Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Think Big, Start Small, Move Fast: Applying Lessons From The Mayo Clinic to Cybersecurity

I have previously written about how much the Mayo Clinic impacted my life through my experience and time there. In that article I discussed their approach to multi-disciplinary patient triaging and how looking at patients as a whole, rather than a system of discrete systems, helps them to make the right decisions.

I have previously written about how much the Mayo Clinic impacted my life through my experience and time there. In that article I discussed their approach to multi-disciplinary patient triaging and how looking at patients as a whole, rather than a system of discrete systems, helps them to make the right decisions. This same mindset can be applied to software and design to build great products. 

Another favorite takeaway, however, was Mayo’s Research Team’s mantra of Think Big, Start Small, Move Fast. It is a powerful concept that has enabled the Mayo Clinic to stay ahead, advancing medicine since the mid 1800s. This concept has also helped to advance the product development and cybersecurity domains as well. 

There are books written about this, so I won’t get into the weeds of what the Mayo research teams do, however I will explore how we have adapted this in various ways. First off, like so many “mantras”, this is not prescriptive and is not a strict recipe for success. Instead, by following the general guidance that having a larger goal in mind, distilling it down and executing iteratively, you will arrive at your destination more efficiently.  

Think Big

Thinking big focuses our product development team on defining the widest possible application for a service, feature, or design pattern so we can create the opportunity for force-multiplication. This increases the possibility that we’ll build something that can be reused. A good example of this is the way we deploy software. Normalizing the approach to software containerization and deployment allows us to leverage security patching across the board, without wasting valuable security resources chasing independent code stacks.

Likewise, for our threat intelligence products, we look to collect, enrich and position supporting data in such a way that as many products and services can leverage it as possible. An example of this is utilizing security frameworks to describe intelligence in a common way that allows sharing of behavioral information, as well as tactical indicators, that can be quickly acted upon across all our products. 

Start Small

Starting small is a real challenge, because it really means starting small again and again and to do it well, it takes time and energy.  It’s much like Mark Twain’s comment about not having the time to write a short note, so he wrote a long one. With the big goal in mind, it takes real effort to break the problem down to workable chunks while at respecting the overall goal at the same time. This process is iterative, and where discipline and commitment to design patterns and architecture become critical.  

Trying to boil the ocean by chasing every vulnerability can be daunting for cybersecurity companies or companies deploying cyber solutions. Instead, eat the elephant one bite at a time.  Prioritization becomes critical for these discissions, and a solid framework for how you make prioritization decisions is key to this. For us, we use a tool that takes parameters for a given product that we value in our decision-making, weighs them, and spits out a number that indicates how important this feature is. We then use that information as a starting point for discussion. It takes the subjectivity out of the initial prioritization and focuses the discussion on the most salient things we want to get done.

Move Fast

When you teach your teenager to drive, an important lesson is teaching them what they should be looking at. If they are focused on the road directly in front of the car, things move very quickly, and the ability to react is reduced. Looking up allows them to better anticipate things; where to break, where a curve’s apex is, etc. Moving fast is directly connected to moving smoothly and keeping your eyes as far down the road as possible enables that.

Our teams, whether you are on software development, intelligence teams or professional services, strive to speed up whatever we’re doing. Performance-driven metrics are one way to look at this, but you need to be careful with them. Misplaced metrics, much like looking at the road just beyond the hood, creates the illusion of speed. We seek to move smoothly relative to the bigger picture and speed up as we become better at what we’re doing. The metrics we are shooting for are not myopic. If we spend an extra week in delivering the first revision of a service within a product, but reduce the release time by three days in three other products, we’re gaining ground.  

The iterative approach of thinking big, starting small and moving fast can keep a large medical institution at the forefront of advancements in patient care, and it can also help you navigate through the daunting task of increasing the security of your enterprise. Just make sure you take it one bite at a time and keep your eyes on the road ahead.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

CISO Conversations

SecurityWeek speaks with two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier.