How you encourage others to adhere to the security policies

Tip of the day!

When people see you as an example, an inspiring leader who is empathetic and talks their language, you are more likely to drive them towards following cybersecurity rules. You can set the standard and encourage them to support it.

Theme of the day

As professionals, we have high standards regarding business and personal ethics; we adhere to enforced security policies, and obviously, follow applicable procedures and guidelines regarding secure (tele-)working.

Within this context, how can YOU be our inspiring teleworking hero providing discipline or coaching to others?

This blog is about what you, manager or not, should be drawing attention to when other people insufficiently comply with applicable security measures. 

In my opinion, the first thing you have to do is to inspire others by playing a game great business people play. It is the game of ‘How you express positive feelings and affinity toward others and, at the same time, insist on following enforced (security) rules.’

If you play this game according to the rules, then you will have a considerable impact. Others will experience you as inspiring, committed to, and responsible.

The rules are:

• Express positive feelings and affinity towards others;

• Insist upon enforced security rules being followed. Read also my previous blog in which I touch relevance and performance barriers.

Let me summarize it as follows: If you have a strong tendency to enforce necessary rules with full commitment, you rarely behave permissively or harshly. Behavior that makes you from a leadership point of view our HERO in driving others towards living by enforced security policies. Isn’t that nice?

Do you remember our previous case? You need to solve a security breach in a web application. 

AppSec requirements are also good examples of security rules like security policies are. Applying these rules on the software code of our web application will solve, in many cases, the breach. Software developers may pay particular attention to functionality. However, building secure code is not always their cup of tea. It is your responsibility to delegate the job to someone who has the right skills, experience, and who is motivated to work within this AppSec frame-of-mind.

Ask yourself

The following processes and questions will help you to become more self-aware about your tendencies and potential to develop. Playing the game in the correct way results in recognition by others and personal satisfaction. The more aware you are about your tendencies regarding the rules of this game, the better you are in inspiring and driving other people, and the higher your enjoyment.

AWARENESS QUESTIONS

Am I harsh or permissive? Or am I in balance regarding driving others to enforce cybersecurity rules?

• “In general, are you rather ‘harsh’ when you have to motivate other people?” Yes/No

  If you are harsh, then you tend to enforce rules without sufficient emphasis on building rapport or being empathetic.

  Or

• “Are you rather ‘permissive’?” Yes/No

  If you are permissive, then you tend to be warm and empathetic without sufficiently enforcing rules or holding others accountable.

  Or

• “Do you enforce necessary (security) rules with full commitment?” Yes/No

  If this situation applies to you, then you are entirely in balance regarding driving and motivating other people. Isn’t that nice!

TWO PROCESSES that will help you enforce (cybersecurity) rules to others.

Process_1: Reflect on past enforcing experiences

Step1 – “What has been your experience when it comes to others enforcing rules on you?”

Step2 – “What has been your experience when it comes to enforcing rules on others?”

Step3 – “In what ways have you been too permissive when enforcing rules?”

“In what ways have you neglected enforcing rules?”

“In what ways have you been too soft when enforcing the rules?”

“In what ways have you neglected to confront poor performance of colleagues?”

“How has trying to please others or trying to avoid upsetting others affected your rule enforcement?”

“In what ways have you communicated too evasively when enforcing the rules?”

Step4 – “In what ways have you been too aggressive when enforcing rules?”

“In what ways have you been too strict when enforcing the rules?”

“In what situations have you become angry or resentful when enforcing the rules?”

Step5 – “What could you have done to be more effective when enforcing rules?”

“How could you deal more effectively with colleagues who perform poorly?”

“How could you explore any rule breach in a more neutral manner?

“How could you document any rule breach more effectively?”

Process_2: Enforcing a rule in a current circumstance. In our case ‘the security breach in the web application.’

Step1 – “What do you need to enforce in these current circumstances?”

Step2 – “What specifically do you want the person to do?”

Step3 – “What is the purpose of the rule that has to be imposed or what is the necessity of the performance that is required?”

Step4 – “What disciplinary action is required?”

Step5 – “Discuss the breach or poor performance directly with the person.”

My next blog post is about a crucial interpersonal question. “How do you manage directness and tactfulness when communicating with others?”

We make the bridge toward the third step of our simplified project management methodology. And that is Implementation.

Stay tuned!

What about my commitment? And what about the commitment of my colleagues?

Tip of the day!

The question is “As teleworker, can I be at my best?”

Yes, you can! However, you have to know the importance of the work you do, and you have to understand why you must do things in a secure way.

If the importance and the why are unclear, performance obstacles form barriers that are not controlled by employees. Contact your manager. He or she has to inspire by dealing with relevance issues and performance barriers.

Theme of the day

Barriers have a direct impact on our commitment, and they hinder us from being at our best. 

Relevance issues and performance barriers have a multitude of causes. I think of, among other things: inadequate resources to do our jobs correctly, security procedures that are vague and inhibit excellent performance, IT and security problems, COVID-19, underperforming colleagues, etc.

To clarify, I will discuss the following three situations:

1.    Employees don’t know why they must do things securely.

Not all companies, even not anno 2020, have adequate corporate security policies, procedures and guidelines. And if they do exist, I notice that they are insufficiently understood or incorporated in the corporate culture.

Another reason is that managers answer the question “Why do I have to …” as follows: “Because you have to apply our security policies!”, “I don’t know” or “It is what it is!”

Without the underlying reasoning and understanding, employee effort, enthusiasm, motivation and commitment suffer. 

2.    Employees don’t know the importance of doing work securely.

Lack of meaning and importance hinder employees to see the connection between their work, duties and responsibilities and the contribution it brings to the success of their organization. It is important to talk about the reasons why they have to do things securely, and this in a language everyone understands.

3.    I fulfil work expectations, and I contribute to the success of my organization. My colleagues don't!

If my colleagues lack the commitment to doing quality work and respecting imposed security rules, then the danger exists that my commitment will suffer.

Ask yourself

We know that relevance issues and performance barriers exist, but there are plenty of things individual teleworkers can do to create meaning and help mitigate obstacles. Start by asking yourself the following questions. Discuss the outcome with your best friend at work or with your manager.

• “As a teleworker, do I follow our applicable security policies?”

• “Are they relevant enough for myself, my colleagues and everyone involved?”

• “Is the way how I behave as teleworker, from a security point of view, relevant to our customers?”

• “How do I contribute to the vision of my company regarding cybersecurity, ecology, social responsibility, health, etc.?”

• “How do I help my organization to stay secured against cyber threats?”

• “How do I help colleagues who are underperforming?”; “Do I inspire them?”; “Do they see myself as someone committed, responsible, and as an inspiring teleworker?”

• “Do I see and understand the connections between my performance and the overall objectives of my company?”

• “Do I see and understand the connections between my behavior as a secure teleworker and our corporate attitudes and culture?”

• “Regarding security awareness, what is the single most important thing I have to do in the coming months, and what does that mean for me, for you, for us?”

• “Could I make a difference by changing my behavior regarding how I apply our security policies?”

• Etc.

My next blog is about how you drive others to adhere to enforced security rules.

Stay tuned!

How you deal with self-motivation and stress

Tip of the day!

IWhen stress has caught you, and you can no longer concentrate on doing anything useful at work, then try to do something else. Go for a ride, go out for a short walk, go fishing (my preferred one), or have a chat with a friend at work about how you experience stress and how you deal with it.

Increasing your physical exercise reduces stress. Even though you might feel tired, it will boost your energy. 

Theme of the day

The central theme in this blog is how we manage stress and how our ability to manage stress supports and enforces our level of self-motivation.

As cybersecurity professionals, many of us have a strong drive to achieve. However, being relaxed and, at the same time, managing stress is not always easy. If your motivation to achieve is much higher than your ability to manage stress, you may have a high risk of chronic stress.

But what is stress? The word stress is only a term that we can apply to the amount of mental, physical, and emotional pressures that we can take. In the late 1900s, the word stress was used by engineers in the field of bridge-building. They used it to refer to the amount of pressure and strain on a bridge from the forces of weight, use, gravity, winds, earth shifting, or whatever. Did you know that already?

Psychologists apply the term stress to the amount of mental and emotional pressures that we can take. Interesting, isn’t it?

Stress refers to the amount of perceived pressure that we experience in various situations, challenges, and tasks. The level of stress depends on the amount of perceived resourcefulness that we bring to each situation. The lower our sense of perceived efficacy and empowerment, the more stress we feel. The higher our sense of personal confidence, the lower the stress. An interesting definition of stress management is ‘our tendency to be relaxed while at the same time managing stress well when it occurs.’

Stress does not exist ‘out there’; you can’t take it in your hands. Stress is always a personal ‘inside’ experience.

We want to continue to build on the following situation, challenge and tasks we’ve explored already in our previous blogs. In particular, let us take the next conversation you had with your manager into consideration (read blog #3 and #4). “You are one of the cybersecurity teleworking heroes of the company! And, you have to focus more on delegation instead of doing all the work yourself. And I have an urgent request. You have to solve a security vulnerability in a newly developed web application. Etc.”Go go go go!”

Two weeks ago, I had an exciting Teams meeting with a group of cybersecurity specialists. The subject was “How to deal with the new challenges we face as cybersecurity teleworkers in times of crisis?”

