Saturday, September 26, 2015

Teachability - a Significant Soft Skill for Leaders

"If You Want to Learn, Be Teachable" -- By John C. Maxwell

There is an old saying that “you can't teach an old dog new tricks,” but the concept called “teachability” remains a key component for ensuring that the professionals of all walks are successful in their pursuit. This is all the more important in the IT because the "Change" here happens at a faster pace and those being teachable get better in their career towards becoming a leader.

Today's educational methods and curriculum are designed with a basic assumption that the students are teachabile. But when teachers find few students who lack this skill, they get into frustration. This makes the gap between teaching and teachability widening. The teachability factor should form part of the early school curriculum, so that it pays the fruits as the student pass through the further stages of education. 

Today's kids are smarter and they are born with Smart gadgets and devices and they handle these devices far better than their grandfathers. But this smartness does not mean that they are teachable. Being teachable is closely related to adaptability and being Curious. To be teachable, one has to be: quick to learn and observe; take direction, advice, correction when you make a mistake, etc.; and learn from all of those. Both parents and the teachers should be trained to improve these teachability traits of the students right from the childhood.

The character of Teachability has two aspects to it; one is being a learner and the other is to pass it on, to share insights and what we have learned with others. It is first being a learner, absorbing and applying what one has come through, then replicating that in others. To be a person who can teach we have to be a person who is teachable. Being teachable is a choice. We choose whether we are open or closed to new ideas, new experiences, others’ ideas, people’s feedback, and willingness to change. The key to teachability is not just that we try ideas on for size, but that we actually learn from others and change our point of view, process, and future decision making based on the what we have learned.

We all know that "Change is the only Constant thing" and the change is happening every where. For IT, the change happens in a faster pace. Newer tools and technologies emerge quite faster, needing the IT professionals on the run to learn things continuously. One of the important characteristic required to adapt change is being Teachable. Today’s competitive advantage goes to those who can learn and adapt faster, which are the important traits of being teachable. 

The work and decision making enviornment is different across work places. One should be willing to adapt and learn to these changing enviornment and circumstances and simply put be teachable.

Here are the important traits of Teachability:

Conducive to Learning - Approach each day as an opportunity for new learning experience. Have open minded and listen to people. There is a certain learning opportunity from every person you meet. Teachable persons remain alert for new ideas and always expect something to learn in every problem they face. They know that success has less to do with possessing natural talent and more to do with choosing to learn.

Be a Beginner for ever - When people are actually beginners, they have the mind set to be trained and learn. But as we all know, once they get better in the subject and reap more and more successes, they tend to get carried away and get to a state of closed minded. To be teachable, one has to stay in the beginner's mind-set for ever. The more success you have, the harder it is to maintain the beginner's mind-set because you are much more likely to think you know the answer and have less to learn. Believing in and practicing the following will help one to keep the beginners' mind-set: everyone has something to teach me; every day I have something to learn; and every time I learn something, I benefit.

Reflect and Change -Becoming and remaining teachable requires people to honestly and openly reflect and evaluate themselves continuously. Any time you face a challenge, loss, or problem, one of the first things you need to ask yourself is, “Am I the cause?” If the answer is yes, then you need to be ready to make changes. Recognizing your own part in your failings, no matter how painful, and working hard to correct your mistakes, leads to the ability to change, grow, and move forward in life.

Inter-Personal Skill - Inter-Personal skill will help nurture the art of learning from perople around. Be open minded and freely speaking to those around you to openly, yet honestly share the facts of not only work but also personal life. This will help strengthen the relationship, being approachable with those around and thus help get honest feedback. This will also make them courageous and honest enough to speak freely. Be willing to accept such feedback and criticism.

Learn Unto Death - The secret to any person’s success can be found in his or her daily agenda. People grow and improve, not by huge leaps and bounds, but by small, incremental changes. Teachable people try to leverage this truth by learning something new every day. A single day is enough to make us a little larger or a little smaller. Several single days strung together will make us a lot larger or a lot smaller. If we do that every day, day upon day, there is great power for change.

Non-Defensive - After you receive any form of constructive criticism, think about it and decide how you will act differently in the future. Don't get defensive when called out. Instead, learn from it and improve, so you don't make the same mistake again. Many of these lessons will come from the school of hard knocks. A teachable person is non-defensive. When they are wrong they quickly admit their wrongdoing and seek to learn how to be better next time. A teachable person allows others to speak truths learned from experience into their lives. A teachable person does not make unilateral decisions but seeks wisdom and knowledge from multiple people.

