How to end your cybersecurity failures in 2019

When my eldest son was at middle school, he used to plead with me every single year to change schools. It always happened at the end of the summer holidays, and every time he’d sit half way up the stairs in our house, wailing. Once he calmed down, he’d talk about fresh starts and new beginnings. For some reason, he felt like he’d messed up and wanted a chance to reinvent himself. Sadly, the only way he thought he could was by changing schools and starting anew. I never let him, for I understood that it wasn’t actually necessary. I knew that fundamentally he was happy at his school and had good friends there. The only way he could get what he wanted was by applying a new technique, and that meant he had the power within himself to alter things.

Like my son, at some point in your life I bet you’ve probably committed to making a fresh start, too. Typically, these occur on the first day of the year/month/week/season, on your birthday, or on some other memorable occasion, like an anniversary or religious event. These special days are what social scientists refer to as temporal landmarks – social and personal, and just like physical landmarks they can help you find your way when you feel lost.

Fresh starts give you an opportunity to open up a new ‘mental account’ and assign your former self to the past. They enable you to remodel yourself and break away from any imperfections or mistakes you believe you may have made. With renewed awareness and intention, they leave you energised and confident about a new superior self and all the possibilities that are to come. If you’re an entrepreneur, like me, they’re like completing your year-end accounts and opening up a new ledger. Or, if you’re a leader, using up a budget, and accessing a new one.

The other advantage of fresh starts is that they enable you to get more perspective. They interrupt attention, force you to think more slowly, and get you out of day-to-day workings. They enable you to see the wood, when trees have blocked your sight. Finally, you get the big picture and are able to take a holistic view. It’s like when you’ve been driving for hours, barely noticing anything, and then, all of a sudden, you spot the mountain range in front of you. Daniel Kaufman goes into this in more detail in his bestselling book, ‘Thinking, Fast and Slow.’ He writes about System 1 and System 2 thinking and decodes the way we process information. He makes you think about the decisions you take as a result, which is particularly important for anyone involved in cybersecurity, as thinking slowly allows you to make better decisions around risk.

Now, not all fresh starts go as planned. Many fail, so, the best way to bounce back from one is to ensure you give yourself the best possible chance of starting well. In my last blog, I wrote about the ‘if-then’ approach and now I’m going to give you another technique for successful planning.

It’s called a premortem.

A premortem, a concept devised by Gary Klein, is the hypothetical opposite of a postmortem and instead of an examination being done after the event, it’s done before. In a medical setting, a postmortem enables you to understand what caused a patient’s death. In a business setting, a premortem starts at the beginning of a plan and enables you to find improvements. It’s subtly different from ‘if-then’ planning or critiquing, as team members are not having to think about what might go wrong. Rather, they’re told that the plan has failed and have to give reasons why.

As a leader, by briefing your team on your plan and its failure, you have an ideal opportunity to ensure all the voices in your team get heard. This is particularly useful for team members who may not always speak up or get heard when they do. Typically, but not always, these are women.

Once you’ve laid out the instructions, which involves each team member spending about 15-minutes independently writing down every reason they can think of for the failure, ask each team member, starting with the most senior, to read one reason that he or she has written down. The same reason cannot be repeated, and the process needs to continue until all reasons have been exhausted. Once finished, you need to review the reasons looking for ways to strengthen your plan.

So now you see that by imagining failure in advance, you can avoid any problems that could derail your plan.

Now I want to hear from you…

• Tell me what insights you've gained and how you're going to use them.
• Come join my IN Security Tribe, so you can continue the conversation and add value to an active, inclusive and welcoming community.

About Jane Frankland

Jane Frankland is an award-winning entrepreneur, best-selling author and keynote speaker. She has been named as a top 20 global influencer in cybersecurity, a top 100 in UK Tech, and a LinkedIn Top Voices. She's spent over 21-years in cybersecurity, built and sold her own hacking firm, and directed some of the world's most well known security consultancies. Through her career and companies she's been actively involved in leading industry accreditations, schemes and forums, judging awards and advising boards. Today, she is the CEO of Cyber Security Capital and the Founder of the IN Security Movement. To work with Jane, go here https://jane-frankland.com