From Paul's Security Weekly
Jump to: navigation, search

Business Security Weekly #93

Recorded July 23, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Announcements

    • We just released our 2018 Listener Survey; Please go to to help us continue to provide you with quality content that doesn't break the build.
    • Come to our Pool Cabana @ Black Hat and Def Con to pick up a free copy of "Cyber Hero Adventures". Here you will be able to get the comic book signed by Gary Berman.

    Interview: Gary Berman, "The CyberHero Adventures: Defenders of the Digital Universe"

    -->Gary is the CEO of Cyberman Security and refers to himself as, “the most reluctant cyber security person in the world” given that his 25-year career has been as a thought leader in marketing communications in general and in market segmentation in particular. Until recently, he knew very little about technology and even less about cyber security, but everything about the devastating effects of being the CEO of a company that was victimized by a persistent series of insider attacks.

    Article Discussion on Leadership, Communication, and Innovation

    What I Learned from 5 Years at Gartner

    Inspired by this tweet:

    • Most problems are not unique; and they don’t require perfect knowledge; to make progress requires understanding the real problem
    • The way we phrase our questions often masks the real problem; this requires more practice asking the right questions
    • Most vendor briefings are not very good. TRUTH. Important to work with the right firms to craft your story
    • Love the approach on the slides — less is more. Get to the point. Tell your story.
    • Success comes from solving persistent problems
    • BONUS: definitely get space.

    “Urgency bias” is killing your productivity

    • (BSW Episode 90 lays out how to capture your time in a brief audit)
    • We have a built-in urgency bias - and “seems urgent” trips it
    • The result is a series of objectively poor choices
    • We often choose short, easy in an effort to complete (and get the boost) - ever write a to-do just so you can cross it off?
    • Constantly question your choices — and consider adopting a structure to help think about it consistently (like the value prop & scorecard)

    The Power of Leaders Who Focus on Solving Problems

    • Honoring the role of a strong individual contributor; focus on your strengths and getting stronger
    • The rise of problem-led leadership?
    • Get others excited about solving a problem
    • Not interested in leadership, long term, but will rise up

    The After Action Review: A Leader’s Guide

    • Use AARs to accelerate learning
    • “What did we learn last time?” - start with the question
    • The key is putting the lesson into practice. Simple, not easy.
    • Iterate, iterate, iterate
    • Make it required, keep it short, create the habit (always be questioning)
    • Small teams, get the right people in, consider a moderator
    • Record what you learn

    Always Wait For And Trust The Question

    • Questions engage people
    • “What do you need next?”
    • Then listen. Create space for everyone to listen. Silence is okay.

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+