Lately I’ve been dealing with a lot of ransomware cases. And often our team runs into issues with the IT staff from the victim organization.
33
260
56
1,306
How do you think management can help overcome that?
3
4
Replying to @sebasvasquezs
From the top down, management needs to be clear—in both word and deed—that they are looking for solutions and not scapegoats. Once blame conversations start happening, everybody retreats to their personal foxholes and things start going sideways.

Jul 18, 2021 · 9:54 PM UTC

10
16
3
194
So basically the same approach the NTSB and similar organizations use for air crash investigations?
1
Yup, a culture of fixing what went wrong, not who screwed up. This includes the IT people with their customers incidentally- users who think they’ll be made to feel stupid or criticised by IT won’t call in issues early enough.
Importantly, they need to do this for years, and for all types of incident. If people see someone get fired over a typo which caused an outage, they will absolutely expect the same to happen over ransomware. Reputations: years to build, seconds to destroy.
4
Good managers create a learning culture where problems are analysed and solutions found that can be worked on as a team. Blame and punishment might work short term but are corrosive and stifle creativity and loyalty.
1
Yes so well said, Hal, and this approach helps stop toxicity levels from escalating, saving relationships and overall morale 🔥
1
At least three or four orgs I’ve worked for were too toxic to be salvaged by this approach. But it would help a lot everywhere else and I don’t think it would ever hurt.
9
Replying to @hal_pomeranz
Ayer Hal hablaba de los problemas que encuentra cuando atiende ataques de ransomware. Me parecen muy sensatas las recomendaciones que hace para la gerencia que contrata a un proveedor de gestión de incidentes de ransomware
1
1
Cmon we all know there will be a scapegoat. It's been that way since late 80's and early 90's. Management will address the team, soc will address the team members.