fully understand the environment’s technological composition and nature of all the data contained therein, the process for storage and transmission, as well as the process of all critical and sensitive data and the complete flow of data in and out of the organization.”

– Mark Beckmeyer, Director of IT Security, Binary Fountain; source: Securing healthcare organizations: The challenges CISOs face by Zeljka Zorz.

3) Articulating the value of cybersecurity to the business

In business, cybersecurity is often seen as a cost. Yet one security leader found his experiences in government helped him translate the value of security in business:

“Cybersecurity is all about the management of enterprise risk. The value a CISO and security department provides to the company is the continuous management of this risk so the business units that directly generate revenue can focus on being innovative and helping the company meet its strategic objectives. So my value is risk management as a service: We support the business units so they can focus on what the business needs, and together we are all successful.”

– Gary Hayslip, CISO, Webroot; source: A Career CISO’s 7 Observations on Public vs. Private Sectorvia TechWire

Note: Mr. Hayslip co-authored a two-volume CISO Desk Reference Guide.

4) Managing security to your organization’s tolerance for risk

Experts say cybersecurity boils down to an exercise in risk management – the probability of an event – combined with the severity of impact. Investors might add another factor in tolerance, which is why this commentary from a CISO at a big investment bank is so relevant:

“To pre-empt this question, the CISO should have a conversation early on with the CEO to determine the organization’s risk appetite. This will allow the CISO to align and prioritize security initiatives accordingly.

We are in the business of information and technology risk management, so the ‘Are we secure?’ question is somewhat misguided. The question should be: ‘Are we managing risk according to our risk profile?’ To answer this, the CISO should be able to easily demonstrate, based on a recent risk assessment, how the various cybersecurity initiatives and projects are in fact reducing risk, shrinking the attack surface of the organization and aligning the security program with the firm’s overall risk profile.”

– Israel Bryski, Vice President, technology risk, Goldman Sachs; source: 8 Tough Questions Every CISO Should Be Ready to Answer by Joan Goodchild.

5) Translating security risk into business decisions

Some researchers say the best CISOs learn to lead without authority. It’s a nod to the idea that ultimately, successful security leaders identify and articulate the risks to business leaders so they can make the right decisions:

“It’s very important that the CISO take the time to translate the enterprise security/risk/compliance needs into what executives can assimilate and make the decision.”

– Rebecca Wynn, Head of Information Security and DPO, Matrix Medical Network; source: Leading Cyber Security Execs Describe CISO ‘Toolkits’ by Dan Gunderman.

 

6) Security leaders and technology leaders need leadership parity

Business wants to innovate – to deliver a service or make a product better and faster. Yet faster comes with risks and someone needs to examine those risks and pump the brakes when the risk exceeds the business’ tolerance level:

“You need to make sure that your heads of security are on equal footing with the heads of tech, otherwise there is an inherent conflict at play.”

– Anthony Belfiore, CSO, Aon PLC; source: Companies Unleash CISOs from Ties to Tech Chiefs by Kate Fazzini

7) A “security first” culture is a path to business efficacy

A “security first” approach is derived from culture and a security-conscious culture may enable a business to favor efficacy over stronger prohibitions and rigid policies:

“We’re not a blocker unless it’s absolutely essential. What I’m aiming for is when security does ‘say no’, the people take it seriously, because it’s so rare that they know it’s a serious occurrence.”

– Kevin Fielder, CISO, Just Eat; source: Just Eat’s first CISO is building security in from the ground up by Tom Allen.

8) Best-of-breed tools may help ward off future threats

The security tools fielded yesterday were designed to defend against yesterday’s threats. That’s why cybersecurity inherently involves economics. It’s may also part of the case for best of breed tools aimed at modern threats:

“As the threat landscape changes, some of the things that we think are a priority today may have a different priority tomorrow. And that’s part of the reason why when we have a vendor come in and do our security operations center, we will have the best-of-breed tools that will allow us to evolve in the next five years to deal with the current threats.”

– Marcelo Peredo, CISO, City of San José; source: San Jose’s first CISO braces for ubiquitous connectivity by Colin Wood.

9) The toughest questions a CISO must answer

Security leaders are often faced with difficult questions. A group of CISOs narrowed down what is surely a long list to the top five – as compiled by Kudelski Security:

> “Are we secure?”
> “How do we know if we have been breached?”
> “How does our security program compare to peers within the same industry?”
> “Do we have enough resources for our cybersecurity program?”
> “How effective is our security program, and is our current investment strategy aligned to it properly?”

