[00:41.520 --> 00:42.420]  Hi
[00:57.420 --> 01:00.260]  , can everyone hear me okay?
[01:00.480 --> 01:01.780]  Perfect.
[01:01.780 --> 01:04.500]  So it's noon, so we can go ahead and get started.
[01:05.460 --> 01:09.380]  Very intimate group today, so definitely appreciate everyone coming out.
[01:09.860 --> 01:21.340]  Before we get started, before we dive into the bulk of the conversation, I always think it's great when you talk with different security teams and the new boss always comes in and we start with icebreakers.
[01:21.340 --> 01:23.220]  Who doesn't love that, right?
[01:23.220 --> 01:27.780]  The opportunity to really get some hard-hitting information.
[01:28.260 --> 01:30.120]  We did one last year.
[01:30.120 --> 01:41.900]  I was actually in the middle of a reorg and we had a brand new exec come and he had the opportunity to ask a very interesting icebreaker, if you will, especially to a sea of security individuals.
[01:42.360 --> 01:52.440]  He asked, if you were to have a superhero or a fantasy character be your avatar, if you were to say, who would you be?
[01:52.980 --> 01:53.820]  Why?
[01:54.360 --> 02:00.020]  You know, obviously you go around and everyone starts to hit the casual Superman, a lot of Batmans.
[02:00.020 --> 02:03.760]  I think that probably speaks a little bit to security as a whole.
[02:03.760 --> 02:09.540]  We think of ourselves as vigilantes or whether we just really like the Dark Knight as well.
[02:10.100 --> 02:13.520]  A few Aquamans, which always raises a few eyebrows as well.
[02:14.440 --> 02:18.760]  And when it got to me, I kind of had the opportunity to just do something different.
[02:19.180 --> 02:21.780]  Everyone was choosing superheroes, DC, Marvel.
[02:22.140 --> 02:24.580]  I went with Aragorn.
[02:24.580 --> 02:29.700]  If you're a Lord of the Rings fan, maybe saw yourself in the Middle Earth.
[02:30.060 --> 02:36.560]  The reason why I chose that was, yes, he has that main character energy.
[02:36.560 --> 02:37.320]  Very much so.
[02:37.320 --> 02:39.780]  As part of the fellowship, he represented that.
[02:40.180 --> 02:45.160]  One of the things I really also saw was, he was a servant leader.
[02:45.600 --> 02:48.000]  You rarely see that in superheroes.
[02:48.060 --> 02:50.340]  You see them being the saviors.
[02:50.380 --> 02:51.680]  You see them taking the glory.
[02:51.680 --> 02:53.980]  You see them considering that aspect.
[02:54.800 --> 03:00.440]  When you talk about Aragorn, when you talk about his entire role, it was, how can I better the team?
[03:01.200 --> 03:03.940]  I think a lot of managers lose that across the board.
[03:03.940 --> 03:19.840]  As we're talking a little bit more about our conversation today, when I talk about some of the elements that I'm going to be diving into, empathy, bias, fear, one of the things I want everyone to think about is, what character would you be?
[03:19.840 --> 03:21.200]  Now knowing that.
[03:21.560 --> 03:23.960]  And if it's still Batman, that's a great choice.
[03:23.960 --> 03:27.820]  He has all the great gadgets and a budget to support it as well.
[03:28.420 --> 03:30.780]  Before we dive in as well, I want to introduce myself.
[03:30.780 --> 03:32.140]  My name is Alex Bates.
[03:32.780 --> 03:37.920]  Currently I'm a director of information security for a global communications company called Cinch.
[03:37.920 --> 03:39.200]  We're based out of Sweden.
[03:39.840 --> 03:44.560]  Overseeing security operations, product security, GRC as well as engineering.
[03:45.860 --> 03:48.220]  Before that, really got my start in consulting.
[03:48.220 --> 03:52.940]  Was at both KPMG and EY doing a lot of their cyber security practice.
[03:52.980 --> 04:00.180]  Advising top 50 Fortune 100 companies as well, just on continuous efforts and the maturity of those programs.
[04:00.600 --> 04:01.860]  Thank you all for being here.
[04:01.860 --> 04:04.520]  Thank you CypherCon for hosting me as well.
[04:04.800 --> 04:07.540]  We'll go ahead and get into some of the material from there.
[04:08.840 --> 04:16.580]  Kind of going back to some of that icebreaker, one of the areas that I really like to dive into is the paradox of being a security professional.
[04:16.580 --> 04:29.280]  Very much, and this is why I believe there's a huge military influence as well into security, but it's not only being a protector, but you also have to very much be an enabler.
[04:29.660 --> 04:35.140]  And so being, walking that line, you consistently have to say, am I doing too much?
[04:35.380 --> 04:36.880]  Or am I not doing enough?
[04:36.880 --> 04:39.740]  And it's a consistent debate internally.
[04:39.740 --> 04:45.920]  And it's a consistent debate from a business side because, is there money to do what I want to do as well?
[04:45.920 --> 04:47.280]  Are there resources?
[04:47.440 --> 04:49.280]  Do we even have the process in place?
[04:49.280 --> 05:11.560]  And so, as we think about ourselves as professionals, as we think about ourselves in the consideration, whether you started in a SOC, whether you started as a pen tester, or as a GRC analyst as well, the best leaders are the ones who really remember those decisions,
[05:11.560 --> 05:18.120]  that level of stress at each part of the process, each part of the journey that promoted you throughout your role.
[05:18.140 --> 05:33.520]  And it's always the execs or the heads of security who tend to forget what it's like fighting an incident, who tend to forget how much exhaustion and pressure and stress that can create, especially from resource burnout.
[05:33.740 --> 05:46.420]  The goal that I've always focused on within my leadership, but also just talking to teams, is understanding, baseline understanding, just like baseline security controls to say, your job is hard.
[05:47.060 --> 05:53.340]  Let's try to make it a little bit easier by not adding just that heavy people element and those deliveries there.
[05:53.760 --> 06:02.760]  So, a big thing that I always like to do is just to talk about, this is just a photo of obviously a samurai, but there's something called the warrior's repose.
[06:03.120 --> 06:07.020]  And the warrior's repose is, when do I stop fighting?
[06:07.280 --> 06:09.660]  When do I stop worrying about forensics?
[06:09.660 --> 06:11.880]  When do I stop worrying about the dashboards?
[06:12.020 --> 06:16.320]  And in many ways, many organizations will say, you don't.
[06:16.980 --> 06:24.780]  But it's when you have the opportunity to really dive in and find that relaxation, but also understand where your limits are as a professional.
[06:24.800 --> 06:34.360]  That's when you can kind of start to develop a little bit of those considerations to say, I've done what I can and what I can control today as well.
[06:35.600 --> 06:42.540]  Again, diving into the paradox of being a leader, being also an individual within a security team.
[06:42.540 --> 06:47.320]  The biggest aspect is, we have to be a protector and an enabler for the business.
[06:47.320 --> 06:58.040]  So this isn't only just looking at the people aspect, but looking at our executive teams, looking at the strategy, looking at the roadmaps that we have to execute, and really dive into saying, how can I do this?
[06:58.040 --> 06:59.880]  How can I mitigate risk?
[06:59.920 --> 07:03.940]  And risk in business is always one of those areas that you throw out.
[07:04.100 --> 07:05.100]  What is risk?
[07:05.380 --> 07:06.560]  What is a business risk?
[07:06.560 --> 07:07.780]  What is security risk?
[07:07.780 --> 07:09.240]  What is an IT risk?
[07:09.860 --> 07:17.360]  You ask an engineer, you ask anyone within the stock, you'll say, if anyone could actually patch, then we would have less risk.
[07:18.260 --> 07:21.340]  That usually falls on deaf ears in many ways.
[07:22.200 --> 07:27.900]  The one way that I've always tried to justify risk, especially in the IT world, is what could go wrong?
[07:28.100 --> 07:30.120]  Help me understand what could go wrong.
[07:30.120 --> 07:40.400]  And so when you're balancing that level of risk, that's when you start to identify those risk appetite areas of executive management, and it always changes by the boss that you have.
[07:40.980 --> 07:58.580]  The other aspect is just understanding that as a security professional, whether you're in the management side or still very much building your career, it's a consistent tug of war to say what we should do, what I would recommend, or what the business is actually going to do.
[07:58.580 --> 08:11.860]  And so the biggest way that I've always tried to understand and simplify that within my own mind is my job as a security professional is to raise a flag, and when there's enough flags, people will eventually listen.
[08:12.380 --> 08:23.780]  And again, if there's the lack of investment, the lack of support, that's why risk management comes into the case, and they get to accept those risks that I pointed out in many ways.
[08:23.840 --> 08:26.300]  But it's one of those areas that it's hard.
[08:26.300 --> 08:31.060]  You know, why wouldn't we want to put FIDO2 into our authentication piece?
[08:31.060 --> 08:34.720]  Why wouldn't we want CrowdStrike Falcon Complete across everything?
[08:34.720 --> 08:38.980]  Well, I mean, June maybe told us diversify it as much as we can.
[08:38.980 --> 08:44.820]  But it's one of those areas to say, yes, this is good.
[08:44.820 --> 08:49.920]  It's a good thought in a vacuum, but then the implementation always struggles a little bit.
[08:50.300 --> 09:06.320]  So, very much understanding just as a security mindset, getting ourselves there, this is where we have to constantly say, what is the business going to allow us to do, and what are we going to allow ourselves and our ethics to support ourselves with in that sense,
[09:06.320 --> 09:07.660]  and what can we execute?
[09:07.860 --> 09:08.860]  It's hard.
[09:08.880 --> 09:09.820]  It's not perfect.
[09:09.820 --> 09:12.340]  It's not a sales person chasing a contract.
[09:12.380 --> 09:16.460]  You are consistently doing checks and balances in every decision that you do.
[09:18.040 --> 09:20.500]  Now we go into the bulk of the conversation.
[09:20.980 --> 09:22.780]  Talk about empathy.
[09:22.780 --> 09:28.160]  And you'll hear me talk about bias, and you'll also hear me talk about sympathy and fear in many ways.
[09:28.460 --> 09:33.320]  Empathy is always the consideration to basically acknowledge what has happened.
[09:33.620 --> 09:36.500]  You don't necessarily need to say, oh, I get it.
[09:36.500 --> 09:37.520]  I've done that.
[09:37.640 --> 09:41.040]  You can say, I understand what you're saying.
[09:41.400 --> 09:54.720]  And so, as a manager, or even from the staff perspective, being able to meet someone and say, hey, I've just put in a 13-hour day working on just PowerShell scripts right now.
[09:54.800 --> 09:57.940]  Is there a way that I could take some time?
[09:57.940 --> 10:01.180]  Is there a way that I can understand I'm burnt out?
[10:01.960 --> 10:07.620]  When you talk about the manager side of it, you need to look at your resources very much like soldiers.
[10:07.700 --> 10:11.340]  And the manager always consistently wants to go back to that military side.
[10:11.340 --> 10:13.860]  First person on the battlefield, last person off.
[10:13.860 --> 10:16.540]  So there's that manager burnout as well.
[10:16.700 --> 10:29.140]  And I think when you create those lines of communication, when you create that conversation with your teams to look around and realize what the team is going through, that's when you actually start to build trust.
[10:29.200 --> 10:39.440]  When you say we're getting through it and we're getting through it together, instead of I'm going to make sure you guys get through it type of thing, it eliminates huge barriers.
[10:39.440 --> 10:41.260]  And I'll talk about that in the next slide.
[10:41.700 --> 10:49.340]  Sympathy is also going to be something that a lot of people talk about, but it's as equally negative as it is positive.
[10:49.440 --> 10:54.120]  Sympathy in many ways is saying I'm sorry.
[10:54.480 --> 11:04.060]  And the hard part about saying sorry, because you're acknowledging the pain, you're not offering anything more than that transaction in many ways.
[11:04.360 --> 11:14.720]  And that's where, again, answering with empathy, considering that aspect of I understand versus I'm sorry, it opens the door to say I understand.
[11:14.720 --> 11:15.560]  You're dealing with stuff.
[11:15.560 --> 11:16.660]  You have a family.
[11:16.760 --> 11:19.060]  I understand you're dealing with stuff.
[11:19.480 --> 11:25.780]  Potentially you have other priorities that are also equally as important to you in the hours that you don't work as well.
[11:26.220 --> 11:30.340]  And then the last part is I understand you're human.
[11:30.520 --> 11:31.620]  You're not a machine.
[11:31.620 --> 11:32.660]  You're not AI.
[11:32.760 --> 11:36.900]  And one day AI will also ask for empathy, I'm sure.
[11:37.820 --> 11:43.080]  And then the last aspect, I'll talk about it in the next slide, but talk about fear.
[11:43.080 --> 11:51.740]  Examples of empathy, sympathy, and fear in many ways is, again, like I talked about, fighting an incident.
[11:51.740 --> 11:59.400]  When you're going through containment and discovery, discovery and containment, it's impossible to know where the milestone is.
[11:59.400 --> 12:01.740]  Where is the touchdown?
[12:02.300 --> 12:07.600]  In many ways someone once explained it to me of fighting a fire.
[12:07.600 --> 12:14.040]  You don't necessarily have to show that all the fire is out, but you have to try to point out where the coals are.
[12:14.300 --> 12:16.840]  If you can say that, there's a level of containment.
[12:17.280 --> 12:18.660]  But then things pop up.
[12:18.660 --> 12:19.360]  Things pop up.
[12:19.360 --> 12:31.880]  All of a sudden you get another notice at 1.14 in the morning from your SOC, from your MSSP, from your EDR, and you have to dive in and start the entire process over.
[12:31.880 --> 12:35.480]  The empathetic leader would say, let's do it.
[12:35.760 --> 12:39.300]  Whoever can raise their hand and get into it, let's do it.
[12:39.300 --> 12:40.760]  If you can't, that's okay.
[12:40.760 --> 12:42.520]  We'll figure it out.
[12:42.740 --> 12:44.200]  Join when you can.
[12:44.780 --> 12:52.060]  The sympathetic leader is going to be the one who acknowledges something when it's out of their control.
[12:52.060 --> 12:59.800]  Again, personal aspect, death, life challenges, but also from a professional side, when layoffs happen.
[12:59.980 --> 13:01.360]  How do you handle stress?
[13:01.360 --> 13:09.400]  How do you handle that from a leadership aspect to acknowledge that sometimes there's a business decision that's above your control?
[13:09.660 --> 13:12.900]  Again, the sympathetic leader would say, I'm really sorry.
[13:12.940 --> 13:17.740]  The empathetic leader would say, I understand the frustration.
[13:17.740 --> 13:19.180]  Let me know how I can help.
[13:19.940 --> 13:21.240]  And then the fear.
[13:21.280 --> 13:31.060]  Now, the fear is always going to be the element that a lot of people initially go to in their tool belt, because that's where they get the most bang for buck.
[13:31.100 --> 13:33.820]  They say, get this done, or else.
[13:33.820 --> 13:36.720]  Get this done, or it will go on your performance review.
[13:36.840 --> 13:39.960]  Get this done by end of day, or we're going to have a talk.
[13:40.520 --> 13:42.680]  End of day is always one of those areas.
[13:42.680 --> 13:43.480]  When does the day end?
[13:43.480 --> 13:44.200]  Who knows?
[13:45.520 --> 13:58.840]  But if there's those threats, if there are those considerations to say, how am I going to get through this by the end of the day, without the actual recourse, or without understanding from the manager, you are just working in a vacuum.
[13:59.140 --> 14:07.860]  And that's hard, specifically at even the manager-director level, because you have corresponding relationships up to executives, and also down to your staff.
[14:08.320 --> 14:11.540]  And so I think this is a valuable thing to always understand.
[14:11.540 --> 14:18.800]  How am I going into a situation, whether it's going to be with empathy, whether it's going to be with sympathy, whether it's going to be with fear.
[14:19.180 --> 14:24.100]  At the end of the day, I would refer... I've seen quite a bit of success.
[14:24.120 --> 14:34.580]  With folks just having the opportunity to say what it is, and acknowledge it, and try to look for solutions, instead of going to the easy solutions with sympathy and fear.
[14:35.760 --> 14:37.820]  Now I'm going to talk about the role of bias.
[14:38.640 --> 14:49.760]  When I was at EY, they sent us to all those type of summit leadership trainings, and in that meeting, we actually had a chance to meet with some of Yahoo's think tank for strategy.
[14:49.780 --> 14:51.360]  And they talked about bias.
[14:51.360 --> 14:53.640]  And they talked about unconscious bias.
[14:54.180 --> 14:59.100]  Now when you think about what unconscious bias is, it kind of starts to spin in your head.
[14:59.100 --> 15:00.160]  Well, it can be anything.
[15:00.160 --> 15:01.880]  I'm prejudging anything.
[15:01.980 --> 15:04.300]  So he went and told us a story.
[15:04.300 --> 15:09.340]  And the story basically starts that a father and son were in a tragic accident.
[15:09.720 --> 15:13.760]  As they were taken to the hospital, the father didn't make it, but the son did.
[15:14.440 --> 15:27.560]  As the son is rolled up into the operating room, the doctor approaches, and the surgeon immediately says, I can't operate on this individual, they are my son.
[15:28.800 --> 15:30.000]  And he stopped.
[15:30.000 --> 15:30.640]  And he froze.
[15:30.640 --> 15:34.640]  And he asked the same question I'm going to ask you, but he goes, what's the situation?
[15:35.660 --> 15:41.120]  So, I guess to the audience here, any answers on what the situation is?
[15:46.860 --> 15:48.660]  In many ways, yes.
[15:50.740 --> 15:54.500]  Everyone went throughout the room, and basically everyone gave different answers.
[15:54.500 --> 15:56.940]  Everyone said, oh, it could be the father's partner.
[15:57.360 --> 16:01.500]  It could be the... the father actually didn't die.
[16:01.500 --> 16:05.780]  He actually ended up being in the hospital somehow, and it was someone else driving him in that moment.
[16:05.780 --> 16:06.720]  But it was right.
[16:06.720 --> 16:08.300]  So thank you for the solution.
[16:08.600 --> 16:13.780]  The answer is, the surgeon was the son's mom.
[16:14.720 --> 16:19.720]  And immediately when you hear the story, why would you immediately assume it wasn't the mother?
[16:19.840 --> 16:21.960]  Three out of ten surgeons are women.
[16:22.900 --> 16:30.240]  One out of ten surgeons are openly saying that they have a different sexual orientation as well.
[16:30.360 --> 16:35.860]  And so immediately you're starting to play a numbers game before the decision, before the story played out.
[16:35.920 --> 16:40.060]  And it's an example of bias developing and presenting itself.
[16:40.380 --> 16:47.600]  And so before this story ended, before the answer was given, and thank you by the way, you already had something in your mind.
[16:48.240 --> 16:49.980]  Now apply that to security.
[16:49.980 --> 16:54.420]  We are all a sum of our actions and experiences.
[16:54.840 --> 16:59.300]  What do we usually go to from fighting an incident?
[16:59.300 --> 17:04.000]  We go to playbooks that we created based off our incidents and experiences.
[17:04.380 --> 17:19.840]  And so if you think about that, when you start to think about resource management and talking to folks, it actually becomes almost an inhibitor to you to immediately go to your well of experiences and information.
[17:20.220 --> 17:27.820]  The average leader in many incidents has to prove themselves wrong before they prove themselves right while fighting an incident.
[17:27.820 --> 17:29.720]  Especially with threat actors now.
[17:29.880 --> 17:41.060]  Some of the techniques that we've been seeing, the IOCs from Salt Typhoon, from Scattered Spider, these are smart teams that are doing different flavors of the same work.
[17:41.240 --> 17:45.720]  But we haven't experienced a lot of this before.
[17:45.720 --> 18:01.680]  And so those consistent understandings of going to what we've seen, working with the same forensic tools, working with the known vendors that have established themselves as being great incident response folks, it's all bias in many ways.
[18:01.680 --> 18:14.480]  And I think as a security professional, what I've seen is the more you have your eyes wide open in these situations and ask questions before assuming, you're actually going to get more information right off the bat.
