26.11.2017 cyber security, information security, privacy, Privacy by Design, security, security threats No Comments

Applying Privacy by Design as a Strategy to Reduce Your Attack Surface

We spend a lot of time and money setting up defenses to prevent cyber threats from breaching our organizational perimeters, but we hardly spend any time on the mess we have inside. Applying Privacy by Design principles to the data and systems within your organizations can make it very much harder for cyber thieves to steal your important information when they do finally breach your networks.

Click on the link below to see the presentation I gave at this year’s Cyber Threat Summit in Dublin, Ireland on October 24, 2017:

20171009 ICTTF 2017 presentation – using PBD to reduce your attack surface v1a (CG)

r/Chuck

30.07.2016 knowledge, knowledge development, knowledge management Comments Off on Achieved Certification as a “Certified Knowledge Manager” (CKM)

Achieved Certification as a “Certified Knowledge Manager” (CKM)

chuck georgo ckmStill on the path of continuous learning, just completed requirements for Certified Knowledge Manager (CKM) via the International Knowledge Management Institute (KM Institute) – thank you Douglas Weidner for a great program!

 

17.04.2016 leadership, management, motivation, Wellness Comments Off on A great article: 5 Surprising Habits of the Most Likable People

A great article: 5 Surprising Habits of the Most Likable People

20160416 likable-peopleHere are excerpts from an article by Inc. magazine’s Peter Economy that I really liked; it’s short, to the point, and is sure to help reduce conflict in your professional lives as well as your personal lives (yes I add commentary on this below).

  • Want to be that person who makes and keeps friends easily? Then make a habit of being really likable.                   
  • Ever wonder what makes some people much more liked than others in social settings?
  • Or why there are certain people who can win over multiple friends without so much as a second thought? 

Turns out, it’s not all natural talent–there are some secrets to the trade as well. Read on for 5 habits of immensely likable people.

  1. They ask questions–and wait to hear the answers.  Think back to the many times someone has asked you how you’re doing without sticking around long enough for you to get out a second word. Nobody likes people who are self-absorbed, especially those who pretend to care. Be a truly good friend–ask questions and stick around to hear the answer–and watch how more people enjoy being with you.
    This is also true for personal relationships – if you ask a question, wait for the answer; don’t try to finish your partner’s sentence – and of course, this works both ways
  2. They do not come to quick conclusions. Nobody should be preliminarily judged based on appearance or a perceived stereotype–especially not without giving others a chance to tell their story. It’s important to remember that we all come from different walks of life and that no one else really knows what another person has been through. You scare people away when you jump to and share your conclusions too quickly–wait before drawing conclusions to make sure your opinion is always a fair one.
    This is actually more true in personal relationships – we all share the fact we have flaws, but we rarely discriminate with family and close friends – why do we do it in the workplace?
  3. They don’t need attention.  One of the greatest downfalls of human nature is that so many of us are hungry for attention. That’s why you’ll often find that if you place the attention on others instead, they’re usually grateful for it and admire you more for it. When we don’t have the need to make ourselves the star of every show, others will be much more likely to want to spend time with us.
    This is a tough one – as humans most of us do need attention, just not the same kind, at the same time, or from the same people – in your personal and professional lives, seek to find connection with others; don’t be exclude
  4. They are reliable.  This habit is really as simple as it seems. Likable people don’t cancel last minute and they don’t show up 30 minutes late. They simply do what they say they are going to do, banning an emergency, of course. Be reliably consistent, and those you interact with will appreciate you more and may very well return the same courtesy to you.
    If you say you will do something by a certain day/time, then commit to it – reliability builds trust, and this certainly is true for personal relationships as well as professional ones
  5. They smile.  People underestimate the positive power of a smile. It is scientifically proved that you are far more attractive and draw the positive attention of others when you smile frequently and genuinely.
    Related to #4, would it really kill you to smile? Everyone has there share of misery in their lives, a smile from you just might make someone’s day

The full article is here –> http://www.inc.com/peter-economy/5-surprising-habits-of-really-likeable-people.html?cid=em01011week15day14a

Enjoy!…r/Chuck

02.10.2015 computer security, cyber crime, cyber security, ICTTF, information security, security, security threats Comments Off on Message to the Board: Stop being an Ostrich when it comes to Cyber Security – Trust, but verify

Message to the Board: Stop being an Ostrich when it comes to Cyber Security – Trust, but verify

I just gave this presentation to nearly 200 attendees of the ICTTF Cyber Threat Summit 2015 in Dublin, Ireland.

