The Secure Methodology™ Step Three: Acknowledgment

cybersecurity appreciationAcknowledgment is an important part of life and relationships. It’s the expression of appreciation and something most people yearn for from those they love and within their careers. Yet, acknowledgment in work life is often something that’s missing. It’s certainly MIA in the cybersecurity industry, and that’s why it’s step three of the Secure Methodology.

We’ve previously reviewed step one (awareness) and step two (mindset). Now, it’s time to move forward.

The Secure Methodology: A Refresher

Before we get started, I’d be remiss if I didn’t give you the recap on the Secure Methodology. It’s something I developed and covered in my book, The Smartest Person in the Room. It’s a guide of seven steps designed to get cybersecurity operations on a path to transformation, turning technical people into communicators and facilitators. It’s all about inviting people skills into the technical world. It’s a very different take on preparing organizations for the cybersecurity war and one that could make all the difference.

In this post, I’ll give you an overview of step three and why it matters.

Why Is Acknowledgment So Hard in Cybersecurity?

You’ve probably got stories from your work history that come to mind when you think about the difficulty of acknowledgment. When your supervisors should have provided you with appreciation, there were crickets instead. That’s true for any industry, but cybersecurity struggles with this even more.

Cybersecurity leaders often suck at this because they look at everything from a lens of what went wrong. Nothing will be perfect, and things going wrong is part of the process. Cybersecurity, and life in general, are never problem free. Progress, however, is also part of cybersecurity and life. If you never stop to appreciate (and acknowledge) the progress, your staff may never even realize their own growth. That’s not the way to build better leaders and employees. It’s part of the big problem with cybersecurity today. However, it’s not one without a solution.

Failure to Acknowledge the Difficulties of Cybersecurity Hurts Teams, Too

Another acknowledgment failure is that many executives don’t comprehend the sector’s complexity. Cybersecurity is not one thing—it’s many, and not everyone is an expert in every facet. Thus, they have this misplaced misconception that every technical person knows everything.

At its roots, cybersecurity is about the protection of data and networks. I wouldn’t call it complicated but wouldn’t label it as easy, either. All this lack of understanding on the part of leadership creates misalignment in acknowledgment, and that’s the real problem.

If the top struggles with this, so will everyone below. Those folks doing the work and striving to protect an organization will never get the recognition they need and deserve. It’s a systemic issue.

While those leading cybersecurity teams understand it’s tough, they still expect perfection. They dismiss the many small wins that happen every day, choosing to criticize the things that went wrong instead.

Criticism is often justifiable, as the errors could lead to breaches or other incidents. It’s serious stuff, but leaders would be better off trying to learn from mistakes instead of beating people up. It’s a cycle of only acknowledging these missteps and never the successes. In such an environment, why would technical workers even want to stick around? And if they do, aren’t we just teaching them to posture or overcomplicate everything because they know they’ll only ever be seen when they are wrong?

Such an atmosphere isn’t good for engagement or retention. In the end, it makes your organization less secure. So, it’s time for technical leaders to learn how to express good feedback.

Key Steps for Giving Good Feedback

Humans crave feedback. It lets us know how we’re doing and provides some certainty to an uncertain world and field. Without feedback, it’s impossible to grow and learn. I have five rules for giving helpful feedback:

  1. Create a safe space: Praise in public but provide constructive feedback in private.
  2. Be positive: Look for the things done well over those done wrong.
  3. Use specifics and facts: If feedback is too general, it has no punch.
  4. Provide feedback immediately: If too much time passes, we forget.
  5. Be tough but not mean: Ask questions about why acknowledge efforts and correct behavior without name-calling or rudeness.

In feedback, one of the most crucial elements is that which is constructive. That’s something technical leaders aren’t great at doing. Here’s how to be better at it.

Constructive Criticism: A Layered Approach

If you want to correct errors and give your employees the opportunity to be better at their job, you have to get constructive criticism right. It starts with the acknowledgment of something positive. Starting off this way makes the person more receptive to what you have to say. Following the feedback rules, be specific about what they did well.

Next, you start with constructive feedback. Again, be specific and ask questions. Find out why things occurred as they did to get to the root of what’s going on. Did your employee not understand the issue? Did they try multiple things? Is something else going on in their life that makes them abrupt or distracted?

After you talk through how they could have handled the situation better, end the conversation on a positive note. With this approach, they won’t focus on the negative. They’ll feel acknowledged for their work and will take to heart ways in which they can improve.

This kind of communication can save cybersecurity teams and position them to do excellent work and have fulfillment in their roles. When it doesn’t happen, the implications are problematic.

Lack of Acknowledgment Is a Big Reason We’re Losing the Cybersecurity War

You might think that acknowledgment is all about being warm and fuzzy, and technical folks don’t need that. That’s just wrong. Without acknowledging the work of your staff, you are sending them toward disengagement. They may become resentful, and they’ll leave. They don’t feel appreciated, and that’s why people quit their jobs. It’s not about money; it’s about the environment and its managers. That’s even more prevalent in the current work landscape with The Great Resignation and “quiet quitting.”

People work because they need income, but they want something more than that. They desire meaningful work and to feel that their contributions make a difference. They also want respect and not to work in toxic environments.

So, if acknowledgment is non-existent, and your technical folks are just becoming more disengaged and unhappy, why should they care about keeping data and networks secure? If they don’t feel a connection, the quality of their work will be subpar. Why should they care if the company doesn’t care about them?

How different would they feel with acknowledgment?

Acknowledgment Makes Technical People Better in Many Ways

Acknowledgment can certainly help cybersecurity professionals become better at their jobs. It’s not just the technical acumen that can improve. So can their problem-solving and people skills. And these matter to their success and the security of your data.

Regarding problem-solving, a technical worker that never receives positive feedback will live in a place of fear. They’ll have a narrow focus on the one way to do something and never seek solutions outside of this. They lack the confidence to do this and go into the pattern of over-complicating things. Why would they be in a place to acknowledge things themselves if the culture is one that doesn’t?

It’s a downward spiral, but acknowledgment can transform this. Acknowledgment can be the start of encouraging professional and personal growth. Workers that receive this want to learn and don’t think they have all the answers.

It can also help them develop better people skills as they see how a leader communicates effectively through acknowledgment. It will help them immensely in their careers because technical people need to be great communicators to be successful. You’ll build trust and rapport, which makes a cybersecurity team able to accomplish its goals. These things won’t happen overnight, so you’ll need guidance on doing this.

Acknowledgment tells your people that you want to thrive and succeed. That’s the message they need to hear consistently. Every day you have an opportunity to provide that positive feedback so that technical people feel they are in a workplace that values them and wants them to do well.

Giving them credit today creates that goodwill, so when you come to them with that constructive criticism, they are open to it. Doing this regularly and building rapport requires a concerted effort and possibly a new perspective. Also, keep in mind that you’re doing this to help them and your organization.

You can easily agree that when people acknowledge and support you, you’ll go out of your way to help them. That’s the foundation here. Acknowledgment isn’t just about saying “great job” to everybody daily. It’s about recognizing efforts and accomplishments.

In my book, you’ll find more tips on acknowledgment, building rapport, and more exercises. Get your copy today to master this step and transform your technical folks into more engaged, communicative, and satisfied employees.

The Secure Methodology™ and Cybersecurity Leadership

7 Step Secure Methodology - Christian EspinosaThe advent of technology makes it easier for us to communicate with our staff and improve our business processes. However, it can also be a major risk to our organization: Hackers are lurking in every corner, waiting for the right time to steal information from us.

We need to strengthen the skills of our technical staff by utilizing The Secure Methodology. Through The Secure Methodology, we can help our staff improve their communication skills and encourage them to lead with their hearts and intuition, rather than just their logical minds.

Generally speaking, The Secure Methodology is a step-by-step guide designed to help us improve interpersonal skills so we can easily practice honest and effective communication. The Secure Methodology also promotes more in-depth understanding, allowing every person in the organization to be on the same page and work together towards a common goal, such as stopping cybercrime.

Benefits of the Secure Methodology

Cybercrimes are common worldwide, which is why it’s important for organizations to take preventive measures. The common strategies used by organizations today aren’t flawless as the number of cybercrimes continues to increase worldwide.

The Secure Methodology is different from other existing strategies because it leads us to better results, that do not require more investments in technologies or cybersecurity frameworks. Here are a few of the benefits:

  • Better security: By practicing the seven steps of The Secure Methodology, we’ll have peace of mind knowing that our organization and all our trade secrets are less vulnerable to cybercrimes. The Secure Methodology provides for a better understanding and mitigation of risks to protect our organization from hackers worldwide.
  • Cost reduction: Losing vital information will cost money from our pocket. How can we continue producing products if our trade secrets were stolen? How can customers trust us if their information is at the hands of hackers? When we practice The Secure Methodology in our organization, we reduce costs associated with cybercrimes. Instead of spending money to minimize the effects of cybercrime on our organization, we can use it for other areas that can help our business improve and grow.
  • Develop total intelligence: One of the biggest benefits of The Secure Methodology is helping leaders in the organization develop and lead with total intelligence. Through The Secure Methodology, we can learn to lead using our people skills, as well as our hearts, logic, and intuition. Being able to use different types of intelligence will make us better leaders and more equipped to combat cybercrimes.

The Secure Methodology isn’t just about helping our technical team prevent cybercrimes; it also teaches us different strategies to help improve ourselves and our organization in the long run.

Why the Secure Methodology Was Written

The Secure Methodology was written as an attempt to improve teamwork and cybersecurity in an organization. Yes, there are countless techniques that are meant to help organizations fight against cybercrimes, but not all of these are effective. In fact, looking at the cybersecurity status quo, we see that cybercrimes continue to affect organizations regardless of the size and nature of their business.

The Secure Methodology reinvents how organizations improve and also protect themselves from cybercrimes. Instead of merely using logic and intelligence in combating cybercrimes, the Secure Methodology aims to beat cyber criminals by developing the holistic skills of the staff and by using logic, emotion, and instinct equally.

Moreover, the Secure Methodology helps leaders get their technical people to strengthen their people skills and encourage them to lead with their hearts and instincts. Once we can accomplish these goals, we can quickly improve communication skills, making it easier for the organization to discuss issues and fix them as soon as possible.

The Secure Methodology allows leaders to know where their people are coming from and what kind of help their staff needs when issues arise. When we know what the world looks like from their perspective, we can provide solutions that address the root cause of the problem.

Overview of The Secure Methodology 7 Steps

1.    Awareness

Awareness has two aspects: self-awareness and the awareness of others. As the name suggests, self-awareness is about understanding our behavior or the behavior we can control. Even as a single human being, we should keep in mind that we impact the world around us, which is why we should be mindful of how we interact within it. For example, how, when, and where we frown or smile can significantly impact someone, and we should be aware of it.

Technical individuals and humans in general struggle with self-awareness because we often fill our lives with stimuli, namely social media and games. This removes the time needed to reflect on our actions. Leaders like us also face the same dilemma: we might show up in a meeting in a negative mood, not thinking how this demeanor can impact our staff and their progress during the day.

Being aware of others is also an important part of the Secure Methodology. When we’re only aware of our own actions, we’re not only being self-centered; we are also not helping solve problems in the organization.

For example, if we see a staff member crying at her desk, it’s best to ask her how she’s feeling instead of making an assumption. Making assumptions and being unaware of others’ emotions will likely make us angry and confrontational, making the situation worse.

2.    Mindset

There are also two types of mindset often exhibited by staff in an organization: growth and fixed. Individuals with a fixed mindset believe things are the way they are, and they’re no longer capable of changing. For example, technical staff with a fixed mindset in an organization may often claim, “I’m not very good with people.”

Conversely, someone with a growth mindset will say, “I understand I have challenges working with people, but I’m confident that I can get better.” With a growth mindset, a person understands what they’re struggling with and is open to learn and make changes.

3.    Acknowledgment

Acknowledgment in The Secure Methodology covers a lot of items. For starters, we should encourage our technical staff to focus on self-acknowledgment. Instead of letting them think that they’re not good enough, we should encourage them to acknowledge that their skills are vital to the organization.

Acknowledgment is also important for leaders like us. When we want our technical team to improve their behavior at work, we should acknowledge everything that they have accomplished in the past and let them see what they can do if they gain more skills. This will prevent them from shutting down and motivate them to change.

4.    Communication

Communication is about how we interact with our staff and the type of language we use. In short, communication isn’t just about the words we use; it’s also about our body language and tone. We also need to keep in mind that the meaning of communication is the response you get.

It’s common for technical staff to miss out on body language or tone and only focus on the words being communicated to them. This is problematic and often leads to issues when communicating within the organization. As leaders, we should help our technical staff understand different communication patterns and body language displayed by the speaker. We also need to train our team to listen better, rather than just waiting for a gap in the conversation to speak.

5.    Monotasking

Technical staff in an organization have to accomplish different tasks regularly, but this doesn’t mean they should do everything in one sitting. Multitasking has been hyped for so long, yet following this concept at work doesn’t guarantee better or more outcomes. In some cases, attempting to take on several tasks at one time will only result in anxiety and many unfinished projects.

As part of The Secure Methodology, we should highlight to our technical staff the importance of working with one task at a time. When technical staff practice monotasking, they can easily produce quality work because their focus is poured into one task only.

Monotasking also helps with communication, because if you are monotasking during a conversation, you are present and listening better.

6.    Empathy

It’s common for technical people to think that they’re the only individuals in the organization with problems, and everyone else has it easy. However, this kind of mindset is self-centered and somewhat narcissistic, which can only lead to bigger problems when left untreated.

When our technical staff is self-absorbed, they’re at greater risks of developing depression. Their lack of connection to other people will also make it very challenging for them to collaborate in problem-solving.

For The Secure Methodology to work in our organization, there should be empathy across all levels. Our technical staff shouldn’t jump to conclusions immediately. Sure, their role in the organization is challenging, but this doesn’t automatically mean that the other staff has easier roles to play.

As leaders, we should teach our technical staff the importance of empathy by helping them understand that other people also have different challenges and that they shouldn’t quickly judge others because they have different situations.

7.    Kaizen

Kaizen is a term that means “change for the better,” which is the ultimate goal of The Secure Methodology. If we want to improve our organization’s cybersecurity, we should establish a new process and examine it continuously. Constant and never-ending improvement (CANI) are essential ingredients in achieving goals, no matter how big or small.

Key Takeaway for Each Step

  1. Awareness means we should be conscious of other people’s behaviors and why they behave in a certain way, just like how we want other people to be conscious of how we are.
  2. Without the right mindset, it’s challenging for any of our staff to change and grow. As a leader, we should believe that every single person in our organization has the capability to change. It is also our responsibility as leaders to remain committed to change. Change doesn’t happen overnight; we must also have the right mindset to commit to change.
  3. We should acknowledge our technical team every time they make the slightest progress in their behavior at work. This will encourage them to permanently adapt to positive behavior and grow more in their field of expertise.
  4. Communication plays a vital role in the relationship of every staff member in an organization, which is why we should ensure everyone regularly practices open and honest communication. Aside from making sure that everyone is provided with various communication channels, we should also teach the importance of tone and body language and how this can help us understand the speaker better.
  5. Most technical staff don’t know how to monotask, and it is up to us as leaders to change that behavior. When our technical staff focuses on one task at a time, they can produce more and better output during the day. Knowing how to monotask is also an excellent way for our technical staff to look after their mental health as they can keep anxiety and stress at bay.
  6. Every individual in the organization deals with some type of challenge. Instead of judging others based on their behavior, we should put ourselves in their shoes and understand where that person is coming from. When everyone in the organization knows how to empathize, the team generates better results.
  7. When our organization tries something new, say improving our cybersecurity, we can’t expect to succeed during the first, second, or even third try. Kaizen is the understanding of this process and the encouragement to continue trying. To get desirable results from our efforts, we need to practice regularly and not just dabble.