[18:14.480 --> 18:20.040]  You're discovering your containment become quite a bit more effective in many ways.
[18:20.200 --> 18:36.920]  And it's funny with the most recent DOD I guess, snafus, about publishing signal chats about activity and again, not having much more information on that.
[18:36.920 --> 18:40.160]  Who within security hasn't used Signal in many ways?
[18:40.160 --> 18:44.360]  That's our go-to out of bounds sometimes, just for communication.
[18:44.480 --> 18:56.020]  And so it's funny because when looking through containment, when looking through the excitement of forensics, if you go back to a signal chat, you can usually sometimes identify areas that were completely missed.
[18:56.020 --> 18:58.560]  That wouldn't make it into a ticket.
[18:58.640 --> 19:06.160]  Whether it's one of your lead engineers based out of a different country saying, hey, has anyone seen this traffic here?
[19:06.160 --> 19:20.040]  And all of a sudden we're caught pulling on another string and we completely miss what was being said because of the excitement and because we already made the judgment that that information, that little crumb potentially wasn't important.
[19:20.880 --> 19:32.580]  And so it's consistently being a sponge, consistently having your eyes wide open and helping you fight the incident, really, as an incident commander that could help you be a little bit more effective.
[19:32.580 --> 19:37.340]  And so just going back to understanding the role of bias, it's hard.
[19:37.620 --> 19:40.620]  Because innately, as humans, we assume.
[19:40.760 --> 19:42.580]  We understand backgrounds.
[19:42.580 --> 19:44.220]  We understand education.
[19:44.220 --> 20:02.460]  And the hardest part within the security aspect is people immediately judge you for the certifications that we all proudly publish, for how you started with insecurity, if you were a technical individual or a GRC individual, or you just found yourself with insecurity from IT as well.
[20:02.720 --> 20:04.480]  It's all judgment.
[20:04.720 --> 20:10.400]  In many ways, I guess the righteous leader would say, what is your background?
[20:10.400 --> 20:15.660]  How can we use ourselves differently where we cover each other in a more effective way?
[20:15.780 --> 20:27.600]  If we put all of us who are CISSP's or all of us who are GRC folks with a CISA or those elements together, we're all going to come to the same understanding because we have the same training.
[20:27.640 --> 20:32.820]  But when you look at team development, when you look at resource management, you want those experiences.
[20:32.820 --> 20:39.680]  You want people from different backgrounds because that's where you actually have the opportunity to break through bias.
[20:39.680 --> 20:45.700]  You actually have the opportunity to say, hey, I'm looking at the same picture, but you and I are seeing two different things.
[20:45.860 --> 20:49.340]  Judging a rhino from the front, someone would say, oh, they look pokey.
[20:49.380 --> 20:51.660]  Judging from the back, they'd say, that's pretty flat.
[20:52.080 --> 21:09.020]  And so in many ways, one of the areas that I've always tried to tell teams is acknowledge all strings pulled within an incident and make sure before we move to the next stage that we've exhausted those elements, but also collaborate.
[21:09.440 --> 21:18.960]  It's so easy to put your head down and perform a script, your head down and try to pull a log and have it correlate to other elements.
[21:19.120 --> 21:27.000]  But a lot of that can be executed while still talking to your professionals, while still talking to your managers, while still managing your staff as well.
[21:27.000 --> 21:37.080]  And so communication, understanding what it is, that's one of the elements that we've seen a huge amount of success with when we've been fighting some of those most recent aspects.
[21:39.440 --> 21:40.420]  The people element.
[21:40.420 --> 21:46.980]  And I know I've talked about people quite a bit, but the people element in security and the human element is so important.
[21:47.180 --> 21:52.020]  The main reason why is within a lot of security, everyone talks about tools.
[21:52.380 --> 21:55.660]  Everyone talks about, oh, this is the next product.
[21:55.660 --> 21:56.940]  We're going to buy it.
[21:57.240 --> 21:58.280]  We're going to implement it.
[21:58.280 --> 22:02.780]  And it's always a little bit harder because the POCs make things just look so good.
[22:03.160 --> 22:09.560]  And then it goes and sits on a shelf and it's just tech debt at that point.
[22:09.840 --> 22:16.560]  And so in many ways the huge aspect of people is always underscored.
[22:16.560 --> 22:20.580]  It's always how's our process and what's our investment in our tools.
[22:21.060 --> 22:28.400]  Again, going back to the people piece, the fact that everyone is here trying to sharpen that tool a little bit is always important.
[22:28.500 --> 22:35.420]  But it's also that day-to-day business-as-usual training that tends to fall off.
[22:35.420 --> 22:51.940]  It's understanding that when we look at bias, when we look at where our teams are on their own career, there's individuals who either need improvement for skill or technical evaluation, but also that people element as well.
[22:52.360 --> 22:55.600]  There's no really good way to manage.
[22:56.240 --> 23:00.920]  Management as a whole is an absolute construct.
[23:01.080 --> 23:07.320]  Because a lot of professionals as a whole they start by just starting their career as an engineer.
[23:07.320 --> 23:10.720]  And then they got really good at being an engineer, and then they got promoted.
[23:10.720 --> 23:15.360]  And then all of a sudden they have six staff underneath them without the ability to train.
[23:15.360 --> 23:16.360]  Without some of these skills.
[23:16.360 --> 23:17.760]  Without some of these techniques.
[23:18.640 --> 23:27.480]  And so that's where in many ways if you don't have those resources available to you within the company you go back to what worked for you?
[23:28.160 --> 23:33.060]  How would a manager, how would I have liked a manager to approach, handle me?
[23:33.660 --> 23:39.020]  One of the areas that I started with early in my career was trying to mold myself to each boss.
[23:39.360 --> 23:46.120]  If I had a boss who was very binary, yes, no, and worked 14 hour days, I would do the same.
[23:46.120 --> 23:50.680]  Because that's how I knew he worked, and thus I'd probably get a good review.
[23:50.680 --> 23:58.280]  But on the back end, I wasn't really allowing myself to express and understand how I liked to lead.
[23:58.380 --> 24:05.300]  If you're consistently striving to the next manager, you're just going to be a compilation and amalgamation of managers.
[24:05.640 --> 24:13.540]  So that's where I ultimately had an opportunity to kind of understand and reflect about why have I had success?
[24:13.660 --> 24:17.540]  And in many ways I understood my cliche.
[24:17.920 --> 24:19.780]  Do I love the technical side?
[24:19.780 --> 24:24.120]  Do I absolutely love working with security teams and getting teams out of their shell?
[24:24.280 --> 24:24.800]  100%.
[24:24.800 --> 24:29.380]  But I also love explaining technical things in business terms.
[24:29.460 --> 24:43.660]  Being in the boardroom, talking to the CFO and understanding when their eyes are starting to glaze over that maybe I need to pivot and pull back because he's not really worried about patch management and what a CVE or exposure really means.
[24:43.760 --> 24:45.360]  He's looking at dollars.
[24:45.900 --> 24:49.420]  So I kind of came to the understanding of know your cliche.
[24:50.100 --> 25:01.400]  Understanding that if you enjoy the technical side, be in the technical field and understand and look for tools and look for resources that allow you to bridge the gap a little bit.
[25:01.420 --> 25:08.340]  But then on the back end, if you're an individual like me who does also enjoy the business side, be approachable.
[25:08.780 --> 25:17.400]  Be the frat guy 5,000 consideration because that's what is more comfortable and that allows you to get from A to B a little bit faster.
[25:17.500 --> 25:30.220]  And so, big takeaway from the people element is there's no great solution, but understood that it doesn't always require money and it doesn't always require a vendor to help you lift that within your team.
[25:30.420 --> 25:32.760]  It could be a lunch and learn.
[25:32.760 --> 25:34.640]  It could be coffee.
[25:34.760 --> 25:48.300]  I know during COVID everyone tried doing every different way to communicate, but it could just also say, hey, when I was your age, when I was at your part of your career, this is what was important to me.
[25:48.620 --> 25:50.180]  And just communicating that.
[25:52.020 --> 25:56.860]  One of the areas as well I like to talk about with the human element is talking about culture.
[25:57.060 --> 26:01.240]  And not necessarily culture from a geographic side, but culture within teams.
[26:01.540 --> 26:10.920]  Whether you have really strong, inherent type teams on your basis or not, I always like to give this book to my peers, as well as my bosses.
[26:11.680 --> 26:14.300]  It's a book called Legacy and it's about the New Zealand All Blacks.
[26:14.300 --> 26:18.120]  If you don't know them, they're a rugby team out in New Zealand.
[26:18.480 --> 26:21.500]  Part of the Maori tribes there.
[26:21.520 --> 26:32.200]  And the coolest part is if you look at them, since 1903, over 697 different matches, they have an 81% win rate.
[26:33.120 --> 26:36.760]  Over 100 years of playing the same game, they have a win rate.
[26:36.760 --> 26:39.740]  And so you have to think, because people have already studied them.
[26:39.740 --> 26:42.060]  People have thought how can I be the same?
[26:42.180 --> 26:48.300]  Whether it's physical, whether it's playing style, whether it's X, Y, Z.
[26:48.960 --> 26:52.040]  It's not necessarily something that can be attained.
[26:52.040 --> 26:54.900]  It's something that was built over time.
[26:55.300 --> 27:12.740]  And I'll talk about a little bit of the book, but each chapter of the book is an element within the Maori tribe and how they live as a people and how that then translates to rugby as a whole and enables not only their team to succeed, but have pride in what they're doing.
[27:13.220 --> 27:17.600]  And actually what they're about to do in this picture is called the haka.
[27:17.600 --> 27:31.580]  And so if you ever have a chance to watch the Olympics or watch rugby, it's quite cool, quite exciting to see, because whether you are every shade of color under the sun, every type of person, big, small, it's a war dance.
[27:31.580 --> 27:35.880]  It's an emulation and a celebration of what they were built on.
[27:35.880 --> 27:38.700]  And so I definitely recommend going into it.
[27:38.700 --> 27:49.840]  But some of the three aspects that I really tried to take away from the empathy, fear, sympathy, trust aspect is three elements that they really hit hard on.
[27:50.080 --> 27:51.120]  Purpose.
[27:51.260 --> 27:53.540]  The purpose, why you do things.
[27:53.540 --> 28:01.660]  Basically, they've identified that leaders connect personal meaning to a higher purpose, have quite a bit more success in their day-to-day.
[28:02.120 --> 28:06.920]  And so whether that's talking about your pride, whether that's talking about your family, whether it's talking about your culture.
[28:06.940 --> 28:12.280]  When you're a manager and you're looking to build some of that rapport with some of your staff, what is the higher purpose?
[28:12.360 --> 28:13.300]  What is our goal?
[28:13.300 --> 28:18.260]  And again, sometimes it's more of an ideal than it is something that's tangible.
[28:18.600 --> 28:23.760]  But again, looking through incidents, looking through the day-to-day, it can get lost.
[28:23.840 --> 28:31.680]  And so as a manager just kind of, again, talking about when the road map is established at the beginning of the year, where are we trying to get guys?
[28:31.680 --> 28:51.080]  Whether that's us updating or tightening up a vulnerability management policy, really hitting our SLAs hard, or deploying an EDR solution, or just really getting a tighter correlation within our SIEM to some of our logs and being able to make decisions a little bit faster.
[28:51.080 --> 29:01.000]  Those are great milestones to achieve, but then also having the opportunity to look around and say, we did pretty good on that, is a great aspect.
[29:01.360 --> 29:02.200]  Change.
[29:02.200 --> 29:07.660]  The biggest thing as well that they talk about within the book is about adapting to change.
[29:07.760 --> 29:15.540]  And again, this goes back to that bias element that I talked about a little bit earlier, to basically say, how can we do this better?
[29:16.420 --> 29:29.320]  If you're ever watching Simon Sinek and some of his speaking videos, he really talks about why some companies succeed and some companies don't when they're in the same field.
[29:29.480 --> 29:33.460]  And one of the aspects that he talks about is called the golden pyramid.
[29:33.740 --> 29:40.800]  And so, basically in the traditional sense of marketing, people will say, hey, we have a great product.
[29:40.800 --> 29:42.200]  I think you should use it.
[29:42.260 --> 29:43.780]  And that's the baseline element.
[29:43.800 --> 29:47.840]  To the next level, they'll say, it will help you bridge A to B.
[29:47.840 --> 29:49.540]  It will help you get to that next level.
[29:50.080 --> 29:55.600]  And the third element, they will say, you will feel comfort with our product.
[29:56.440 --> 30:00.400]  And what the golden triangle basically does through his explanation is he flips it.
[30:00.580 --> 30:09.100]  Instead of you starting with what and then how and then why, he starts with the why.
[30:09.900 --> 30:12.400]  And this is where he really looks at Apple.
[30:12.460 --> 30:16.620]  Apple across the board says, we make the best products known to man.
[30:16.740 --> 30:19.280]  They're user friendly and they're fast.
[30:19.840 --> 30:21.740]  Okay, I'm interested.
[30:21.980 --> 30:30.060]  While we do it through laptops, our developer library, as well as our ability to have mobile connectivity simplified.
[30:30.060 --> 30:31.720]  Okay, here's our iPhone.
[30:31.720 --> 30:32.660]  Buy it.
[30:32.780 --> 30:38.180]  And what he does with that in the element of the change is they completely flip the script.
[30:38.520 --> 30:54.420]  And so, kind of going back to the Zeeland All Blacks and those considerations, in order to really focus on making a case for the future, you really have to make sure that you have that strong core element of what defines you as a team at the very beginning.
