Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

What a Departure Email Can Teach Us About Security

When someone leaves their job to pursue other opportunities, we often receive an email about their departure. Many times, the departure email praises the person who has given notice. This would seem to be a courteous tradition when someone leaves.

When someone leaves their job to pursue other opportunities, we often receive an email about their departure. Many times, the departure email praises the person who has given notice. This would seem to be a courteous tradition when someone leaves.

If an organization has attrition under control, people don’t leave all that often. Regardless of how often someone resigns, departure emails do bring to light a common problem in our field.  Of course, it is kind to send someone off with praise and wish them well. There is, however, another side to departure emails that many of us don’t consider.

How often do we see emails praising people who have chosen to stay with the team?  How often do those people who continue to work hard and go above and beyond for the organization receive praise (via email or otherwise)?  If we only praise people when they leave, how exactly do we plan to motivate people or encourage them to stay?

On this topic, I’d like to offer five ways in which praise can improve an organization’s security posture:

1. Morale: Management, even when well-intentioned, can sometimes create an environment of negativity without realizing it. Seeing that a mistake has been made or will soon be made is an important part of being a manager. In those instances, the manager has an obligation to point out the issue respectfully and professionally, and then assign one or more people to the task of correcting it. So what is the problem here you ask?  Think about it from the perspective of the employee.  If managers only point out work that needs correcting and don’t make the effort to point out the positive, all the employees hear about from management is that they’ve made mistakes or that their work needs course correcting. Without positivity and praise to go along with the constructive criticism, the employees can wind up feeling like management isn’t happy with them or that their contributions aren’t being noticed. That isn’t a great state to be in, though the good news is that it is easily corrected with a few compliments.

2. Retention: According to various different studies, an employee’s manager is the number one contributing factor to whether they stay or go.  Granted, there are many elements influencing an employee’s decision around whether or not to resign. Nonetheless, the manager is one of the most central and important factors. As such, a few kind, warm, and sincere words that notice the employee and the employee’s contributions go a long way towards helping retain quality employees.  Managers that take the time to notice and comment on good work, get to know their employees, learn about their families and friends, discuss issues that are important to them, listen to what they do and do not enjoy about the work environment, and other points generally have a much better retention record than those that do not.

3. Motivation: Picture someone that you like and care deeply about. If they asked you to drop everything and help you run an errand, do a chore, or move a sofa, would you do it? Now picture someone that you don’t particularly care for. Would you help them? Regardless of how you answered these questions, I think you understand my point. Most employees are quite happy to work hard for and go above and beyond for managers that they believe truly care about and look out for them. If, as a manager, you care about your employees, it will help with productivity. Be careful to be sincere about it though – many employees can see right through fakeness, and it often backfires.

4. Trust: As security professionals, we are well aware of the fact that security is a profession built on trust. Whether it is trust that bonds the team, trust that helps us engage stakeholders within the business to better secure it, trust that helps convince leadership that we are appropriately protecting the enterprise, trust that helps us maintain the approval of customers and partners, or otherwise, our success as security professionals depends on it.  Have we ever taken a step back, however, and thought about the different elements that go into building trust?  There are many, though praise is an important one.  If those we work with understand that we appreciate them and their efforts, it goes a long way towards building trust and buy-in.

Advertisement. Scroll to continue reading.

5. Development: If you weren’t already aware of the importance of praise in security, perhaps you are now. But are you aware that praise also benefits us and our careers as security professionals? Learning to praise others sincerely is great for one’s career. When we remember to praise people and efforts we are proud of and happy with, people notice. They begin to think of us as happier, more positive, and yes, more capable people. It is not hard to see how this can very easily translate into a very good thing for our respective careers.

How often do we make sure to praise people’s actions that we like?  How often do we take the time to let our co-workers know that we appreciate their work and their contributions? If we did so more often, we might hear of their departures less.

Written By

Joshua Goldfarb (Twitter: @ananalytical) is currently Field CISO at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.