Answering the WHYS in Cybersecurity

Slides:

Advertisements

Similar presentations

PINNACLE CONSULTING & COACHING / TABLE GROUP CONSULTING PARTNERS

Advertisements

Close Hold – Company Confidential – Not for Distribution Engagement Every Day: 2011 Engagement Survey – List of Q12 & SAIC-specific 2011 Engagement Survey.

2013 CollaboRATE Survey Results

CalSTRS Goals CalSTRS is committed to providing a sustainable employee culture to promote our mission of securing the financial future and sustaining the.

Maintaining Industrial Harmony at Work

Leadership Development Nova Scotia Public Service

Leadership in the Baldrige Criteria

Strategic HR Management

Imran Ghaznavi Course Code: MGT557 COMSATS Strategic Human Resource Management.

Strategic role of HR. The Strategic Nature of HR The work of HR practitioners can be divided into two main areas: 1.Transactional activities – consist.

The Esteemed Agency: Managing Human Services Teams Week Fifteen.

Angela Baron and Jill Miller Chartered Institute of Personnel and Development

Gallup Q12Yes/ No Do you know what is expected of you at work? Do you have the materials and equipment you need to do your work right? At work, do you.

Employee Engagement. What is Employee Engagement  An engaged employee is one who is fully involved in, and enthusiastic about his/her work.  Desire.

Empowerment Empowerment simply means giving people authority – to make decisions based on what they feel is right, have control over their work, take risks.

©SHRM SHRM Speaker Title Bhavna Dave, PHR Director of Talent SHRM member since 2005 Session 2: Relationship Management Competencies for Early-Career.

Building Teams and Empowering Members 1. Empowerment Empowerment is not bestowed by a leader, it is the process of an individual enabling himself to take.

Today Oct-Nov 2015 JanFeb Mar - May FY17 Engagement Survey administered Results shared with senior leadership Results shared with HUIT Local meetings in.

The Many Faces of Employee Engagement Leisha DeHart-Davis, Associate Professor.

1 Chapter 9 Implementing Six Sigma. Top 8 Reasons for Six Sigma Project Failure 8. The training was not practical. 7. The project was too small for DMAIC.

HUMAN RESOURCE MANAGEMENT

Engagement Reflection and Planning

ORGANISATIONAL VALUES DIRECTOR OF OPERATIONS

Meeting Present and Emerging Strategic Human Resource Challenges

Welcome Michele & Nikki will be with you in a few moments.

10.3 Managing strategic implementation

Onboarding: Setting Your New Employee Up for Success

Board Roles & Responsibilities

Value Based Leadership How leaders can influence the key performance metrics that create real business value and profitable growth.

HR and Knowledge Management in Multidisciplinary Team

Human Resource Practices

Shaun McCarthy Chairman Human Synergistics Australia & New Zealand

Customer Service, Balanced Scorecards: The Road to Becoming a Service-Oriented Organization 1.

Creating Our Common Wealth Supporting the Growth of Others

Roles of People Management Today

Empower Managers to Take Ownership of Employee Engagement

Building Better IT Leaders from the Bottom Up

WHAT IS COACHING CULTURE ?

Spreading story use.

Chapter 2: Constraints and Challenges for the Global Manager

Performance management and engagement

Alfonso Bucero, PMP, PMI-RMP, PFMP, PMI Fellow Managing Partner

Change is Hard! Incorporating Values to Keep Staff Motivated

The Manager: Omnipotent or Symbolic?

NASSCOM India Leadership Forum 2008

Messaging: A New Approach for Executive Conversations:

Human Resources Competency Framework

Employee Engagement Survey

Developing and Organizing Leadership Committees

Safer Culture, Better Care

NASSCOM India Leadership Forum 2008

Above and Beyond High Performance and Innovative Work Culture and Teams in an Unpredictable Immigration Landscape Rodolfo R. Altamirano, Ph.D. Director,

Employee Value Proposition Updated Preliminary Draft October 30, 2018

Powerful Partnerships With Today’s Volunteers

Core Competencies of a World Class Customer Advisory Board

Teaching and Learning Forum

Learning that deepens knowledge and understanding

Moving Organizational Performance

Moving Organizational Performance

Importance Rankings (Hi to Lo - T to B, L to R)

People Lead: This is the visual representation of our model. This model supports and reinforces our definition of leadership - achieving results, with.

Teaming and Collaboration

Leadership of and for learning

PLDI™ Australia is a new collaborative endeavour in the HIV community response in Australia. PLDITM Australia is a unique community service partnership.

Leading for learning Rocky view schools * ALP2 – February 26, 2018

Employee Engagement Align ~ Link ~ Connect

Finding and Retaining Talent

Developing SMART Professional Development Plans

Building an Inclusive Work Environment MICHELE PALUDI, Ph. D

Creating a great Workplace Culture to Develop and Retain Great People

Presentation transcript:

Answering the WHYS in Cybersecurity BSides Fredericton 2017 Kathryn Chamberlain

How many... Deal with end-users? Run a security campaign? Fix the technology when end-user break things? Are the security ‘lead’ for their organization? Are an advocate for cybersecurity?

About Me Mount Allison University Graduate Venture for Canada Fellow Commerce & Mathematics Employee Engagement & Change Management Research Internships Venture for Canada Fellow Beauceron Security

Today Challenges for End-Users Employee Engagement Organizational Culture Change Management Questions

Why are we talking about “HR STUFF” at a cybersecurity event?

Why do I have a role in this? Why can’t you just fix it? Why does this matter? Why do I have a role in this? Why can’t you just fix it? Why would someone target me anyway? Why would someone want our data? Why should I care?

Top Challenges for Security Professionals Communication Upper Management Support Employee Engagement Other Time Money Culture Enforceability of a program Resources Staff SANS 2017 Security Awareness Report

Today Challenges for End-Users Employee Engagement Organizational Culture Change Management Questions

Employee Engagement

Employee Engagement High degree of emotional and intellectual commitment to the organization; employees fully involve themselves in work, are absorbed, focused and energized, going above and beyond with discretionary efforts, fostering change, and dedication. Kahn, 1990; Macey & Schneider, 2008; Unal, Zeynep and Tu Tugurt, 2015

Common Themes Each person is unique- what engages you doesn’t necessarily engage the person standing next to you.

Some Examples Autonomy Models of upward feedback Career growth opportunities Opportunity to be creative/innovative Clarity of expectations Personality Conscientiousness Psychological Safety Communication Recognition Culture Role Expansion Feelings of energy and empowerment Senior management Feeling Informed Supportive colleagues Flexibility Supervisor commitment Involvement in decision making Values Leadership Styles Work/life balance

Research Study Narrative Inquiry Interviews & Focus Groups Collaborative Effort

A Short Story When asked most engaging experience … Recruiting event for their company Answering questions about the company, Interacting with boss & others Meaningful Assignment When asked about person they trusted most… Getting to know them outside of work Their communication style Feedback Leadership Style Kathryn Chamberlain (2017)

Kathryn Chamberlain (2017)

Engaging Security Programs Meaningful Work - Why does this matter? Ownership - Why is this my job? Problem Solving - What can I do to fix this? Alignment of Mission - Why is this important to me? Feedback - How can we make this better? Personal Histories - Why are you interested in security? Communication - How consistently are you talking about security? Do you walk the talk?

Today Challenges for End-Users Employee Engagement Organizational Culture Change Management Questions

The Way We Do Things Around Here, Everyday. Organizational Culture

Shared Assumptions, Values and Beliefs Amongst Organization Members Organizational Culture

Does your organization value security?

Suggestions 1. Ensure a security representative is attending all board meetings 2. Educate security representative on how to effectively communicate cyber-risk 3. Provide security representatives with business context 4. Clearly differentiate between cyber-risk management and compliance. Fred Kniep from Compliance Weekly

Today Challenges for End-Users Employee Engagement Organizational Culture Change Management Questions

Change Management “Change management is the discipline that guides how we prepare, equip and support individuals to successfully adopt change in order to drive organizational success and outcomes. While all changes are unique and all individuals are unique, decades of research shows there are actions we can take to influence people in their individual transitions. Change management provides a structured approach for supporting the individuals in your organization to move from their own current states to their own future states.” Prosci Change Management Definition

Levels of Change Management Individual Change Management Individual change management requires understanding how people experience change and what they need to change successfully. Organization/ Initiative Change Management Driving successful individual transitions should be the central focus of the activities in organizational change management. Enterprise Change Management An enterprise change management capability means effective change management is embedded into your organization’s roles, structures, processes, projects and leadership competencies. Prosci Levels of Change Management

Change Agents “Change agents sponsor and promote change initiatives in organization; change recipients are those organizational members who carry out the change measures.” (Klonek, Lehmann-Willenbrock &Kauffeld, 2014) 36 minutes

Change Agent Keys External validation of the method of change 1 Individual change agents need to have some credibility within the organization2 Focus on the big picture- frame initial communications on broad concepts than detailed specifics 3 Bring it back to the individual- why should it matter to them 3 Help provide business context – why should it matter to the organization, what are the lasting impacts of the decision 3 1- Birkinshaw et al., 2008 2- Armenakis et al., 1993 3-Larry Powers at Boxley Group - Consulting Blog

Key Take-Aways Build an engaging security program Think about the impact on each individual user Create a level of ownership Build trusting relationships throughout the organization Identify the level of change you’re making Communicate frequently, consistently and don’t forget to walk the talk.

Challenges to You Think about why you got into security in the first place – talk about that story with your team Have/Attend cross-department meetings – try to understand the challenges they are facing and how security impacts their strategic objectives Leverage your people – find people throughout your organization who believe in a security culture and empower them with the knowledge and resources they need

How can I get involved? Why does this matter? Why do I have a role in this? Why can’t you just fix it? Why would someone target me anyway? Why would someone want our data? Why should I care? How can I get involved?

Questions @_kachamberlain kathrynannechamberlain@gmail.com Kathryn Chamberlain