Their general feedback was, “We are all cybersecurity professionals, and we are accountable and responsible for the work we do. We fulfill the expectations of our management and our clients. We need challenging projects. And we have to be able to take initiatives. Being accountable and responsible, being able to fulfill mutual goals, accomplishing challenging projects that encourage us to improve, taking initiatives, etc. are all criteria that have a direct and positive impact on our engagement. However, working from nine to five, we need a break from time to time to recharge our batteries. You know, taking some fresh air, doing something else so that we stay relaxed and able to manage stress when it occurs. We are not talking about the good stress we need to be productive and meaningful. We mean that kind of destructive stress that makes us scared. Sometimes we feel guilty, and we don’t know why!”

My observations are:

• This team of professionals has a strong drive to achieve, including taking the initiative, wanting a challenge, and being enthusiastic about shared goals.

• Their tendency to be relaxed while at the same time managing stress well when it occurs is rather low. However, the good thing is that they brought this issue ‘destructive stress’ to the surface by opening that discussion.

Especially the words ‘scared’ and ‘guilty’ caught my attention.

Ask yourself

As already said, as cybersecurity experts, we tend to be self-motivated combined with a lower level of stress management. This indicates that although we may make significant accomplishments, we probably experience a great deal of stress. Our desire to achieve is much higher than our ability to manage stress, and thus we will possibly develop a (strong) underlying desire to have a respite from our hard work.

The following questions can help you in managing destructive stress. Discuss your answers with a friend you have at work.

• “How do you know you are stressed?”

• “What situations, especially now in times of teleworking, do you find stressful?”

• “What do you find most stressful about each of those situations?”

• “What behavior or attitude do you have that causes or increases stress?”

• “How could you have managed those situations better?”

• “How could you benefit by learning to manage stress better in times of teleworking?”

• “What barriers stop you from managing stress better?”

• “Remember or imagine a time when you were stressed, but you managed to overcome that stress. Tell your friend at work about that satisfying experience.”

• “What specific plan are you willing to commit to doing in the next 30 days to manage stress better?”

Answer the following questions after 30 days:

• “How well were you able to follow through on your stress reduction plan?”

• “In what ways have you improved your ability to manage the stressful situations listed in the first question?”

My next blog post is about your commitment and that of your colleagues.

Stay tuned!

Do you feel confident enough? An employee and manager perspective

Tip of the day!

If you feel insecure about your performance, or if you are uncertain or afraid about taking personal initiative, then all you need is encouragement. Ask your manager to be available for dialogue and discussion!

Theme of the day

During and beyond the Covid-19 crisis, enforced teleworking policies trigger progress towards new and secure business interactions between a multitude of stakeholders. Advancement is one of the opportunities a crisis offers us. Isn’t that ‘nice’?

But what if employees feel insecure about the new way of working? What if they are apprehensive about taking personal initiative? After all, don’t forget that as cybersecurity teleworkers, we all have to respect new guidelines and applicable cybersecurity policies. At the same time, we have to be flexible enough to face challenges and demands with a compelling character which can result in a lack of reliability and security over a more extended period. If you feel insecure, ask your manager to be available for dialogue and discussion.

This blog is not about acceptable performance standards. In this blog, I hand over some questions to you and some easy tips to your manager to encourage you in cases where you feel insecure or apprehensive. Even in times of crisis, managers are responsible for encouraging their teams and individuals to achieve mutually defined objectives and expectations and to respect applicable security policies. I am not telling you anything new, am I?

Ask yourself

• “As a teleworker, do I feel insecure about my abilities to respect the cybersecurity policies of my company?”

  If so, ask your manager to be available for dialogue and discussion 

  Manager actions:

  • Provide feedback about their performance showing how well their performance meets the norm;

  • Let them know that you are pleased with their daily contribution to the results of the company and the new way of working.

• “Am I apprehensive or uncertain about taking the initiative and responsibility?”

  If so, ask your manager to be available for dialogue and discussion.

  Manager actions:

  • Provide feedback on your belief that they can handle the situation;

  • Recognize any successful efforts regarding taking initiatives;

  • Dialogue about their uncertainties.

• “Am I overly concerned about doing something incorrectly?”

  If so, ask your manager to be available for conversation and discussion.

  Manager actions:

  • Strengthen their abilities and past achievements;

  • Examine the issue and work together on a problem-solving approach and agree on remedial actions.

• “Do I lack self-confidence in my ideas or suggestions?”

  If so, ask your manager to be available for dialogue and discussion.

  Manager actions:

  • Listen, acknowledge, and encourage his/her opinions;

  • Strengthen good ideas;

  • Encourage them to make suggestions.

In my next blog, we will dive deeper into how we deal with self-motivation and stress.

Stay tuned!

How you manage self-esteem and self-improvement

Tip of the day!

Take some time every day for self-inquiry; self-inquiry ultimately leads to discovering the full impact of your weaknesses, as well as the revelation of your strengths and grandeur!

Theme of the day

As human beings, we are interested in what we call progress – progress in technology, in sciences, in economics, in medicine, in electronic communications, in secure teleworking, etc.

But what about your progress. Your progress as a teleworking cybersecurity professional?

