Episode 15

Thinking about how we Think about Cyber Security - Part 1

Published on: 21st November, 2023

On this weeks episode of The Smart IT Podcast, I welcomed Prachee Kale, Co-Founder of Think.Design.Cyber., to the show. Prachee is a business and strategy galvanizer that excels in building cultures developing and executing strategy to accelerate organizational growth. Her career has focused on bridging gaps between the business bottom line, technology, and people to solve complex problems. As an outcome driven leader, strategist, and gifted communicator, she helps stakeholders realize their visions, navigate complex challenges and material change, develop critical partnerships, and create impact. Prachee took up the challenge of helping organization figure out where the cyber security money went and how secure they are. We discussed two great topics: thinking and cyber security, including:

- Addressing the fundamentals of people, process, and technology.

- Learning how do you tell the story of what a cyber program is doing and how to strategize and prioritize your efforts and investments.

- How to you frame the problem, clarify definitions, and establish what you are trying to accomplish. Realizing that framing is preceded by thinking.

- Security is not 2D problem, rather integrated complexity that is multi-problem. We are not dealing with a technology problem, but rather a people challenge.

- How do you see the problem of cyber security if you remove compliance requirements; how does your thinking work then?

- An insightful exercise, If you could start from scratch with an empty canvas, what are the possibilities beyond what we are doing and believe we have to do.

- Looking at security from a systems engineering approach. Modeling based on a system, one that is complex and adaptive.

- Challenges of line of defenses and its inhibiting collaboration. It is useful to bring methods from other disciplines into cyber.

- People are setup to fail, as you have to work a certain way, we were told so, people scared to break out if, limits how people work differently.

- The limitations of looking at symptoms instead of root cause. We have lots of self-infliction that result in breaches.

- End user blaming, at some point, someone will click on the link, acknowledge and design for it in your security program and defenses. Question: what if people could click on links all day long, we are able to handle that.

- Design principles, what are we solving for? We have to connect to agenda of the business.

- Cyber security is a function, not a profit generating arm of the company. You need to put on the business hat and support business to drive forward. We must remember that cyber budget takes away from other departments. What about sales and marketing?

- AI is going to take on some of the drudger and repetitive tasks to free up humans to do more human like job, to actually think, to problem solve. AI is complementary to humans.

- Systems thinking and systems science rules apply.

- Industrial strength design thinking.

Wrapping up, we need big picture problem solving, with the famous example of faster horses not being our best future answer. Design thinking is more than just for customer and UX, but also for human and technology interactions, it is a way we open up peoples mind. People feel trapped because they have no other choice, or stuck with choice they can't change. Our job is to create this awareness and right conditions, as we have been conditioned to think a certain direction. It is not right or wrong, we ask if I can add other things that help me solve this problem from a different perspective, so we can look for different solution. Thinking beyond what doesn't exist today.

Such much more to chat about. There has to be a part 2, people and coaching aspects, helping the introverts, empower others to come up with new solutions, etc. Stay tuned for more from Prachee. For now, enjoy part 1.

#thinking #designthinking #industrialdesignthinking #systemsthinking #innovation #cybersecurity

Show Notes Resources:

Prachee Kale on LinkedIn: https://www.linkedin.com/in/pracheekale/

Think.Design.Cyber on LinkedIn: https://www.linkedin.com/company/think-design-cyber/

Think.Design.Cyber website: https://www.thinkdesigncyber.com/


William D. Reed on LinkedIn: https://www.linkedin.com/in/cciewill/

Smart IT info: https://www.williamreed.info

Podcast on YouTube: https://www.youtube.com/@thesmartitpodcast

Podcast Homepage: https://the-smart-it-podcast.captivate.fm/

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for The Smart IT Podcast

About the Podcast

The Smart IT Podcast
Where IT explores what's next...
The Smart IT Podcast, where IT professionals can assemble and hear from each other, industry leaders, thought leaders, and those in adjacent fields to collaborate and learn from each other and explore what’s next for IT.

The Smart IT Podcast explores what’s next for IT as it continues to find ways to get the important things done for our organizations.
Preparing for the next decade, we need to think differently about how we approach our work to continue to thrive into the future.

Smart IT is an approach, conceptual framework, and development model to getting the important things done by transforming the way traditional IT thinks, works, and leads. It supports the disruption of the status quo, simplifies the complex, reduces uncertainty, and improves risk mitigation.

There has never been more pressure to deliver for our organizations; but I know IT is up to the challenge.

That will require IT to lead by working smarter. Let’s do it together.

About your host

Profile picture for William Reed

William Reed

I am an advisor of technology for business use, have seen the possibilities, the challenges, the constraints, and the risks. I have seen firsthand the technical debt, silos, broken communication, despair of IT, and business frustrations. And, I have seen the possibilities, the hopes, and the opportunities while working in the trenches of IT.

As someone that has analyzed, designed, built, and supported technology infrastructure for many businesses over the years, and followed the technology trends and cyber threats, I see the opportunities for our organizations and for the professionals of IT as a fulfilling and thriving career.

I believe we have been blessed with great opportunities to continue to improve ourselves and organizations. If it’s possible, there is no reason enterprise IT cannot reach new heights and help our businesses thrive in age of disruption, complexity, and risk.

I have a passion is bringing a fresh perspective to the challenges in front of IT and help inspire a team to tackle and win. And to help individuals and organizations make better decisions to improve outcomes and experiences.

I advise on matters of technology use for organizational benefits. He has over 20 years’ experience in the Information Technology field. He has worked for multiple technology value added resellers, representing the major vendors and technologies in the industry. He has consulted across the major industries, including banking, health care, retail, oil & gas, education, government, finance, and legal.