For those of you that attended; thank you!

Through this presentation I hope I was able to communicate three points:

  1. How company/agency executives put their agencies at risk by blindly trusting that they are doing all that can be done to secure their networks, applications and data;
  2. That leadership’s approach to motivating employee’s to practice better cyber hygiene needs to mimic principles of behavioral economics theory that advertisers use; and
  3. By changing the way they ask questions to their senior staff (mainly their CIO/CISO), they can a) have better proof that necessary cyber protections are in-place, and b) they will have a better understanding of the unaddressed cyber risk their company/agency faces.

Enjoy…r/Chuck

11.06.2015 SDVOB, veteran Comments Off on NOWHERETOHIDE.ORG is now a verified SDVOB

NOWHERETOHIDE.ORG is now a verified SDVOB

NOWHERETOHIDE.ORG is now a Veterans Administration verified SDVOB!

20150611 NTH Verified SDVOB 1

20150611 NTH Verified SDVOB 2

 

 

16.03.2015 cyber crime, cyber security, employee engagement, insider threat, leadership, management, security threats Comments Off on Seven types of leadership styles that help to develop rogue employees

Seven types of leadership styles that help to develop rogue employees

rogue employees

A short time ago, I authored a post describing how executives are contributing to the development of “rogue” employees; you can read it here:

7 warning signs you’re creating rogue employees.

One reader commented on my post and asked if I would balance the conversation by creating a corollary list that identifies what leaders (and executives) do to create toxic working environments that contribute to the development of rogue employees.

So, I penned the following list of seven caustic categories of leaders that I feel help to create these environments:

  1. The reluctant leader: They really didn’t want to be in-charge of people, through words or behaviors, they give you the feeling that they’d rather be back doing “real-work” than being a leader. They will care very little about training and development, innovation, or accountability, and will shun any activities that will cause them to act as a leader.
    • How this develops rogue behavior: Without leadership support, people will begin to act on their own, circumventing security policy and controls to get the job done. In the absence of real leadership many will take the lead, making decisions that are not necessarily in the best interests of the organization.
  2. The self-centered leader: They are more concerned about their own achievements, and are always worrying about how bad you will make THEM look if you don’t perform well. You’ll hear them talk about the job they want rather than working the one they have. They will have no time for staff that isn’t helping them to look good.
    • How this develops rogue behavior: This demoralizes staff and may lead them to sabotage organizational efforts, especially if senior managers don’t intervene on behalf of the staff. This can result in lost productivity, lost loyalty for the organization, and ultimately loss of good employees.
  3. The gloom and doom leader: They are negative about everything – we don’t have enough money, our company/agency sucks, management is worthless, just be glad you get a paycheck. They are also the ones who poo-poo on any ideas their staff may offer – “don’t rock the boat, we don’t have the time, we already tried that” – rather than being supportive, they do their best maintain the status quo.
    • How this develops rogue behavior: This too demoralizes the staff and may lead them to hurt the organization. Disheartened staff might also seek external interactions and opportunities that could be exploited by others who want to hurt the organization.
  4. The sociopath leader: They are quick to tell you how “lucky” you are to have a job, and how important they are to YOUR success. Rarely will they apologize for being wrong, nor will they be concerned about the consequences of their actions, and they will be also the ones to take personal credit for staff accomplishments. They will also be the ones to force polices and rules on their staff that they won’t apply to themselves.
    • How this develops rogue behavior: People working for this type of leader may take on characteristics of the sociopath. In an effort to “win over” the boss, they will take shortcuts, bend the rules, and abuse or hurt other people in the organization. They too will have little regard for security policies, especially ones that they perceive will prevent them from making the boss happy.
  5. The absent leader: They seem to be busy all the time; with what, no one knows. They are never in their office and never seem to have time for their staff. When they are cornered, they defer you to someone else: “Got a pay problem? Go see HR” or “Looking for advice? Talk to (fill in the blank); just don’t bother me” – no one can nail them down for anything.
    • How this develops rogue behavior: Working under the absent leader is very frustrating, and over time, can lead to people in the organization to simply no longer care. People may try to do their best, but even with best effort, mistakes will be made, and eventually people will get fed up and either leave or take revenge against the leader. Either way, the organization will suffer.
  6. The interfering leader: They are the micromanagers, distrusting of the abilities of their staff. They love to control every aspect of their organization, believing that they their staff cannot perform as well as they do. If they do delegate work, they will in your knickers every day, questioning staff actions and decisions. Rather than developing their staff, they are more likely to move or remove staff that don’t perform up to their standards.
    • How this develops rogue behavior: Opposite of the absent leader, this one just loves being in control. However, the results will be the same. After a while, people will just give-in to the leader, try to effect revenge on his/her actions, or will pack up and leave, possibly taking organizational information with them.
  7. The minimalist leader: They just want to do the “absolute minimum” that needs to be done to “check the boxes.” Most likely they have been there for a long time and are quick to warn you not to stick your neck out as it will get cut-off. They will be the ones to tell you “we’re not responsible for that” or “just go back to your cubicle and do your job.” They stomp on any creative or innovative ideas, and suck the life out of their staff.
    • How this develops rogue behavior: Similar to the absent leader, this one actually prevents people from doing the right thing. Over time, this can lead to the same results as many of the other types of leaders described above.

I honestly don’t think that preventing ‘rogue” employees is rocket-science. If you take the time to be genuinely interested in your people’s lives, give them opportunities to grow and be creative, along with the opportunity to contribute to higher organizational goals, and thank them once in a while, they will be much less likely to want to go “rogue” and hurt you or your organization.

But, do the opposite – treat them like furniture, ignore their needs, stomp on their personal goals for growth and development, and yes, they will be pissed off. And, if you piss them off long enough they will:

  • Leave your organization (with your proprietary/sensitive information); or
  • Do something to sabotage your organization’s success; or even worse
  • They may just stay-on, get promoted, and be there to piss off everyone else you place beneath them.

I hope this is useful…let me know what you think…

Thanks…r/Chuck

01.03.2015 leadership, Strategy Comments Off on Save the Truffula Trees: It’s your only hope.

Save the Truffula Trees: It’s your only hope.

I watched a video a Navy colleague had done some time ago about a unique way he led his command in Pensacola, FL. Now a Navy Captain, Sean Heritage worked to merge two worlds:

  1. The structured, top-down, organized, bureaucratic world that is the U.S. Navy;
  2. With the entrepreneurial, agile, creative, and much messier world of companies like Facebook, Google, Apple.

I invite you to watch his video below:

I was particularly drawn to his comparison of “people” to the “Truffula” trees of the Dr. Seuss book (and movie) The Lorax, and how it resonated with me – why is that organizations SAY that people are their most important asset, but continue to treat them otherwise?

The truth is that in most organizations, they take better care of their furniture than they do their staff.

If instead, they would really invest in their people, with development of good managers, better alignment of staff to work, reduction is stupid or useless rules and processes, better alignment between personal and business goals, increased opportunities for personal growth and development, etc, I think it would solve so many other problems these organizations face today – stagnant productivity, low morale, lack of creativity, high staff turn-over, increased cyber-security risks, and others.

r/Chuck

P.S. If you don’t get the reference to the Truffula Trees, than you probably didn’t watch his video 🙂

02.12.2014 Community engagement, community policing, justice, law enforcement, leadership, public safety, Sir Robert Peel, Uncategorized Comments Off on Police Chief Explodes on Protesters: Pure gut-wrenching emotion ensues

Police Chief Explodes on Protesters: Pure gut-wrenching emotion ensues

Repost from LinkedIn on November 28, 2014.

Wow, if you don’t think that cops really care about their communities, please watch this video – Here’s two different sources:

Unfortunately, what Milwaukee Police Department Chief Flynn said is true (and very sad):

80 percent of my homicide victims every year are African-American. 80 percent of our aggravated assault victims are African-American. 80 percent of our shooting victims who survive their shooting are African-American.

 

Now they know all about the last three people who have been killed by the Milwaukee Police Department over the last several years but not one of them can name the last three homicide victims we have had in this city.

 

The fact is the people out here who have the most to say are absolutely MIA when it comes to the true threats facing this community.

The sentiment Chief Flynn so emotionally communicates in his message is similar with what I have said in other – we need to take better care of each other.

When I was little, I lived in NYC. On the edge of an Italian, Puerto Rican, and Greek community in Queens. Honestly, there was no way I could get away with anything close to what young people are doing today. If I tried to swipe something from the neighborhood candy store, that store owner was on the phone to my parents even before I left the store. On the street, my neighbors, my Aunt down the block, and even the postman was watching me.

I just don’t see evidence that neighborhoods today are like that – what I see are neighborhoods who seem to prefer having police officers to do it all, or worse, they turn a blind eye and hope it doesn’t affect them.

I agree with others in my field who believe that we need those affected communities to step-up and take action. Community leaders (with the support and encouragement of local law enforcement) must take responsibility to address the factors in their communities that lead to crime – violent, or otherwise. After all, if the communities themselves are not engaged, how can we possibly expect the police to be successful trying to turn things around on their own?

And, BTW, this is not anything new. This is really what community policing is supposed to be about – no, it’s NOT about putting little kiosks in 7-Elevens. (IMHO) community policing is all about the COMMUNITY getting involved, with the support of local police – I believe a good part of community policing is about the community policing itself.

This theory actually goes back 185 years, to 1829, when Sir Robert (Bobby) Peel, (considered the father of modern policing) penned nine Principles of Policing instructions that he gave to every new police officer. Specifically principle #3 said:

3. To recognise always that to secure and maintain the respect and approval of the public means also the securing of the willing co-operation of the public in the task of securing observance of laws.

These are VERY powerful words; let me break this down for you:

  • In order for police to maintain respect and approval of the public
  • They must secure the willing cooperation of the public
  • To help to ensure that laws are observed.

So, for police to be respected, they must work to get communities to police themselves – a very profound statement.

Sadly, without a significant change in perspective on BOTH sides, the current situation will continue – police will do their best to fight crime, but they will not be successful (to the extent that Pell’s principle #9 calls out below) until communities step fully in the game and work to take better care of each other.

I leave you with the full list of Peel’s principles (yes, with the British spellings), and although I am not a police officer, if I were, I think I would still consider all nine of these principles still valid today – text in parentheses on a couple of them is my interpretation:

  1. To prevent crime and disorder, as an alternative to their repression by military force and severity of legal punishment. (this is why police forces were formed – interesting that they were formed to PREVENT legal punishment – wow, this could be the subject of another posting)
  2. To recognise always that the power of the police to fulfil their functions and duties is dependent on public approval of their existence, actions and behaviour, and on their ability to secure and maintain public respect. (in today’s always on video world, I would counsel every officer to behave as if there’s a camera on them 24/7)
  3. To recognise always that to secure and maintain the respect and approval of the public means also the securing of the willing co-operation of the public in the task of securing observance of laws.
  4. To recognise always that the extent to which the co-operation of the public can be secured diminishes proportionately the necessity of the use of physical force and compulsion for achieving police objectives.
  5. To seek and preserve public favour, not by pandering to public opinion, but by constantly demonstrating absolutely impartial service to law, in complete independence of policy, and without regard to the justice or injustice of the substance of individual laws, by ready offering of individual service and friendship to all members of the public without regard to their wealth or social standing, by ready exercise of courtesy and friendly good humour, and by ready offering of individual sacrifice in protecting and preserving life.
  6. To use physical force only when the exercise of persuasion, advice and warning is found to be insufficient to obtain public co-operation to an extent necessary to secure observance of law or to restore order, and to use only the minimum degree of physical force which is necessary on any particular occasion for achieving a police objective. (I’m not sure getting an MRAP is inline with this principle)
  7. To maintain at all times a relationship with the public that gives reality to the historic tradition that the police are the public and that the public are the police, the police being only members of the public who are paid to give full-time attention to duties which are incumbent on every citizen in the interests of community welfare and existence. (Very interesting quote – “police are the only ones paid full-time to do what every citizen is responsible for doing..wow)
  8. To recognise always the need for strict adherence to police-executive functions, and to refrain from even seeming to usurp the powers of the judiciary of avenging individuals or the State, and of authoritatively judging guilt and punishing the guilty.
  9. To recognise always that the test of police efficiency is the absence of crime and disorder, and not the visible evidence of police action in dealing with them.
02.12.2014 body camera, body worn video, Technology, video, video surveillance Comments Off on Police Chief: Planning to use body worn video? Here are 39 Questions to answer.

Police Chief: Planning to use body worn video? Here are 39 Questions to answer.

Repost from LinkedIn on November 26, 2014.

Body worn video (BWV) is all the rage with law enforcement. While the jury is still out on its true effectiveness to improve relations between law enforcement and citizens, initial evidence does point to positive results for both its wearer and the public.