Do you lead your life characterized by a tendency to attempt to develop or improve yourself? And, what about your tendency to like yourself the way you are? I mean, “Are you okay with who you are?”

In this blog, I offer you a model for self-inquiry; It is a game for self-inquiry that leads to healthy self-esteem. Great business people play this Game of how you manage self-esteem and self-improvement; It makes them great.

In previous research I conducted in the context of the war for IT and cybersecurity talent, one of the conclusions was that:

• A majority of IT and cybersecurity professionals have a strong tendency to improve themselves as content matter experts; 

• And, that same majority of professionals tend to be lacking in self-acceptance. They recognize that self-improvement is the most important goal because it is the means for achieving all other personal outcomes. Their strong interest in self-improvement combined with very low self-acceptance indicates that they may tend to be self-critical. As a conclusion, I can say that they make things difficult by being unnecessarily hard for themselves; they are self-critical. Under stress, for example, working as teleworker in times of COVID-19 with unclear expectations and perspectives, their behavior may flip. They can become defensive for fear of being alerted to their shortcomings. Becoming defensive can result in painful and even broken communication with yourself, your colleagues and our clients. 

Especially in times of COVID-19, it is no cause of wonder that a strong intention to improve yourself combined with a reasonable level of self-accepting should lead to more healthy self-esteem.

As already stated in one of my previous blogs, management interaction with remote workers determine employee engagement. And engagement has a direct impact on employee performance. In our cybersecurity world, managers are from an economic point of view driven by the fulfillment of business expectations. Most of them are in the first place, content-matter-experts and not psychologists. We cannot expect them to act as psychologists. However, we can encourage them to be a listening ear and to sustain themselves and their colleagues to do some self-inquiry on a daily basis.

Let us all play the Game of how you manage self-esteem and self-improvement. It will make us great (again)!

Ask yourself

• “What negative thoughts do I have about myself?”

  Suggestion: Reflect on and make a list of the negative thoughts you have about yourself. Write down the specific thoughts. Make a special note of the ones that occur frequently and the ones that have the most significant impact on you as a cybersecurity teleworker.

• “What positive thoughts do I have about myself?”

  Suggestion: Reflect on and make a list of positive things about yourself. Write down the specific things that are good about you. These could be personality traits or even positive things that you have done. Share this list with a colleague, a friend, your manager, etc.

• “What could I do to feel better about myself?”

  Suggestion: Reflect on and list anything that you could do that might make you feel better about yourself. For example, you might start an exercise program, ask for support or take a certification course.

• “What could I stop doing that would make me feel better about myself?”

  Suggestion: In some cases, you may need to stop doing something to overcome self-criticism. You may be doing something that you don’t feel good about. However, if that is the case, replace it with a positive activity. Discuss this with someone you trust.

  For example, instead of just trying to criticize your manager, replace the criticism with positive reinforcement of something you like about him/her.

• “What is the main negative thought I have about myself?”

  Suggestion: Reflect on and select the most frequent negative thought or the negative thought with the most significant impact.

• “What are the possible positive thoughts that could replace my negative thoughts?”

  Suggestion: Concerning the main negative thoughts, write down a list of possible counter-balancing thoughts. 

  For example, if the main negative thought is ‘I’m not smart enough as cybersecurity worker, the counter–balancing thought could be ‘I am frank and empathic, which is more important than cleverness’. Take the essential positive statements and post them where you will see them.

  Notice each time you have the main negative thought. Then think one of the counterbalancing thoughts.

• “To what action plan am I willing to commit to improve my self-acceptance and become a healthy self-esteemer?”

  Suggestion: Reflect on and write down a series of steps to be implemented over the next 30 to 90 days that might help you to feel better about yourself. Put these in your calendar.

The theme of my next blog is, “Do you as a teleworking cybersecurity specialist feel confident enough to do your work as expected?”

You are okay the way you are!

Stay tuned!

Are you able to do your work? To perform?

Tip of the day!

If you need as a teleworker specific instructions, guidance, feedback, recognition, additional information, tools, etc. to be able to do your work meaningful and secure, contact your manager or colleagues and ASK FOR IT!.

Theme of the day

This blog is about your ability to do your work secure and meaningful from home.

Because of Corona-19 measures, employees are already working remotely. Many of them can do their jobs anywhere. Managers need to focus on what their teleworking colleagues need to unlock their performance potential every day.

Managers are responsible for leading their teams and individuals to achieve mutually defined objectives and expectations. Manager’s interactions with remote workers determine employee engagement. And engagement has a direct impact on employee performance. Managers have to understand how to build individualized and trusted relationships with their remote employees.

To be able to do so, MANAGERS have to:

• Clarify mutual expectations

  It’s about the right work to do, the appropriate amount of work to do and about performance expectations.

  See also blog#2: ‘Do you know what is expected of you at work? It’s all about clarity.’

• Provide employees with information, tools, feedback, recognition, etc.

