In my career, I’ve experienced all levels of process maturity, ranging from “process for process’ sake” to “winging it.”
- Many, many years before Marie Kondo popularized the term “spark joy,” one of my former employers shut down the entire office for the afternoon so that we could spend that time cleaning up. Thankfully this was not instituted (institutionalized?) as a weekly occurrence.
- On the other extreme, some organizations resist process and just wing it. To the point that I literally hide when I use a process.
Now the ability to “wing it” can be used in some circumstances but not in others. Obviously improvisational comedians “wing it” by definition. But Ike (pre-matrix) couldn’t have used the “wing it” approach on D-Day.
What about cybersecurity? Can you “wing it” when you’re attacked?
The evolving threat landscape demands robust governance architectures and well-defined board duties to ensure resilience against cyberthreats. Effective cybergovernance not only protects an organization’s digital assets but also reinforces trust among stakeholders.
Governance is a critical component of cybersecurity, if for no other reason than to prove that your organization actually HAS cybersecurity. Ideally an organization will govern its cybersecurity by some type of “maturity model.”
And that’s more than refraining from calling someone a poopy head.
(AI image from Imagen 3)
Bredemarket 
2 Comments