Thursday, January 31, 2013

Using Teambuilding to Improve Performance for Geographically Distributed Information Security Professionals


One of my GIAC Candidates just obtained her Gold certification by writing a research paper that is titled "Using Teambuilding to Improve Performance for Geographically Distributed Information Security Professionals". General leadership issues often fail to be addressed at some many of the conferences that we visit that I wanted to bring this one out to the forefront.

Many of us work from home, or are on the road most of our time. Yet, we are expected to function as a team, and one of the key ingredients for team building is that the members of that team have something in common and have an opportunity to work together.

In her paper, Julie points out that actively engaging in team building activities for your distributed infosec team really pays off. One very interesting observation in the paper deserves to be quoted verbatim:
"The most notable improvement came in the area of application security. Application vulnerability scans are conducted annually and after major application upgrades. The scans performed prior to training took weeks to resolve with corporate IA. There were prolonged email threads concerning how to mitigate certain results along with numerous teleconferences and individual phone calls. Similar scans, conducted after training, were resolved in one 30 minute meeting"

All-in-all, although not your typical infosec publication, this paper is worth reading.

No comments: