Page 100 - SyI Quarterly - Q3 and Q4 Edition 2023
P. 100
Chartered Security Professionals
Security Design - Collaborate or Commiserate
Jennifer Ciolfi CSyP
This resulted in a very painful three years for all parties involved. Working through the Construction
phase, and then the Handover Phase, we kept disagreeing, the Project Manager kept mediating. The
project kept moving forward and we kept suffering. More critically, I kept suffering. I was overdosing
on stress, feeding off a steady diet of frustration, anger, and exasperation. This was not a healthy
situation, not for the project, not for the other team members, and certainly not for me. But I was
determined to deliver a project with an uncompromising security design, and I did. I delivered the
project straight over to operations, who immediately started adapting the security design to suit how
they preferred to work and to streamline their own security operations, and I seethed in frustration.
It took me a long time to understand that of all the fatal flaws that had followed me throughout this
entire project, the biggest one was me. I was the biggest problem and I likely had been the entire
time.
Canadian Astronaut Chris Hadfied wrote the book “An Astronaut’s Guide to Life on Earth” and in that
book, he talks a great deal about the dynamics of forming new teams, especially with high
performing individuals. He talks about how when joining a new team, each member can be either a
-1, 0, or +1. He stated that the biggest mistake people make is striving to be a +1 as quickly as
possible and not taking the time to understand the team, not knowing the group culture, or the
current processes, and rushing in (convinced that we always know better) trying to change the group
to meet our way of thinking. This usually results in the new member being a large -1 to the group
and its ability to deliver results. Hadfield suggests that in order to get to being a +1 the fastest way,
is to aim to be a big fat Zero. Aim to spend the first few weeks/months learning. Learn about the
group, learn about how they work to see how you can contribute to them, instead of trying to
immediately deliver your version of success.
Smart man, Mr. Hadfield. I read that above part more than once, and each time I re-read it, my
memory of that project, which I would have sworn was crystal clear beforehand, started to change.
I started to think about all those meetings that I had attended where I resentfully sat through other
teammates discussing the details of their deliverables, angry that I was being forced to waste my
time listening to discussions about paint colours, furniture types, cloth swatches, china patterns and
endless lists of details that needed to be agreed on. I thought about my ex-boss who once told me
“If the words coming out of my mouth don’t get me in trouble, the look on my face will”. I thought
about the look on my face in those meetings.
I had not been interested in learning about the roles or responsibilities of my other teammates. I
had not been interested in learning about the technical details of their deliverables and every day for
three years, I woke up and shot myself in the foot.
I could have spent three years working with an amazing group of professionals, some of the best in
the country. I could have spent three years learning how I could adapt my security design to
complement their project pieces, instead of fighting every impingement. I could have spent three
years delivering a better product. A product that would have incorporated design instead of resist-
ing it and would have worked with current Security Operations, instead of trying to redesign them to
how I thought they would work best.
100
