Simplified management. Perfection is when there is nothing… | by Vicente Aceituno Canal | The CISO’s lair | September 2023


Perfection is when there is nothing else to remove


I have been managing IT and cybersecurity for a very long time. I have a particular style, so don’t take the following as gospel; This is exactly what I think it should be. Throughout this piece, understand each mention of you do/I do can be exchanged with your team does it/our team does it.

You can’t work with people if they don’t trust you. Omitting several obvious points, among them, such as respecting personal hygiene or wearing clothes that do not distinguish you from the company culture, I would say that four are significant:

  • Remember everything. If people need to repeat themselves, they will quickly feel like they can’t trust you. Write things down.
  • Deliver (or not). If you say you will do something, do it and tell the person who asked. If for some reason you cannot do this, also let the person who asked you know and explain why as soon as possible.
  • Be on time for meetings. If you keep people waiting, they will think you are unreliable.
  • Get to know your colleagues. People trust you more if they know who you are, especially if you are likeable.

You can be wrong, but you can’t lie. Lies are unacceptable in a work environment and I can almost guarantee you will be fired.

At work, if you can’t explain something in writing, you don’t understand it. Additionally, if you don’t communicate something, it’s normally as if it doesn’t exist. When communicating, I would recommend:

  • Use only one name for one thing. Having multiple synonyms for anything only creates confusion and opportunities for errors.
  • Never call two different things the same name. Confusions and errors may result.
  • Avoid proxy concepts at all costs. Let’s say, as an example, that you have P1 incidents, that is, those that need to be resolved urgently because they affect the business, and they outweigh other work, regardless of what ‘they are. Why not just call them urgent incidents. If a system type needs to be restored to SLA in 2 hours, don’t call it “B systems” and explain…
Leave a comment