[30:55.360 --> 30:57.440]  Then the culture, the aspect.
[30:57.440 --> 30:59.620]  Again, language is important.
[30:59.620 --> 31:05.120]  And language, and they really talk about vocabulary instead of beliefs that bind groups together.
[31:05.160 --> 31:09.760]  Communication and frequent communication between your teams is always an encouragement.
[31:09.760 --> 31:15.240]  Whether you're a manager, and you're actively seeing your team engage, but also a staff.
[31:15.240 --> 31:27.920]  All of a sudden, if there's an exec or a manager on a Slack, on a Signal Chat, on a Teams, and they're actively always in passive listening mode, it doesn't get that feedback.
[31:28.380 --> 31:34.680]  Effective leadership over language is that call and echo mentality.
[31:35.320 --> 31:38.080]  I acknowledge what you did.
[31:38.080 --> 31:38.900]  Great.
[31:38.900 --> 31:41.420]  Now, how do we think about this in a different way?
[31:41.420 --> 31:42.680]  Great job pulling the log.
[31:42.680 --> 31:45.520]  It looks like we've executed our review of that.
[31:45.520 --> 31:48.280]  We have a strong understanding of what the threat actor did.
[31:48.380 --> 31:49.420]  Now what?
[31:49.420 --> 31:50.740]  Where would they have gone?
[31:50.740 --> 31:56.220]  What it does is it empowers your team to also start to think about the next level.
[31:56.380 --> 32:01.000]  Where, if they said that they completed the log, it's a, yes, no.
[32:01.000 --> 32:02.580]  I've completed my work.
[32:02.600 --> 32:04.340]  Now I'm going to sit here and twiddle my thumbs.
[32:05.100 --> 32:13.260]  One of the areas that they talk about in the book is language is an enabler for you as a manager to really go to that next level and have some of that success.
[32:15.480 --> 32:21.380]  On this part of the presentation, I really start to always talk about again, going back to the staff.
[32:21.720 --> 32:31.340]  When I was early on in EY and KPMG, I remember I had this kid right out of school come up to me and he goes, Alex, I want to consult.
[32:31.540 --> 32:33.140]  I want to be a consultant.
[32:33.140 --> 32:33.960]  I go, great.
[32:33.960 --> 32:34.740]  I mean, we hired you.
[32:34.740 --> 32:35.920]  You're in the role.
[32:36.060 --> 32:40.460]  But he goes, I feel like the work I'm doing right now isn't consulting.
[32:40.480 --> 32:41.600]  It's foundational.
[32:41.760 --> 32:43.380]  I'm reviewing documentation.
[32:43.380 --> 32:45.240]  I'm reviewing meeting minutes.
[32:45.240 --> 32:46.440]  I'm preparing this.
[32:46.560 --> 32:47.700]  He goes, I want to consult.
[32:47.700 --> 32:48.940]  And I go, okay.
[32:49.700 --> 32:50.960]  Consult on what?
[32:51.340 --> 33:01.400]  And it's one of those areas where all of a sudden you have to ultimately put that perspective in their consideration to say I don't know.
[33:01.660 --> 33:04.440]  I mean, maybe I talked about what I learned in school.
[33:04.440 --> 33:07.980]  Maybe I talked about my new certification, how I can apply that.
[33:07.980 --> 33:12.620]  And it's that conversation to basically create organic aspect.
[33:12.620 --> 33:13.920]  Your career is a mountain.
[33:14.160 --> 33:19.300]  And you may hit the top, but also your top could be when you stop working.
[33:19.300 --> 33:21.780]  That doesn't necessarily mean that it was not a climb.
[33:21.780 --> 33:23.960]  It wasn't something that you worked through in those elements.
[33:24.460 --> 33:31.900]  And that same consultant came back to me a few months later and he said, Alex, I feel like I'm just not making an impact.
[33:32.420 --> 33:33.660]  And I remember going to him.
[33:33.660 --> 33:35.560]  I go, you've been here seven months.
[33:35.560 --> 33:38.580]  That doesn't mean that you're not valued.
[33:38.580 --> 33:40.240]  It doesn't mean that you're not important.
[33:40.340 --> 33:47.480]  But that individual in his career and time, he was looking for the immediate satisfaction of I'm putting in my work.
[33:47.480 --> 33:48.820]  I'm getting my time.
[33:48.820 --> 33:51.020]  And it wasn't that organic consideration.
[33:51.020 --> 33:52.400]  He was looking for that feedback.
[33:52.580 --> 33:55.180]  And that's not necessarily a moment for me as a manager.
[33:55.180 --> 33:58.760]  Again, going back to the empathy side to say, it's okay.
[33:58.760 --> 33:59.760]  You'll get there.
[33:59.760 --> 34:03.760]  Or any of those opportunities, you can basically say, I get it.
[34:03.760 --> 34:04.940]  I understand.
[34:05.680 --> 34:13.540]  And then you can talk into the situations about experiences very much being something you collect like merit badges along your way.
[34:14.180 --> 34:16.420]  Because it helps shape you into those areas.
[34:16.420 --> 34:18.180]  It helps provide some of that feedback.
[34:18.180 --> 34:22.380]  And then all of a sudden, you're in a boardroom presenting to an executive team about an incident.
[34:22.380 --> 34:24.180]  And they ask you what went wrong.
[34:24.180 --> 34:25.320]  And you have the confidence.
[34:25.320 --> 34:26.020]  You have the knowledge base.
[34:26.020 --> 34:27.200]  You have everything you can.
[34:27.200 --> 34:30.300]  But that was built time and time again through the climb.
[34:30.640 --> 34:32.940]  Talking about that as a whole, that's hard.
[34:33.940 --> 34:35.900]  And then it goes into team management.
[34:36.220 --> 34:41.820]  Again, I do go back to Simon Sinek because he's done a lot within his career.
[34:41.820 --> 34:47.300]  And one of the areas where I like to talk about is through some of the investigations that he has with different teams.
[34:47.640 --> 34:52.200]  And if you're not aware of that image on the screen, that's the Navy SEALs.
[34:52.340 --> 34:58.940]  And so the Navy SEALs, in theory, are one of the most effective teams by strategy on what they do.
[34:58.940 --> 35:03.580]  Their precision, their ability to work through impossible situations.
[35:03.580 --> 35:07.660]  But the biggest thing that they'll talk about in many ways is trust.
[35:08.840 --> 35:16.900]  When you ask... when Simon Sinek had the opportunity to talk through individuals who had gone through Navy SEAL training, they call it BUDS.
[35:16.900 --> 35:24.340]  And it's either in San Diego or Virgin Beach, but BUDS is really hitting on the element of saying, can you make it?
[35:24.340 --> 35:27.240]  Basic underwater destruction SEALs.
[35:27.460 --> 35:34.780]  And he asked, who is the light candidate, the perfect candidate who's going to make it through BUDS at the end and become a Navy SEAL?
