Why telling security leaders to “do more with less” is dumb and what to do instead (3 steps to create more value, not more work)


Telling security leaders working at or above their surge capacity, with no slack in the system and no chance for necessary downtime to “do more with less,” is a recipe for disaster.

Stop borrowing on the margin, hoping it works out

Most who try to comply with this demand end up taking on more work by “borrowing on the margin” of nights and weekends with the false hope of catching up.

The result is often creating more work through wasted work and rework.

Friction creeps in (and that’s not good for anyone)

This creates friction that erodes value, destroys trust, and burns people out. As friction compounds, it grinds projects to a halt, making efforts most costly and time consuming.

The approach is too costly, but we can reframe it:

Do more of what matters with less distraction.

Here are the three steps to create more value and not more work.

1. Solve the right problems

All problems are not equal. Some problems don’t need solutions or aren’t ours to solve. Find the right problems to solve that deliver the most value.

2. Deliver value faster

You deliver value when the work is done. That means reducing friction, subtracting distractions, and clarifying the path to success.

3. Communicate what counts

Security is often complex and confusing, so show your work to take the mystery away and invite people to collaborate earlier.

Create connection and build relationships to earn trust and recognition.

Read this post and more on my Typeshare Social Blog



Michael Santarcangelo | Security Catalyst

Connects security to business results, helping security leaders earn recognition as business leaders who deliver value (and know security)