Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy.

This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author.

What you’ll find in this episode (Chapter 12)

This chapter addresses the challenge of changing first in order to lead and influence change. The concepts introduced and explained in Into the Breach – the Strategy to Protect Information, The Catalyst Method™ (recently updated) and others – produce rapid and lasting results for those who embrace them and implement them in their organizations.

Michael shares two basic analogies to consider while summoning the courage to break from tradition and take action: the process of building a flywheel and reconsidering Newton in a new light.

Into the Breach provides a wealth of ideas and information. The Awareness that Works™ system is the implementation of the guide from the book – and more. Contact Michael today to learn more and explore the guaranteed results.

Put the power of Into the Breach to work for you…

After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by

1. Engage with Michael on twitter (http://twitter.com/catalyst) (and he’ll engage back with you)
2. Subscribe to The Security Catalyst podcast & blog to get more insights; ask a question and get an answer!
3. 3. Check out Awareness that Works™ – Michael Santarcangelo’s program to guide smart investment in people, with guaranteed results (this program pays for itself).

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy.

This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author.

What you’ll find in this episode (Chapter 10)

Compliance is not a commodity that can be purchased. And demonstrating compliance at a point in time does not mean information is being protected properly. There is a growing chorus of practitioners that suggest compliance is not security; however, proper security can and often does lead to effective compliance.

The key in managing risk and demonstrating compliance is to engage people in the process of assessing and protecting information – with and without the use of technology and controls.

In this chapter, I share some personal experiences and research that demonstrate the difference between a reactionary approach to compliance and a more mature process that addresses many needs at once.

If you find yourself drowning in compliance – or are trying to convince others of a different approach – this chapter is written for you.

Put the power of Into the Breach to work for you…

After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by

1. Engage with Michael on twitter (http://twitter.com/catalyst)
2. Subscribe to The Security Catalyst podcast & blog to get more insights; ask a question and get an answer!
3. Check out Awareness that Works™ – Michael Santarcangelo’s program to guide smart investment in people, with guaranteed results (this program pays for itself).

As the son of a son of a sailor

I went out on the sea for adventure

Expanding the view of the captain and crew

Like a man just released from indenture

As a dreamer of dreams and a travelin’ man

I have chalked up many a mile

Read dozens of books about heroes and crooks

And I learned much from both of their styles

–Jimmy Buffet, Son of a Son of a Sailor

With Jimmy Buffet playing on the radio, we set “sail” in January in our forty-foot diesel pusher RV. With the roads as our sea, we set out for adventure, and more: we set out to change our lifestyle.

My family stopped collecting things and starting collecting experiences. And we are liberated.

The process of leaving the house included going through nearly every single thing we “owned.” It was an exhausting process filled with memories, discussions and the sober realization that it is easy to collect things. While we found some great purchases and reminded ourselves of great times over the last decade, we also realized we had unwittingly accumulated a lot of stuff.

The process of simplifying our possessions was powerful. As we fired up the diesel and headed south in search of warmer weather, we resolved to do thee things:

1. Simplify our lifestyle and schooling (road school is for all of us, not just the kids)
2. Streamline our fitness and nutrition
3. Simplify our business

In the short few months we have been “on the road,” we have managed to make great progress on all three goals. Pursuit of these may be a constant journey that evolves over time, but we live each day to the fullest and cherish the time we have with each other and those we meet on our journey.

Streamlining our lives, nutrition and fitness have obvious benefits. For me, the real breakthrough came on the business front.

It started in December, before we left, while speaking with a friend. After listening to my goals, he left me with these words from Bruce Lee:

“I fear not the man who has practiced 10,000 kicks once, but I fear the man who has practiced one kick 10,000 times.”

Sometimes the right words shared at the right time make the difference. For me, this was instantly profound, powerful and put my quest into context. I had run a successful business practicing a lot of kicks. It was time to mature and find what my “one kick.”

After a few weeks of active thinking, writing/journaling and speaking with friends (including clients), it the path that blended professional speaking, writing, training, information security, adult learning and my background in Human Ecology came into focus. A few more conversations and it became as clear to me as it had been to others: I needed to focus on awareness.

It is no secret I am disappointed with the industry efforts at “security awareness training.” More often than not, the traditional attempts waste money and even increase risk! I refused to simply do what everyone else was doing.

My “one kick” is Awareness that Works™

So I took more time to consider my entire experience and the elements that worked. I am excited to share the result: Awareness that Works™

Awareness that Works™ connects people to the consequences of their actions, creating a shift in thinking that inspires behavior change. Individuals achieve understanding in their own context, and then are guided, shaped, and supported with materials and training tailored to them.

To be effective, awareness needs to be separated from training. This provides some concrete benefits and sets the stage for the right messaging, training and support to not only influence behaviors, but to provide needed insights and information to the organization.

I want to work with people who have a mandate for awareness and are ready to work with me to move the cost of working with people to an investment. The approach I created to guide organizations – tailored to the unique aspects of each – works so well that it pays for itself. In fact, I guarantee it.

This is my focus. 100% of my time, energy, effort, and research go into how we work together. And with this focus, I plan to write and share more.

I’m excited about the initial results – and the conversations about awareness I share every day.

Consider yourself invited!

If you are focused on addressing awareness (and the subsequent training), I want to speak with you. No strings, no selling. Just discussing.

And our journey continues.

The current plan (which is always subject to change) is to spend a few more weeks in Myrtle Beach, South Carolina. We’re enjoying the beach, finishing up repairs to the RV, and focusing on the launch of Awareness that Works™.

Soon, we head back on the roads for adventure. No doubt we’ll “chalk up many a mile” – blending with reading, writing, sharing and learning. The campfires will be many and the conversations plenty.

Life is good.

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy.

This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author.

What you’ll find in this episode (Chapter 9)

Writing this book and testing these methods revealed a surprise: people who are engaged – connected more closely to the consequences of their actions – do more than protect information.

This chapter explores additional benefits from the improved communication and insights that come from following the strategies and elements shared in Into the Breach, including:

• Quickly align business and technology organizations (true alignment, not lip service)
• Harnessing the power of people to uncover new revenue opportunities
• Leveraging and engaging individuals in the act of reducing waste while doing more with less\

You want more, so after listening…

After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by

1. Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
2. Subscribing to The Security Catalyst podcast & blog to get more insights
3. 3. Checking out Awareness that Works™ – a new program from Michael Santarcangelo to guide smart investment in people, with guaranteed results (this program pays for itself).

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).

What you’ll find in this episode (Chapter

The strategy has been revealed. The fundamentals of what is now The Catalyst Method have been shared (note: if you want the update on The Catalyst Method, drop me an email). The key considerations for a pilot shared – and now it is time to measure success.

So how do you measure what matters so you can communicate what counts?

In this chapter, “Measuring Success,” Michael draws on his background of social science and economics to explain a powerful approach to measuring success. Learn how to use the right mix of qualitative and quantitative measurements to get the feedback necessary for success.

Learn how to measure what matters and communicate what counts.

Put the power of Into the Breach to work for you…

After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by

1. Engage with Michael on twitter (http://twitter.com/catalyst)
2. Subscribe to The Security Catalyst podcast & blog to get more insights; ask a question and get an answer!
3. Check out Awareness that Works™ – Michael Santarcangelo’s program to guide smart investment in people, with guaranteed results (this program pays for itself).

As the snow starts to cover the ground in Upstate New York, my thoughts are already turning to the year ahead. I’m not at all disenchanted with the Holidays; I’m just excited about the journey ahead with the Catalyst onTour RV adventure. Equally exciting to me is the programming that will be presented by the Security Catalyst in 2010.

The Security Catalyst is designed to be a clearinghouse of bright ideas from a collection of passionate and thoughtful professionals. I believe that more voices, more perspectives, and more discussions are essential to influencing the positive change we need. To that end, we have spent the last few months sharpening our focus – based on the needs of the industry – and developing themed columns and a revised approach to producing readable, actionable content.

We will introduce the bulk of the series in December, and continue rolling out new features and opportunities to engage as the year progresses. So as I travel the country to meet with as many people as possible, we will shine an increasingly bright light toward the future on the pages of the Security Catalyst Online.

The Security Catalyst Online Experience: Amplify the Good

Our mission is simple: amplify the good. A dozen contributors give of their time and experience to help advance the profession. Take a moment to consider the diverse programming prepared for 2010. Each of the contributors spent a few weeks developing a column and outlining key ideas and concepts to guide what we share in the coming year.

We’re working on a production cycle and are implementing a peer review process in 2010. In the coming weeks, I’ll showcase the contributors, reveal more about their series and provide the opportunity to engage with them – for the benefit of everyone!

We welcome feedback – comments, questions and challenges – to help shape our efforts and provide outstanding value for you and your efforts.

Security Social Worker — by Trish Smith

Trish Smith explores the perspective of a licensed MSW on the information security field. In the overall spectrum of topics, which all center on the juncture of technology and people’s thoughts, feelings, and behaviors, Trish’s focus will be on people and how to turn a change concept into reality.

Foundational Identity Management – by Ioana Bazavan Justus

Ioana Bazavan Justus will share her extensive experience in implementing Identity Management at Fortune 50 companies in a 14-part series that is focused not on the technology, but on the process pitfalls and data preparation – the aspects that, if ignored, will make an IAM implementation fail. I’ve known Ioana for over a decade, and her ability to understand, explain and get results is amazing. I’m really excited about this series.

Organized Fraud Prevention – by Sharon Shaw

Sharon Shaw is more than an expert on preventing fraud – she is passionate about sharing ideas, insights and strategies that bring a new focus by explaining the (sometimes hidden) challenges every organization faces. She then provides thoughtful, straightforward solutions.

Leading from the Front – by Martin Fisher

Martin Fisher is a leader (my word, not his) that has engaged me in great conversations about leadership, management and the future of the industry we both serve. He’s agreed to share his thoughts and the secrets of his success to help influence positive change in 2010.

Security From Scratch – by Dennis Kuntz

Dennis Kuntz is gifted in a lot of ways, and I originally wanted to call this the “one man band” given his musical prowess. However, since he’s embarking on an effort to build security from scratch, we deemed it to be a more fitting title. We’re still tweaking the outline – but the goal is to harness collective experience and provide clear insights to the challenge many of us face: building security into an existing organization. Where to start? What to do? And what really matters… tune in and find out.

The Privacy Advantage – by Aaron Titus

Aaron Titus is focusing on the positive aspects of privacy. Instead of dwelling on the shortcomings of privacy, Aaron will set forth the keys to turning a focus on privacy into an advantage.

Security… Psych! – by Jeff Kirsch

Jeff Kirsch blends security with psychology – not only an interest for him, but a vocation for his wife. Jeff will share insights that improve the way we practice security based on how we think, behave, and learn.

Managing Your Compliance – by Jim McFee

Jim McFee knows compliance. He knows audits. As someone that has sat on “both sides of the desk” Jim is ready to share two decades of experience on how to set up and run and effective compliance and audit program. Emphasis on how to actively manage audit and compliance for outstanding – and harmonious – results.

Awareness that Works – by Michael Santarcangelo

Starting in January, Michael Santarcangelo (your humble Catalyst) will share his unique and effective approach to building “awareness that works.”

Ioana got started in November, and the balance of the contributors will introduce their columns this month, with a nugget or two to ponder and digest over the holidays. By January, we’ll be running full tilt – loaded with ideas, insights and success for 2010.