[35:34.780 --> 35:38.700]  And in many ways, people respond, it's not one person.
[35:38.960 --> 35:47.200]  It's not the individual who shows up to training camp with all the muscles and the perfect height and all that.
[35:47.200 --> 35:54.260]  It's not the Division One athlete who comes and just outpaces everyone.
[35:54.300 --> 36:01.180]  It's not even the individual who came from the military background, has the pedigree, has everything memorized to a perfect teeth.
[36:01.800 --> 36:04.080]  It's the person who could...
[36:04.080 --> 36:19.240]  when they're going through the training and when they're in waist-deep water for two days on end, linked arm-in-arm, it's a person who immediately then said, how can I help the person to my left and how can I help the person to my right succeed?
[36:19.260 --> 36:26.640]  Because immediately they removed themselves out of being the victim through going through training and they became an enabler to the resources around them.
[36:27.100 --> 36:38.240]  So going back to the superhero aspect that I talked about, the character, the fantasy character, immediately when I heard that, that's why the Aragorn aspect must have clicked in my mind.
[36:38.240 --> 36:58.440]  Protecting others around you, whether in a professional basis, shielding team members, shielding opportunities for them to completely get blasted by an exec, but also the ability to say, how can we help all of us, and not to talk about boats and Navy SEALs,
[36:58.440 --> 37:01.320]  but high tide raises all ships in this aspect.
[37:01.320 --> 37:02.660]  You succeed, I succeed.
[37:02.660 --> 37:04.180]  I succeed, you succeed.
[37:04.180 --> 37:05.840]  We all eat at the end.
[37:05.840 --> 37:14.040]  It's an interesting thing to talk about because the next element that they really start diving into when you look at trust, trust is not really quantifiable.
[37:14.200 --> 37:22.160]  You have every single KPI within the world to basically say, how are we doing from a performance aspect?
[37:22.160 --> 37:27.560]  But we have zero KPIs to really talk about how we understand trust, how we quantify that.
[37:28.120 --> 37:36.480]  One of the aspects that they did, and he draws this chart, and he basically said high performance, low trust, high performance, high trust.
[37:36.800 --> 37:38.960]  Everyone wants the box in blue.
[37:39.300 --> 37:40.180]  Everyone wants it.
[37:40.180 --> 37:46.660]  There's not an individual who would actively say they don't want a high performer and someone that they could trust day in and day out.
[37:46.660 --> 37:49.600]  Obviously, bottom left, low performance, low trust.
[37:49.600 --> 37:51.260]  They're not doing their job and they're toxic.
[37:51.260 --> 37:52.900]  They're not great to the team.
[37:53.180 --> 38:00.280]  Now, an interesting thing that they said is the area in the top left for high performance, low trust.
[38:01.240 --> 38:04.040]  Everyone knows who that person is on a team.
[38:04.080 --> 38:11.540]  It is the individual who works themselves to the bone, who also doesn't talk or collaborate with other teams.
[38:11.740 --> 38:13.780]  That box is a toxic leader.
[38:14.060 --> 38:15.560]  We've all had them.
[38:15.840 --> 38:17.480]  We've all seen them in teams.
[38:17.480 --> 38:30.520]  And in many ways, the Navy SEALs would say, I would actually take someone who's a medium performer, who I trust, versus having someone who's a high performer and that I don't trust.
[38:30.520 --> 38:33.800]  And again, going back to that element, why would you say that?
[38:33.800 --> 38:37.040]  As a high performing team, wouldn't you want your KPIs met?
[38:37.040 --> 38:39.280]  Wouldn't you want the work done?
[38:39.640 --> 38:42.980]  And it's not what they're saying in that consideration.
[38:42.980 --> 38:47.680]  But what they're saying is, I would trust you with my money.
[38:47.680 --> 38:49.960]  I would trust you with my house.
[38:49.960 --> 39:01.220]  But I wouldn't trust you with weaknesses or opportunities where I'd be putting myself in an emotional state of higher distress.
[39:01.220 --> 39:09.200]  And so, it's just an interesting collaboration because if you think about it, trust drives the team performance and engagement.
[39:09.200 --> 39:10.860]  Trust keeps the team together.
[39:10.860 --> 39:21.760]  Keeping those individuals on your team who are in the green, these are the individuals that keep your team day in and day out functioning.
[39:21.980 --> 39:36.020]  Introducing consistent high performers with that low trust element, that low collaboration element, that's where actually teams start to dissolve in isolation and silos tend to start popping up.
[39:37.180 --> 39:44.660]  The last aspect, kind of talking about some of the next slides, is really trying to avoid the trap of bias.
[39:44.660 --> 39:51.380]  All of us here in the Midwest probably can recognize traffic, especially if you've been trying to get into Chicago at all.
[39:51.380 --> 39:53.240]  They always say there's two seasons.
[39:53.240 --> 39:55.020]  There's winter and construction.
[39:55.020 --> 39:57.740]  It's just always traffic trying to get in.
[39:57.740 --> 40:09.500]  But the biggest thing is, as I dive there, dive into the next slide, is understanding that bias is always going to be something that can also stop you from having growth.
[40:09.500 --> 40:22.320]  Not just being aware of it, but also when it comes to decisions as well as steps that you have to do as a manager, not acknowledging bias can also be an undermining activity.
[40:22.740 --> 40:24.260]  Main reason why?
[40:24.300 --> 40:26.740]  Bias can also lead to decision paralysis.
[40:27.000 --> 40:43.260]  If I've already made a decision, and all of a sudden, or if I've made an assumption, or if I've made an understanding, and I have a decision to be made on the basis of what needs to occur, what needs to be done for the department, what needs to be done for my day-to-day,
[40:43.260 --> 40:47.260]  you can actually start to second-guess yourself in many ways as well.
[40:47.260 --> 40:59.120]  If you're looking at every single detail instead of just the binary yes, no, left, right aspect, it has shown that if you have too many options, you actually fail.
[40:59.440 --> 41:02.980]  It can also create a resistance to change.
[41:02.980 --> 41:18.500]  When you talk about integrations between teams, when you talk about mergers acquisitions, when you talk about hiring individuals as well, and when you bring in a new perspective, that all of a sudden becomes a point of contention, a point of friction within your element.
[41:19.020 --> 41:28.340]  The leaders who really rely on previous successes as a team, that's why I always think it's funny at the end of the year for financial reports, they always ask about security a little bit.
[41:28.400 --> 41:30.160]  It's like, well, that was last year.
[41:30.240 --> 41:32.700]  This report came out three months after into the new year.
[41:32.700 --> 41:33.640]  We already have a new strategy.
[41:33.640 --> 41:35.400]  We're a new team, ultimately.
[41:36.560 --> 41:39.400]  And not understanding that change is inevitable.
[41:39.640 --> 41:40.940]  Resources leave.
[41:41.100 --> 41:41.960]  Tools change.
[41:41.960 --> 41:45.120]  Vendors come and go outside of your ecosystem.
[41:45.120 --> 41:51.520]  It's holding on to those situations where all of a sudden you end up with a solar winds aspect from 2019.
[41:51.620 --> 41:55.960]  Or some of those areas where aging technology gets you in more trouble than not.
[41:56.720 --> 42:00.380]  And then bias can also understand just the trust and morale of the team.
[42:00.480 --> 42:14.260]  If you know, if you have a bunch of individuals who just came back from DEF CON, just came back from RSA, and they're like, hey, there's some really great technology out there, and your strategy and the way that you've protected your defense in depth aspect,
[42:14.260 --> 42:18.080]  your road map, you are trying to operate off that model.
[42:18.260 --> 42:28.980]  It can actually also be, again, an inhibitor to your team because then your staff realizes they can't continue to bring new ideas.
[42:28.980 --> 42:33.860]  They can't continue to meet with vendors to say, what does your product do?
[42:33.860 --> 42:35.280]  Those messages go unanswered.
[42:35.280 --> 42:40.540]  And then also, it doesn't allow your staff the opportunity to grow and proceed a little bit further as well.
[42:43.060 --> 42:49.040]  The last aspect here, again, is we're going to talk about aligning security again with business objectives.
[42:49.040 --> 42:58.300]  I talked about the paradox of being a security professional as a whole where you must protect, you must enable, you must talk through empathy, you must talk through all that.
[42:58.420 --> 43:05.580]  The biggest thing as well is people are going to consistently remind you to say, how does this align with our business objectives?
[43:05.660 --> 43:10.340]  Does your strategy, does your day-to-day, how does it enable us to hit sales?
[43:10.340 --> 43:14.400]  How does it enable us to go to the next layer?
[43:14.700 --> 43:25.120]  And I think as a manager, as a corresponding even resource who's developing, challenging yourself to say, what does this actually mean for the business and what does this do?
[43:25.120 --> 43:32.760]  So for example, when I talked about FIDO2 a little bit earlier, FIDO2 from an authentication piece, oh man, that's great.
[43:32.780 --> 43:36.220]  You allow those man-in-the-middle attacks to really be limited.
[43:36.300 --> 43:38.040]  It is great.
[43:38.480 --> 43:44.360]  But trying to get a YubiKey to a bunch of sales and marketing professionals is an absolute nightmare.
[43:44.480 --> 43:49.460]  And then they're going to lose them because they were out at a conference entertaining and doing what they do.
[43:49.740 --> 44:03.460]  And so in many ways, when we start to think through that strategy, we also have to think about where can we put the guardrails and where can we allow teams who are meant to be cowboys to be cowboys as well?
[44:03.460 --> 44:16.980]  Maybe limit their access throughout the cloud environment a little bit more to more of a read-only or just email and SharePoint versus getting them that critical access to some of those key crown jewels or key systems.
[44:18.180 --> 44:25.880]  And again, I think the biggest aspect is really talking about being organic within decisions.
[44:25.880 --> 44:37.200]  Not saying yes, no as an immediate review, but going to the next level to say okay, okay, how do we work through this?
[44:37.200 --> 44:39.060]  How do we progress?
[44:39.060 --> 44:46.180]  And letting resources either present their idea in full aspect, whether it's other departments, hearing them out.
[44:46.180 --> 44:48.620]  Hearing that a sales team needs this.
[44:48.620 --> 44:53.420]  A finance needs to perform this third-party billing system.
[44:53.420 --> 44:56.120]  Use that as it connects to your network.
[44:56.380 --> 45:01.400]  And then as a security person, we're then to say, okay, how can we protect it a little bit further?
[45:01.480 --> 45:19.820]  So it's hard, but again, it's just one of those areas as a manager, when you're talking to your staff, when you're talking about roles and responsibilities, trying to also give them those skills and those tools to really help them get to that next level in their career.
[45:19.820 --> 45:27.040]  It's not necessarily being so absolute and saying, hey, you have to get to this milestone, or you have to do this.
[45:27.040 --> 45:36.380]  It's trying to create experiences that are organic, where then your staff have the opportunity to create that consistent performance on the back end.
[45:36.780 --> 45:41.640]  So I know that executives always see security as a blocker.
[45:41.640 --> 45:48.640]  I have a joke about CFOs always being CFOs when it comes to budget renewals and those considerations.
[45:49.140 --> 45:57.840]  But again, having the ability to understand where they're coming from, having the ability to interpret that and say, okay, this is our runway.
[45:57.840 --> 45:59.680]  This is what we can get done with our funding.
[45:59.900 --> 46:00.500]  Let's do it.
[46:00.500 --> 46:04.560]  And then creating that transparency with your team is always a big aspect.
[46:06.360 --> 46:08.440]  Last slide, and I swear, I'm almost done, guys.
[46:08.800 --> 46:20.520]  But my call to action for everyone who was able to sit through the entire presentation, and I have to say thank you again, is really understanding and listening.
[46:20.780 --> 46:33.880]  You know, Nelson Mandela always said when he was in jail about listening to others and consistently placing yourself as the last person to talk in a meeting.
[46:33.880 --> 46:47.180]  And it's not because you don't want to say your ideas or your thoughts, but what it does is it allows every single person who joined that meeting in order to contribute, say their opinion, feel valued.
[46:47.240 --> 47:04.400]  But the second side of that coin is to say you've now had the opportunity to interpret, listen to everything, and then whether you can change your opinion or endorse someone else, you actually end up being more supportive than assertive in that measure.
[47:04.920 --> 47:14.460]  And so this aspect of listening first, talking later, is a great support for going back to the New Zealand all-black aspect.
[47:14.800 --> 47:20.340]  One more trait that they said is waka paka.
[47:20.600 --> 47:25.140]  And waka paka is Maori for be a good ancestor.
[47:25.500 --> 47:33.540]  You know, you are going to be someone, you're going to be a boss of someone, you're going to be a co-worker to someone, you're going to be a peer to someone.
[47:33.660 --> 47:36.220]  You are already embedded in their experiences.
[47:36.220 --> 47:51.660]  And the day-to-day decisions, the day-to-day actions of listening, of collaborating, of supporting each other, all of a sudden you're just a layer in their climb and their journey, and you made an impact.
[47:52.060 --> 48:01.560]  And so the last statement will be be a good ancestor, be a good manager, and show empathy along the way, guys.
[48:02.480 --> 48:03.960]  That's actually all I had.
[48:03.960 --> 48:14.960]  So I just want to say thank you to everyone who was able to listen, and happy to also answer questions, but if not, I'll be around for the next couple minutes, just in the corner.
[48:15.320 --> 48:19.280]  Just want to say again, thank you to everyone, and thank you to CypherCon for having me as well.