  Isn’t it frustrating, because of inadequate resources, to be stopped from performing?

• Focus on employees’ talents

  Managers that demonstrate that they know the talents of their people create trust. Trust creates mutual engagement, and this again has a positive influence on employee performance.

What YOU have to do is:

• Ask your manager to support you;

• Ask for the tools, equipment, information, etc. you need to do your work right;

• Be passioned about your talents!

Ask yourself

• “Do I have the information, tools, instructions, clarifications, knowledge, etc. that I need to do my work right?”

  If not, or if in any doubt, contact your manager.

• “Am I self-motivated and assertive enough to contact my boss if I have any doubt about my abilities to do my work secure and meaningful?”

 In the next blogs, we will dive deeper into a.o.

• Your drive to achieve including taking initiative, wanting challenges, and being enthusiastic about your own goals and expectations;

• Your tendency to put forward personal wants and needs.

The next blog is about how you manage self-esteem and self-improvement in teleworking-times.

Stay tuned!

How you strategically manage risk

Tip of the day!

Have the courage to pursue success, but understand and manage your risks. 

Theme of the day

If we consider a simplified four-step project management methodology, we can summarize that blogs People #3, #4 and #5 highlight the first step, that of initiating a new project or a primary task. The remaining three project management steps emphasize motivating ourselves and others, the implementation of the project, and maintaining the project artefacts. We discuss each of these project phases from three different perspectives: interpersonal/intrapersonal, achievement, and leadership. 

In blog People #3, we provided a more in-depth insight into one specific aspect of interpersonal communication, namely how you explore truth by forming and holding opinions, and how you reflect on many different viewpoints. 

Blog People #4 provides you with information on how you make a decision. 

This blog, People #5, unravels the secrets behind managing security risks. Isn’t that exciting! It is about achieving a balance between feeling comfortable with security risks that involve uncertainty, and, on the other hand, scrutinize potential difficulties related to a plan or strategy. 

Let us continue with the case from our previous blog: solving a security breach in a newly developed web application. Before you can delegate the job to someone capable, you need to build a plan and feel comfortable enough. After all, there may be pitfalls and uncertainty. Do you agree? To have an impact on everyone involved, you need to outline your plan strategically. 

We can clarify this through a game great business people and teleworkers play. It is the Game of how you strategically manage security risks. 

Once again, if you also play this game according to the rules, then you have an impact. 

The rules are: 

• Have the courage to pursue an impactful approach to the stated problem; 

• But also understand and manage the entailed risks and pitfalls of your plan or strategy. 

In short:

If you have a strong need to take business risks combined with a tendency to analyze potential problems (probably), it enables you to formulate strategies and plans that have a high potential payoff. This behaviour makes you, from a strategic point of view, our hero in managing security risks.

Ask yourself

The following questions can help you to gain insights into how you deal with strategically managing security risks. 

Imagine you need to solve a security breach in a web application. Before you can delegate the job to someone capable, you need to build a plan and feel comfortable enough to manage risks strategically. 

• “In general, are you rather cautious when you have to manage risks?” If you are cautious, then you tend to focus on the potential pitfalls of a plan without sufficiently taking risks. 

If so, “Do you admit that when under a great deal of stress to make a decision, you tend to react a (little) impulsively by placing too much hope in a particular solution?” 

Or 

• “Is it your tendency to take risks without sufficient analysis of the potential pitfalls and difficulties of the plan?” 

If so, “Your need for risk may be compensation for fear. Can you identify this?” 

Or 

• “Do you analyze the potential pitfalls of your plan or strategy while at the same time being willing to take risks?” 

If this situation applies to you, then you are entirely in balance regarding strategically managing risks. 

My next blog post is about a crucial management question. “Are you able to do your work as expected?” We make the bridge toward the second step of our simplified project management methodology. And that is Motivation. 

Stay tuned!

Take care of yourself! Take care of each other!

How you use logic and intuition when making decisions

Tip of the day!

Use your logical mind to work out your day to day issues, but use your inner vision to guide your direction.

Theme of the day

We want to continue to build on what we’ve explored in our previous blog, and in particular, we would like to start with one of the questions that came up:

“Am I well prepared to perform my tasks in a meaningful and secure way today?” 

I assume that you, as a cybersecurity specialist, have taken the time to answer this particular question already.

You had a chat with your superior to understand what he expects from you as a cybersecurity specialist. Your manager expressed appreciation for the work you do. Receiving recognition and appreciation is something you consider important.

Bingo! Your manager confirmed that you always act according to the imposed security and privacy policies of your company. You are one of the cybersecurity teleworking heroes of the company! But, there is also something else. You received feedback about the fact that you have to focus more on delegation instead of doing all the work yourself. Yes, you know, but one of the big missing things in your company is there is not always time for reflection.

Always “go, go, go, go! Do, do, do, do!”