Short Activity for Each Step

  1. One activity to broaden the awareness of our technical staff is to let them reflect on what happened to them on the previous day and instruct them to imagine themselves as if that were their last day on earth. When they know they have limited time to live, they would likely treat others the way they want to be treated.
  2. Keeping a journal is a great way to develop a growth mindset within our team. We can encourage our team to journal every day for a month about the things they’re grateful for and the things they’ve learned. After 30 days, we can meet as a group and then discuss how everyone has grown in a month.
  3. One simple way to acknowledge the progress made by the team is to keep a cookie jar filled with notes about their accomplishments at work. When anyone in the team feels discouraged or hopeless, they can easily get notes from the cookie jar to remind them of what they’ve accomplished in the past and what they can do if they continue to strive.
  4. To improve communication within the team, teach them the fun NLP eye pattern trick. The eyes are the closest organs to the brain, and where a person “looks” (whether to the right or left) when they’re trying to access information can determine if they’re lying. Check out this diagram.
  5. Dividing our team’s day into time blocks will allow everyone to work on things that matter the most. We can simply let them list down the tasks they have during the day and arrange them on time blocks so they’ll know what to work on during a specific timeframe within the day.
  6. One activity to teach our technical team empathy is to have them pair up and have each person make assumptions of the other and then have them discuss their similarities. This activity will help our technical team stop making assumptions about others and encourage them to look for similarities. This will eventually help them develop their empathy.
  7. Kaizen focuses on reflection and never-ending growth, so we can have our technical team keep a workday reflection journal to write down their challenge or win during the day for a week. Then, we can schedule one-on-one meetings with them to discuss what they wrote in their journals and discuss how we can improve their weaknesses or challenges.

For anyone who is interested to learn more about the Secure Methodology, you can get the book or enroll under its program.

Check Out The Smartest Person in The Roomv

The Importance of Acknowledgment and Appreciation

acknowledgment - christian espinosaAcknowledgment is vital to everybody. It can be more powerful than money. In fact, money may be considered a form of acknowledgment for our work.

Whether it is for ourselves or the people around us, acknowledgment can do wonders. Learn to acknowledge yourself and your team by reading more.

Acknowledgment vs. Appreciation

Many may say that acknowledgment and appreciation are the same. However, acknowledgment has a deeper meaning.

When I appreciate someone, I praise or compliment them. For instance, I say, “Thank you for inviting me here today,” when I appreciate someone.

On the other hand, acknowledging means more than just appreciation. It means I see them for what they do in the world and how they make a difference. Thus, I express my gratitude and recognize them or their work aloud.

When I acknowledge someone, they will feel valued. So instead, I acknowledge someone by saying, “Thank you for inviting me today. I feel so happy being with you. You inspire me to do greater things.”

This latter statement shows that you recognize their efforts and how they impact you.

Impact of Acknowledgment

Because I recognize someone’s work, I know they will feel loved or valued. That is because when I am acknowledged, I also feel valued. The simple gesture of acknowledgment means I am gracious and socially aware.

Especially at work, being acknowledged has a positive impact on the overall performance of a person. For instance, if I am acknowledged for my initiative to do extra work, I feel happy. I will do an even better job next time because of this.

Importance of Self-Acknowledgment

The secret of being able to acknowledge other people is first to acknowledge ourselves. When we recognize who we are and what we have accomplished, it will be easier to acknowledge others.

Moreover, acknowledging ourselves is essential because of the following:

1. Increases Motivation

I measure success with achievements. This is good, but the negative side is when I only consider significant achievements as “achievements.” Sometimes I forget the small things I have achieved because I am so focused on the big things. As a result, I get burned out when I don’t achieve a big goal.

But when I change my mind to celebrate even small achievements, it fuels motivation. It tells me to keep moving forward. Not only that, but it helps me become more aligned with my goals and see tasks in a positive light.

2. Boosts Confidence

Not only do I feel motivated when I acknowledge myself, but I also feel more confident. When I know that I have completed or reached a goal, even if it’s a small one, it helps me do more. That’s because I know I can do it.

Self-acknowledgement allows me to see that I am skilled, dedicated, and hardworking. Without these, I know I cannot reach my goal.

On the other hand, not recognizing my achievements makes me forget that I have skills, passion, dedication, and other values. In the long run, I will feel dissatisfied and may even succumb to depression or anxiety because I no longer trust myself.

Ways to Acknowledge Our Accomplishments

Most of the time, we don’t acknowledge our successes because we don’t know how. Thankfully, I have learned the following ways to recognize my accomplishments.

1. Break Down Your Achievements (Even the Small Ones)

When I go to the supermarket, I list all the essentials I need without forgetting one. I even list down tasks I need to complete so I know what I need to do.

Similarly, I learned to list all my achievements from small to big ones, daily to weekly, short-term to long-term.

By doing this, I feel like I am progressing because I can see my wins throughout my journey. Moreover, writing them down lets me remember those times, including what struggles I may have experienced and how I overcame them.

Having a list helps to see what I have accomplished so far and reminds me of what I’m capable of.

2. Celebrate

Another way to acknowledge accomplishments is to celebrate. This does not mean a grand celebration, but you can have one if you want to. For me, treating myself to a short hiking trip is enough, for instance.

What matters is that you do something that makes you happy as a reward for your accomplishment. Say you have done the laundry that’s been sitting for weeks. Celebrate it by treating yourself to a delicious meal.

Celebrating small wins is not an egotistical or selfish act; it is a way to acknowledge our accomplishments.

The “Cookie Jar”

While trying to accomplish my goals, I have been through many ups and downs. Sometimes the hardships have been very difficult to deal with and have even left me in the fetal position crying on occasion. But David Goggins endured a lot of hardship before he reaped a lot of victories. This is what he called the “Cookie Jar.”

His concept behind this is that he dips into his cookie jar to remember accomplishing things when he is suffering. I also practice this, because it helps me to access my sympathetic nervous system. As a result, I can feel motivated to keep going when things seem too hard.

I follow the cookie jar concept by remembering how it feels to be successful during my victories. Thus, it will help me remember how I was tested by life and how I overcame those odds.

Think back on your victories, and relive the moment in your mind, reminding yourself that you can do more.

Acknowledging Your Team

As mentioned, acknowledgment is also vital in the workplace. Acknowledging your team helps them become more engaged and perform better.

The 5 Languages of Appreciation in the Workplace: Empowering Organizations by Encouraging People: Chapman, Gary, White, Paul: 9780802461766: Amazon.com: Books

There are five languages of appreciation in the workplace that we can apply when acknowledging employees. These five languages are the same as the 5 Love Languages and are from Gary Chapman and Paul White’s book “The 5 Languages of Appreciation in the Workplace”.

1. Words of Affirmation

Offering praise and recognition to team members is one of the easiest and best ways to recognize their work contributions. It shows that I value their output and how they accomplish it. It helps them know that I am aware of their efforts.

Thus, I can speak or write praises of their accomplishments. Imagine if you got a word of acknowledgment from your CEO.

2. Giving Quality Time

I spend some of my time with my staff. For instance, I join them over lunch and talk to them. It helps when I share similar experiences. Then I tell them that what they are doing is vital and valued.

When I spend time with them, they know that I know they exist and they are doing something important for my business or company.

3. Acts of Service

This is when I help my team, especially when it involves complicated tasks. By doing this, they will feel more motivated to accomplish the task at hand, and they become aware of how I see them as team members and as partners.

4. Tangible Gifts

Aside from words of praise, I also give them non-monetary gifts like a ticket to a conference. That way, they know that I recognize what they do.

5. Physical Touch

Using physical touch as a form of acknowledgment should be done with more care. A pat in the back or a congratulatory shake hand or fist bump may be appropriate.

Valuing Someone

When I acknowledge my accomplishments, it helps with developing my habit to acknowledge other people as well. Overall, not only can I make myself feel valued and feel good, but I also help others feel the same.

That is the power of acknowledgment. Learn more about acknowledgment and leadership in my book, “The Smartest Person in the Room”.

Check Out The Smartest Person in The Room