π‹πšπ€π¬π‘ π‘πšπ π‘πšπ―πšπ§ Profile picture
Fallibilist | Systems Thinker | Citizen of the World | InfoSec Leader @LinkedIn | Tweets on Security, Leadership, Science, Tech & Life | Opinions my own.
Oct 21, 2021 β€’ 7 tweets β€’ 4 min read
1/6 A thread 🧡on the intersection of #Cybernetics #SystemsThinking #Leadership and #CyberSecurity:

For context, first read this blog by @harish_josev: harishsnotebook.wordpress.com/2021/10/03/tow…

It is AMAZINGLY well-articulated and a MUST read for security practitioners & leaders in general! 2/6 Quote: "... we should stop setting targets and instead, provide a direction to move towards."

Wait, don't manage by goals?

Is a goal-less company/org possible? Yes πŸ™‚
E.g. @basecamp led by @jasonfried
Apr 7, 2021 β€’ 8 tweets β€’ 4 min read
1/8 Now that the poll has closed, I'd like to disclose that I'm with the minority (No) on this one. Rationale summarized in this thread πŸ‘‡

#pci #training #appsec #swsec

cc: @shehackspurple @bilcorry @robertauger @cigitalgem 2/8 Note: My position is mostly for large enterprises - especially the ones that operate in different sectors/countries (jurisdictions) & thus are subject to multiple compliance mandates & regulations. But, one can philosophically embrace this approach for other enterprises too.