Tuesday, October 5, 2010

Monthly ITsec Leadership Quotes and Articles: September 2010

Back from vacations in Tunisia ^^
  • "Managers spread powerlessness by limiting information", Rosabeth Moss Kanter in July-August HBR.
  • "The powerless retaliate through subtle sabotage. They slow things down by failing to take action-a form of pocket veto, in which a bill is killed simply because time runs out", Rosabeth Moss Kanter, same source.
  • "Drawing a line between strategy and execution almost guarantees failure", Roger Martin, same source. The whole article is a jewel. A must-read for many managers.
  • "Antagonizing the performance engine [vs the innovation engine] is a really bad idea. The performance engine always wins in an all-out fight. It is, quite simply, bigger and stronger." by Vijay Govindarajan and Chris Trimble, same source. So true about security if you take performance=IT and innovation=ITsec...
  • "I don't see the legal advisor as a fusspot, always waving his law-code book. On the contrary, he/she must escort the company through its development and minesweep the legal area.", Sabine Lochmann, in the French review "Management", issue number 179 (my own translation). I feel exactly the same about the company's security officer.
  • A disturbing disconnect between CSOs and CIOs
  • Put down the pink stickies to improve your career
  • Too Perfect to Be an Effective Security Manager?, follow-up to the previous one.
  • Do All Hospitals need a CISO?
  • Zero Trust Security – The Technical Discussion, good note on the now-obsolete MZ/DMZ model and the fact that silos should never be considered "safe".