– Survey of CISOs; source: The 5 most challenging questions CISOs face and how to answer themby Macy Bayern.

10) The 4 “Tribes” of CISOs

Personality tests strive to group people into categories based on characteristics, habits and communication style. Doing so is intended to provide insight into our preferences and weak spots so we can improve. A research project by Synopsys did something similar for the CISO “based on factors related to workforce, governance, and security controls.”  The research found CISOs can be used to grouped into one of four tribes:

> Tribe 1: Security as an Enabler;
> Tribe 2: Security as Technology;
> Tribe 3: Security as Compliance; and
> Tribe 4: Security as a Cost Center.

– CISO research project; source: Which CISO ‘Tribe’ Do You Belong To? by Kelly Sheridan

11)  What CISOs think makes CISOs successful

New York University Professor Nasir Memon once observed that security isn’t just a technical problem, but a legal problem, a policy problem and perhaps most importantly, a human behavior problem. CISOs it seems, agree with that assessment, according to a survey of CISOs by the Enterprise Strategy Group and ISSA.  The top skills CISOs say influence the success of a CISO are as follows:

> 54% say leadership skills;
> 49% say communications skills;
> 44% say strong relationships with executives;
> 33% say management skills; and
> 21% say upon technical skills.

– Survey of CISO; source: What makes CISOs successful? by Jon Oltsik

12) Individual consequences for getting phished?

While attacks have grown more sophisticated, many being with the same initiation stage: phishing emails. The organization can pay a heavy price when an individual gets phished and some say the risk and consequences should be shared:

“Someone who fails every single phishing campaign in the world should not be holding a TS SCI with the federal government. You have clearly demonstrated that you are not responsible enough to responsibly handle that information.”

– Paul Beckman, CISO, U.S. Department of Homeland Security; source: DHS infosec chief: We should pull clearance of feds who fail phish test by Sean Gallagher.

13) One upside to a breach:  a learning moment 

Once a breach has occurred, the dynamics between security and business may change. A breach is a learning moment, that makes conveying the message about the importance of security easier.

“One of the things that I really love about being a CISO in a post-breach environment is it gives you such an immense opportunity to drive fundamental, meaningful change in a very short timeframe. I felt like I did good things when I was at Los Alamos or at NASA, but it takes so frickin’ long to push some of this stuff. The barriers you face at any company not post-breach is you’re always fighting for budget, you’re always fighting for face time, trying to justify and convince people about the importance of security and risk management. When you’re in a post-breach environment, everyone already knows that it’s critically important.”

–  Jamil Farshchi, CISO, Equifax; source: Equifax’s Security Overhaul, a Year After Its Epic Breach by Lily Hay Newman.

Continue Reading

Careers

KPMG RELOCATING IN STAMFORD, ADDING 110 JOBS

Published

on

KPMG LLP plans to add 110 jobs over the next five years in a new Stamford office.

The audit, tax and advisory firm recently signed a long-term lease and plans to renovate space in the former UBS building at 677 Washington Boulevard, which it expects to occupy next spring. KPMG has had a presence in Stamford for nearly 40 years, where it currently employs 315 professionals at its location at 3001 Summer St. The firm’s Hartford office has 231 employees.

“KPMG’s commitment to growing its operations and creating jobs in Connecticut is a testament to our top-notch workforce and unbeatable quality of life,” Gov. Dannel Malloy said. “It is an encouraging sign that world-class companies are continually choosing to set up or expand operations in our state.”

The Connecticut Department of Economic and Community Development is supporting the business expansion in Stamford with a $3 million grant in arrears for leasehold improvements, equipment and other project-related costs. Portions of the grant will be released when certain job-creation milestones are met.

Continue Reading

Careers

THE 7 MOST IN-DEMAND TECH JOBS FOR 2018

Published

on

The 7 most in-demand tech jobs for 2018

CIO | Jun 6, 2018

From data scientists to data security pros, the battle for the best in IT talent will wage on next year. Here’s what to look for when you’re hiring for the 7 most in-demand jobs for 2018 — and how much you should offer based on experience.

 

 

 

 

Source: Computer World

Continue Reading
Advertisement

Trending