This morning, your manager contacted you about an incident. He expects that you make the right decisions ASAP to solve a security breach in a newly developed web application.

After analyzing the problem, you were able to detect a critical issue by running a vulnerability scan, and by investigating the problem. You know what the problem is. Isn’t that wonderful? It is part of your nature to tend to examine facts and situations logically. You are an analytical guy/girl!

It is your normal tendency to logically examine the situation instead of using hunches to help make decisions. But today, and in the future, you have to delegate more frequently instead of doing the work yourself. You have to transfer the job to someone else. But to whom? You have to decide.

However, this blog isn’t about whom of your colleagues is best suited to adjust the correction in the software. This blog is about how people make decisions.

Let us now play a second game great business people and teleworkers play. It is the Game of how you use logic and intuition when making decisions.

Playing this game is also quite easy as long as you follow the next underlying rule:

• Use analysis combined with intuition to solve problems, e.g., finding the cause of the security breach in the application and appointing someone to resolve the issue.

In a nutshell, people that tend to use both analysis and intuition are probably good at problem-solving. Their tendency to use both left and right brain functions enables them to sense the essential factors while at the same time, arrive at logical conclusions. This frequently gives them greater insight into situations and problems.

Ask yourself

As cybersecurity experts, we tend to be more analytical than intuitive in decision making. You may usually prefer not to use intuition to help make decisions, probably only occasionally. The following questions can help you to boost your intuition:

• “What decision do I need to make?” 

• “What goals am I trying to achieve related to that decision?”

• “What are the possible ways I could proceed to achieve those goals?”

• Reflect on each possible direction. “What does it feel like?”

• “What information do I need to make a better decision?”

• “How could I gather the information I need?”

• Research and analyze the information required. “What is my new conclusion about this decision?”

• After reviewing all hunches and analyzing additional information, make a final decision.

• “Did my intuition help me to make my decision?” “If so, how did it help?”

My next blogposts unravel the secrets behind Managing Security Risks. Stay tuned! 

Take care of yourself! Take care of each other!

How to form and hold opinions, and how to deal with ambiguity 

Tip of the day!

To obtain knowledge, allow what you already know to sit in the background of your mind while relentlessly pursuing new ways of seeing the issue. 

Recognize that your previous ideas, knowledge, and beliefs are not always contextually correct..

Theme of the day

Do you remember the theme and the accompanying questions of our previous blog? In any case, I invite you to play a game great business people play. It is the  Game of Forming and Holding Opinions and Dealing with Ambiguity. 

To be able to play this game correctly, such as great business people do, you have to understand the underlying rules to become a Truth Explorer. A teleworking class of Truth Explorers. Isn’t that nice? 

Playing the Game of Forming and Holding Opinions and Dealing with Ambiguity  is quite easy to play as long as you follow the two underlying rules of the game. 

Rule #1 

• Be open and reflective for the opinions of others, e.g. your boss, manager, superior, colleagues, etc. 

• The first rule is about your tendency to reflect on many different viewpoints. 

Rule #2 

• Be prepared and precise about your ideas and opinions; 

• The second rule is about your tendency to feel confident about your own opinions. 

A Truth Explorer is someone who understands the rules of the game and plays the game as you have to play it by applying both rules. Such a gamer is: 

• Open and reflective for the opinions of someone else; 

• Prepared and certain about his opinions. 

In a nutshell, Truth Explorers question everything and are steadfast in finding and following true principles. 

By applying Boolean algebra on our ruleset, three other combinations are possible: 

• If you are much more open and reflective than certain, then you become inconclusive; Under stress, you may at times react dogmatically to protect yourself from people who have strong opinions. 

• If your tendency to be certain of your opinions is greater than your tendency to be open to different ideas and thus, you may often behave dogmatically. You may look for certainty or come to conclusions prematurely as a means of coping with confusion and uncertainty. In those circumstances, you may present greater certainty than you have about a subject. This behavior reflects your underlying confusion. 

• If you are neither open and reflective or certain, then others will experience you as an uncertain disinterested person. 

All three lead straight to game-over.

Ask yourself

• “Do you remember what you have agreed upon regarding mutual expectations?”  

• “Am I focused enough on what my manager and company expect from me today?” 

• “Am I well prepared to perform my tasks in a meaningful and secure way today?” 

• “What do I have to do to adjust myself to the ideas and opinions of others?” 

• “How can I express myself if I have to explain my ideas to someone else?” 

• “If someone else would listen carefully to my opinions, what does this person want to hear? And what else?” 

 My next two blogposts unravel the secrets behind Making Decisions and Managing Security Risks. Stay tuned! 

Take care of yourself! Take care of each other!

Artikel op 23 april 2020 verschenen op computable.be

Do you know what is expected of you at work? It's all about clarity!

Tip of the day!

Ask your superior or manager what he or she expects from you at work.

Theme of the day

Since the COVID-19 pandemic, more people than ever before are working from home. We are using a variety of technologies to interact with each other and to do our work in the best way we can. This homeworking protects us from traffic jams, and irritation caused by other drivers, and it already has an effect on the quality of the air we breathe. Isn’t that nice? 

As we are a teleworking class of people now, the following questions arise: 

• “Are we teleworkers productive, efficient, and effective?”

• “Are we doing what the company expects us to do?”

Well, I don’t think so… 

Many teleworkers are now isolated from other people. Call them lonely teleworkers, trapped in the bubble of their solitude. Others have their kids around. And children also need some structure to get through their day in a meaningful way, don’t you agree? This must surely have an effect on the efficiency of teleworkers. 

And a second that pops up is: “Do you know what your manager expects from you at work?"

I'm not sure either…

Even if you think that working expectations are clear to all involved, ask for clarification. Please keep in mind, especially since the COVID-19 outbreak, that working circumstances changed drastically. And that's probably also the fact for working expectations. We are not always aware of changed expectations. Clarification and adjustments to mutual working expectations are necessary. Both you and your manager are responsible for this.

To express expectations in a good way, you can ask yourself the questions below. 

• “How do you form and hold opinions?”

• “How do you deal with ambiguity in times of teleworking?”

I will give you answers to these questions in my next blogpost! Stay tuned!

Ask yourself

• “Do I know what my manager expects from me at work?”

• “Do I know what others expect from me at work?”

• “Do my colleagues know what I expect from them?”

• “How exactly do I contribute to the mission of my company?”

• “Today, am I motivated to respond to other’s (customers, colleagues, my boss) needs and assist or support others to achieve their goals?” And at the same time, “Do I put forward my personal goals and needs?”

Take care of yourself! Take care of each other!

Keys to happy and productive employees

Culture, ethics, and behaviour relate to individuals and their organizations. People working in cybersecurity are expected to complete their daily activities, make correct decisions, and carry out corrective actions. People skills and behaviour are intangible success factors and are often underestimated in cybersecurity. Together with the right technology and processes, they form the foundation of good cybersecurity. 

Within the context of COVID-19, we all face enormous challenges. In addition to organizational measures, mental pressure is increasing considerably. Working from home requires each individual to make the right adjustments in terms of flexibility, power, and choices.

This is one of the main reasons why we are motivated to present you with a series of blogs about human behaviour and tendencies that hopefully lead to secure and healthy teleworking. In this series of blogs, we put people, their skills, and employee engagement central. 

We have to understand the importance of bringing structure in what we do; especially now that we are obliged to work from home. A daily schedule can help us to keep a clear overview of our tasks, the way we meaningfully carry them out, and interact with others, and last but not least, how we will be able to set the right tone.  

The blogs we will share throughout April will have the following structure: 

Prepare: Tip of the day

Delivers an insight to help you be more productive, effective, and efficient. 

Execute: Theme of the day

We will focus on different themes related to the following topics: 

• Work tendencies and how these tendencies strengthen or derail telework;

• Employee engagement and leadership actions in times of COVID-19;

• ‘Teleworking as the New Normal.’ 

Evaluate: Ask yourself

Questions that lead to personal reflection, insights, and consciousness.

Take care of each other! 

Het valt mij zo vaak op als mensen binnen een zakelijk context over ‘communicatie’ spreken, van de foute veronderstelling uitgaan dat zij het over hetzelfde hebben. Maar is dat ook zo? Neen, helemaal niet!

Het werkwoord ‘communiceren’ zetten wij in ons taalgebruik om in het zelfstandig naamwoord ‘communicatie’ waardoor de handeling of het proces verdwijnt. Door dit te doen gaat er heel wat betekenis, informatie en kracht verloren. Is dat niet dramatisch?

Voor ons is communicatie geen losstaand woord of begrip, het is een ‘actief proces’ dat van alle betrokkenen ‘respect’ vraagt, zowel vanuit zichzelf als vanuit het perspectief van alle andere betrokkenen.

Effectief en kwalitatief communiceren heeft betrekking op een systematisch en continu proces waarin ‘op elkaar afstemmen’, ‘vertellen’, ‘luisteren, ‘feedback geven’, ‘openstaan voor feedback’ en ‘zoeken naar en komen tot een wederzijds begrip/betekenis’ de juiste basisingrediënten zijn.

Met elkaar communiceren gaat over het verkennen van elkaars meningen, over ons zelfbeeld, over hoe openhartig en tactvol wij zijn, en over onze neiging om onze eigen behoeftes naar voren te brengen en tegemoet te komen aan deze van anderen zodat ook zij hun doelen succesvol kunnen realiseren.

De positieve gevolgen van op deze manier communiceren zijn: het verkennen van waarheid, handelen vanuit een gezond zelfrespect, openhartige diplomatie en het realiseren van wederzijdse hulp.

Uit onderzoek van Harrison Talent Solutions blijkt dat werknemers die voor minstens 75% of meer voldoening hebben aan hun job, drie keer meer kans tot slagen hebben dan andere werknemers.

Deze studie gaat uit van factoren die Harrison Talent Solutions meet en effectief ook in kaart brengt. Deze zijn direct gerelateerd aan ‘voldoening hebben op het werk’ en maken het mogelijk om succes op het werk te voorspellen en top-talent effectief te benoemen, te motiveren en te behouden.

Het is schrijnend voor mij om te zien hoe mensen massaal afhaken, of het nu mentaal, fysiek, of een combinatie van beide is.

Eén van de oorzaken die ik hieraan toeschrijf is het feit dat mensen onvoldoende inzicht hebben over hun eigen gedrag en denken. Hoog tijd dat wij die aspecten van onszelf leren te ontdekken waarvan wij ons mogelijk slechts gedeeltelijk bewust zijn. Als mens hebben wij een leidraad en houvast nodig om onszelf terug in evenwicht te brengen en te ontwikkelen.

Als u mij toelaat om u even mee te nemen naar een werksituatie waarin het uitsluitend bereiken van een kwantitatief doel het allerbelangrijkste is. Twee voorbeelden: ‘het realiseren van 20% meer omzet t.o.v. vorig jaar’ en ‘het bezoeken van een welbepaald hoog aantal klanten per dag’. Beide voorbeelden hebben met elkaar gemeen dat twee belangrijke eigenschappen telkens een belangrijke rol spelen, namelijk ‘Stressmanagement’ en ‘Zelfmotivatie’. Stressmanagement is de neiging om ontspannen te zijn en tegelijkertijd goed te kunnen omgaan met stresssituaties. Zelfmotivatie wil zeggen ‘De gedrevenheid om te presteren, waaronder initiatief nemen, uitdagingen willen en enthousiast zijn over doelstellingen’.

Het is reëel dat wij in bovenstaande voorbeelden stressmanagement en zelfmotivatie los van elkaar beginnen te zien als twee schijnbare tegenstrijdige gedragseigenschappen, met een hoge waarschijnlijkheid dat beide eigenschappen destructief op elkaar inwerken. Voorbeelden zijn: zonder de complementaire eigenschap stressmanagement leidt zelfmotivatie tot ‘gestrest presteren’, en als zelfmotivatie en stressmanagement niet aanwezig zijn zal dit resulteren in ‘gestrest onderpresteren’. In ieder geval wringt hier het schoentje met als nefast resultaat het mentaal en/of fysiek afhaken van de betrokken medewerker.

Als wij tot inzicht komen dat zelfmotivatie en stressmanagement geen tegenstrijdige dingen zijn, neemt het de constructieve vorm aan van ‘evenwichtig presteren’. Noodzakelijke voorwaarden voor een hogere werknemersbetrokkenheid en motivatie.

De meeste van de baanbrekende ontdekkingen en opmerkelijke uitvindingen uit de geschiedenis, van het gebruik van vuurstuur voor het aanmaken van vuur tot zelf-rijdende auto’s, hebben met elkaar gemeen dat ze zijn ontstaan uit nieuwsgierigheid.

Volgens Harvard Business Review ‘HBR.ORG September-October 2018’, beweren bedrijfsleiders dat ze waarde hechten aan werknemers die vragen stellen of die nieuwe manieren van werken verkennen. Uit onderzoekt blijkt echter dat bedrijfsleiders deze nieuwsgierigheid grotendeels onderdrukken uit angst voor het nemen van risico’s en het afnemen van de efficiëntie bij medewerkers.

Leiders moeten nieuwsgierigheid in zichzelf en bij anderen aanmoedigen door kleine wijzigingen aan te brengen aan hun organisatie en aan de manier waarop zij hun werknemers aansturen. Vijf strategieën kunnen hierbij helpen: nieuwsgierigheid aantrekken, nieuwsgierigheid overbrengen, leerdoelen benadrukken, medewerkers toelaten om te verkennen en hun interesses te verbreden, en bouw “Waarom” “Wat als ..” en “Hoe kunnen wij ..” dagen in.

Hoge nood voor talent op onze arbeidsmarkt.

Alle organisaties staan voor grote uitdagingen. De vergrijzing, de ‘war for talent’, het verwerven en doorgeven van competenties vergen een duurzaam en aangepast HR-beleid. Andere rekruterings- en selectiemethodes moeten worden gebruikt om vacatures dringend ingevuld te krijgen. Hierbij komt dan ook nog eens dat de manier waarop wij werken, hoe we willen werken, waar we kunnen werken en wie nog werkt, fundamenteel veranderd zijn, aan het veranderen zijn en zullen blijven veranderen.

Werknemerstevredenheid, engagement en productiviteit lagen nog nooit zo laag.

Volgens Gallup Inc. ‘State of the Global Workplace’ rapport, editie 2017, zijn in België medewerkers: