Posts

Transforming Corporate Culture requires Trust

Image
Since being selected in 1Q 2022 to represent not only my organization, its division, but also my country location as a member of the IBM Manager Champion Group for that year, I frequently used the above virtual background in my web based calls. Working remotely had been my norm since well before the pandemic: that in itself deserves a separate post, especially since I have returned to a 3/2 split of office/home working in 2024. Yet it's inextricably linked to the main topic I've been ruminating on lately: corporate culture. The terms of manager and leader have been co-cited often at my employer's. However, I believe we are all capable of behaving like leaders, whether or not we have the responsibilities and privileges afforded to us to perform managerial duties. The Growth Behaviours (note my Canadian spelling, unlike in the picture) as we have been encouraged to embody, consist of the following topics:   Growth Minded   by staying curious and open to feedback, experimentat

Thoughts on moving into People Management

Mid December in 2021 marked six months since I moved from an Individual Contributor role of coordinating Infosec (although mainly electronic rather than paper based data related) Incident Response for my employer, to managing my former peers in the squad I'd been a part of for the prior two years. Since I'd had a 22 year career prior to my arrival in Cybersecurity, I'd had a long time to reflect upon what styles of management I would like to model, especially since I've experienced different styles of management as a practitioner. Generally speaking, the Golden Rule - treating others as I wish to be treated - resonates with me strongest. Being trusted, respected, and given constructive, timely feedback. Allowed to voice my views freely and perceived as a multi faceted individual rather than fitting into some mold of what someone in my role is supposed to be like, or limited by what I've already demonstrated rather than having my potential nurtured. I also hope that

On my Twentieth Service Anniversary - a Retrospective

December 11th 2020, was my 20th anniversary since starting at IBM . I wasn't quite sure how to start this article: I just knew I wished to write something down.  Like many career IBMers, I've learned something - usually several things - every day, solved problems, made mistakes, helped others, been inspired, and sought out support from areas and people I didn't know existed in the matrixed yet siloed presence that is our employer. On balance I am grateful for much of my experiences, and especially for the people who I've gotten to know, respect, and care for. So, with apologies to non-IBMers who would be unfamiliar with the org structure (although I've otherwise tried to avoid internal jargon and initialisms) I dedicate this post to everyone I wish - and need - to thank. You all have been an important part of my life. The Facts: Life events My elopement in the autumn of 2000 to an Irish citizen, which led to my applying to multinationals based in Dublin, Ireland in

Another analogy: Incident Investigations and Jawbreaker (gobstopper) candy - IR musings

After a couple of vacations to a country under lockdown due to the novel coronavirus, my first experience taking a SANS course , a bout of (regular strain of) flu, and some consistently busy work weeks, I'm back with yet another analogy. In looking up a reliable reference page to link to describe the jawbreaker candy , I discovered that in the regions outside of North America they seem to be called gobstoppers. If you can't be bothered to follow the above link, here are some salient excerpts: Gobstoppers usually consist of a number of layers, each layer dissolving to reveal a differently coloured (and sometimes differently flavoured) layer, before dissolving completely. Gobstoppers are too hard to bite without risking dental damage (hence the name "jawbreaker"). [snip] As gobstoppers dissolve very slowly, they last a very long time in the mouth, which is a major factor in their enduring popularity with children. Larger ones can take days or even weeks* to ful

Cyber Security Incident Responder as a musical conductor: an analogy

Those who know me personally may be aware that my main extra-curricular, spanning a full decade starting at age 11, was playing the viola in music ensembles which ranged from the intimacy of quintets to the power of 80-piece orchestras. In fact I'd taken piano performance the most seriously (read: via private lessons for eight years with a reputable teacher at the Royal Conservatory of Music) so I never became as proficient in viola. In contrast to the years-long solitary struggle that comprised my endeavour to passably interpret several Beethoven sonatas, a few of Bach's keyboard works, and a Chopin mazurka or two however, my most vivid memories at school are social, involving becoming acquainted with compositions by actively collaborating with my fellow musicians. My love for "classical" (more accurately, baroque to early romantic era) music continues unabated, and a desire to perform has now been channeled instead into haunting the Musikverein and Konzerthaus -

Musings from an IR - Meeting and Parting with Strangers

After nearly two whole months in this Cyber Security Incident Responder role, I remain amused by the universally expressed sentiment from every new person I meet. Specifically, that they're pleased to make my acquaintance, but sincerely hope our interactions are short-lived and that they wish to never need to cross paths with me again, as representative of all people in my role. On the one hand, as a self-professed deep introvert , making cold contact with complete strangers on a daily basis is a draining ordeal, despite my extensive experience with many types of colleagues and clients. What mitigates the fatigue is that firstly, most of the people I interact with are experts in their disciplines, which I appreciate both in principle, and from the delightful side effect of learning a surprising amount about what they care about professionally and what processes they follow. Secondly as they are almost always embroiled in a stressful situation, they appreciate my presence as guid

Thoughts of a fledgling Incident Responder: one month in

As stated in my recent posts, I've made another career switch. This time, I'm dipping my metaphorical toes into the increasingly mission-critical area of most businesses: that of cyber security. The new look that I've applied to this blog, that of a darkened forest, is an analogy that I find apt. In broad strokes, most people are aware of its existence, yet few have explored it to find the diversity of the elements which comprise it.  Being such a neophyte myself I count myself as especially fortunate, to be in a team where there are already experts I could call upon, where we have the potential to leverage powerful, industry-leading tooling, and in an environment where every employee is called upon to actively protect not only our own data and assets, but those we are entrusted with by our clients.  In fact, it was immediately apparent that one has no choice but to take this role seriously if only because my employer's clientele consists mostly of organizations t