Whichever side you’re on with respect to use of BWV, here are 36 questions I’ve compiled that any agency Chief or Sheriff should be able to answer for officers, the mayor/city council, county council, and the citizens they serve.

  1. What kind of body work camera should I use? (Chest/Head)
  2. What resolution quality do I need?
  3. How much do they cost?
  4. How will I pay for them?
  5. Who do I give it to?
  6. Who don’t I give it to?
  7. What training do I have to give to users?
  8. How do I get police union support to use them?
  9. How do I get citizen support to use them?
  10. How do I get political support to use them?
  11. When do I turn it on?
  12. When do I turn it off?
  13. Do Ii have to tell people it’s on (or off)?
  14. How do I handle witnesses who won’t step forward if they know they’re being recorded? (new 12/5 from LEIM)
  15. Will officers be allowed to have casual off-the record conversations? (new 12/5 from LEIM)
  16. Are there times I have to leave it off?
  17. Are there times I have to take it off my body?
  18. Do I have to have it on when I’m not on a call?
  19. How long should I store the video?
  20. Where do I store the video?
  21. Can I store it with a 3rd party provider?
  22. What will it cost me to store the video with a 3rd party provider?
  23. How do I know my video is secure with a 3rd party provider?
  24. What do I do if the 3rd party provider loses my video?
  25. How do I access the stored video?
  26. Who else can look at the video? (Intel)
  27. Who can I share the video with? (LE reasons)?
  28. How do I share the video with other LE?
  29. Do I have to get permission from others in the video to share it?
  30. How do I handle videos of the inside of people’s houses? (Non-criminal)
  31. If the subject asks for a copy, must I give it to them?
  32. Do I have to give it up in a foe request?
  33. Do I charge citizens for copies of the video?
  34. Are the cameras reliable?
  35. What if the camera fails to capture a critical incident? Will others see this as a cover-up? (new 12/5 from LEIM)
  36. Do the batteries last for a whole shift?
  37. How do I recharge the battery?
  38. What if it not operable, should I not take a call?
  39. How do I maintain the cameras?

If I missed any, add them to comments below…

Thanks…r/Chuck

16.11.2014 employee engagement, leadership, management, motivation, Strategy Comments Off on You’re unhappy and unmotivated: You need employee engagement!

You’re unhappy and unmotivated: You need employee engagement!

What a crock of crap…i would argue that these are all symptoms of defeat, caused by continual abuse by managers who treat their furniture better than they treat their people.

I submit that every employee on day 1 looks forward to doing meaningful work, at a good wage, to be trained and provided the tools to perform their job, and to be recognized and rewarded for having done well.

Unfortunately, many organizations treat their staff as “human capital” instead of humans, placing them under untrained managers, who learned management from the last generation of untrained managers. They are also subjected to (frankly) stupid administrative rules that seek goals of efficiency over human engagement.

If you truly believe that people “lack motivation” than you really do not understand what motivation is. It is the product of “understanding the value of what you do” and “having the confidence to be successful” and I submit is the organization’s responsibility to address both areas:

  • Do your staff r-e-a-l-l-y understand the importance of what they do?; and

  • Have you helped them have the confidence to be successful.

It’s important to remember that people (in general) are ALWAYS motivated, they just might not be motivated to do what YOU want them to do. While i agree that selecting the right employees is important, I think it’s what you do with them after you hire them that determines how well they will serve your organization – here are five questions to ask yourself:

  1. Did you follow through with all of the promises made to the person you hired? Or did you put them in a different job than you promised?
  2. Did you provide them with the training and development you promised them? Or did you say you can’t afford for them to take the time off for that?
  3. Did you put them under competent leadership? Or did you stick them under an abusive or untrained manager?
  4. Do you provide them with the tools and materials to do their job effectively? Or do you have mounds of bureaucracy and administrative bean counting they must endure to do their jobs?
  5. Finally, do you have programs in place to reward and incentivize intrinsic motivation, innovation, and self-direction? Or do you just focus on compliance to “that’s the way we do it here” mentality that kills the human spirit.

Employee engagement (IMHO) is really not that hard – start with treating your employees as human beings, treat staff the way you would want to be treated, and for god’s sake – get rid of those managers that you know you should have let go a long time ago. r/Chuck

 


Send us your comments and questions

Map IP Address

website security