It Takes A Lot Of Cyber-Something To Make Nothing Cyber-Bad Happen

Everyone wants to be successful. Defining what "success" is may vary person to person, and deciding whether someone is successful may not be up to any of us, but we can find contentment and professional pride in everyday work over a career. 

It's very difficult to define success in a career such as cybersecurity apart from the big picture issue of "nothing happened." Ultimately, if "nothing happens" you are successful, because nothing bad happened.

But for cybersecurity, "nothing bad happened" is not the same as "nothing happened." In fact "nothing bad happened" because something good happened in cybersecurity. Lots of "something" may be happening as a matter of fact and success means that none of it resulted in a win for your adversaries.

Lack of IT or cyber-systems failure is a sign that your cyber-defense processes performed well. Let's focus on that.

Cybersecurity is the process by which you create maximum network and systems uptime access for authorized users. This means that you create maximally effective security through thwarting, defending, and securing systems in ways that deny access to unauthorized users. This happens intentionally through:

• Creating a risk management architecture that leads to effective risk mitigation. Executive leaders are responsible for creating the vision for their division that provides the best risk management balance. It is highly likely that this balance may change to higher security (which involves higher expenditure) after high-visibility peers are attacked, but that also implies that the balance swings back to less security during lulls.
• Creating a high-performance work system. Managers are selected to keep the cybersecurity operations functioning as intended, which means providing oversight, performance management, coordination with external parties, etc. This means thwarting attacks through having implemented risk management policies through talented people and talent-supporting work processes. We've covered high-performance work systems (HPWSs) as an empirical model of how this happens. As every member of the Litany of the Hacked could tell you, it's not enough to "be the boss," you have to empower your team (or else you're competing with them and teaching them to become dependent on your approval) and hold them accountable -- yes really -- for results. 
• Creating a customer service environment that supports and encourages other employees to be part of the cybersecurity defense process. Correct, they don't code and you do. That's right, you know more about AI than they do. Spot on, you are the Monarch of Systems Administration. None of that matters if people don't trust you to be their partner in cyber-defense, and that they are your partners in turn. You are not the first line of defense -- those other people are. They can make your life easier by being your eyes and ears in the logistics chain. 

Being successful means that you have the talent to set up your team for success, and that you have hired a team of talented people. That's how you make nothing happen.

Ask us how you can make nothing happen.