As you would have observed, Teachability requires certain soft skills, which are not easy to acquire. Though this is not to "born-with" skill, one can put in efforts to become teachable. Most of the organizations today are considering soft skills as most valuable than the hard skills, because, hard skills can be acquired on the job, but soft skills are not as easy to acquire. Thougn many of the recruiters are looking for Teachability as a soft skill, they are certainly looking for the traits that form part of Teachability. Like for instance, for most of the recruiters, the above mentioned traits figure in their evaluation checklist.

John C Maxwell suggests the following to pursue Teachability:

Learn to Listen - As the old saying goes, “There’s a reason you have one mouth and two ears.” Listen to others and remain humble, and you will learn things that can help you expand your talent.

Understand the Learning Process - Act, Reflect, Improve and Repeat

Look for and Plan Teachable Moments - By reading books, visiting places that inspire you, attending events that prompt you to pursue change, and spending time with people who stretch you and expose you to new experiences.

Make your teachable moments count - Pay attention to:
  • Points they need to think about
  • Changes they need to make
  • Lessons they need to apply
  • Information that they need to share
Ask yourself, “Am I really teachable?” - Ask yourself the following questions:

  • Am I open to other people’s ideas?
  • Do I listen more than I talk?
  • Am I open to changing my opinion based on new information?
  • Do I readily admit when I am wrong?
  • Do I observe before acting on a situation?
  • Do I ask questions?
  • Am I willing to ask a question that will expose my ignorance?
  • Am I open to doing things in a way I haven’t done before?
  • Am I willing to ask for directions?
  • Do I act defensive when criticized, or do I listen openly for truth?
A "no" to one or more questions above would mean that you have something to work on.

Saturday, August 15, 2015

The Promise and Peril of IoT

The Internet of Things can be defined as below:
The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected.

As we can see today, there are many things that we use in our daily livelihood are becoming smarter as they have embedded sensors and related electronics and algorithms, so thay they collect data in real time and convert the same into useful information. The most common smart things that we see now range from tracking devices, cars, refridgerators, security cameras, ovens and even dustbins. The Healthcare industry is leading in adopting the IoT devices and we have devices which are worn under the skin, that on the positive side help address many of the health concerns.

The IoT ecosystem primarily has three things: the device itself, with necessary sensors to collect data; the network that the devices use to share the data with the back end systems; and the back end system which apart from applying various analytical and algorithmic processes on the collected data also manages the devices, like rolling out updates, patches, etc. Certain devices may not have the ability to connect to the internet, in which case, the devices reach out to the back end through intermediate broker devices, like smart phones.

IoT is here to Stay

More and more IoT devices are coming out and will soon be everywhere and experts predict that the number can grow to 50 billion by year 2020. The IoT will undoubtedly be beneficial, but not without any perils. The pervasive interconnectedness of the IoT devices will also help the businesses in better understanding customer behavior and adopt appropriate business and marketing strategies targeting the specific customers. While the businesses like healthcare service provicers may make the most out of this IoT push, it poses many concerns ranging from data security to life safety of those who either directly or indirectly use such devices.

As the benefits seem to outweigh the drawbacks, it is very likely that IoT is here to stay and the concerns have to be addressed as it matures in the coming years. Let us examine the Promises that IoT era is about to bring in and also the Perils that come along.

The Promise


As mentioned earlier, healthcare providers are among the earliest to adopt the IoT. The wider deployment of electronic medical records (EMRs) and deployment of telemedicine technology that relies heavily on the type of remote data collection needed IoT to take it further and this convergence is expected to fuel the growth of IoT. With IoT, patients can submit their vitals from home without having to personally visit their physician and thus experiencing an enhanced and timely care, which could be life saving many times. This also helps in healthcare providers innovate further and come up with preventive care plans. Typical IoT devices that we see now are the fitness trackers, smart watches and other wearable devices like smart shoes.


Next to Healthcare, Automobiles makers have shown greater interest in leveraging the IoT and thus the cars are becoming smart with capabilities like driverless cars, parking assist, switching on the A/c remotely, etc. IoT, if not already, will enrich the in car experience of the driver and passengers. The applications include enhanced in-car infotainment, improved safety controls and improved remote maintenance. For example, the car tyres are getting smarter with the ability to notify the tyre pressure in real time and even extend it further to automatically inflate or deflate the tyre on the go. The cars rolling out today already have some level of smartness built in, giving an enhanced safety and driving experience.


The IoT brings revolutionary changes to society, economy, and technology, in such a manner that no one can just ignore to leverage it for its benefits. Manufacturing companies for that matter are seriously working to leverage IoT to: gain enhanced visibility over the production process; link the production to the business processes; and build responsive monitoring processes that improves the efficiency and quality of the products and services. Application of IoT in the above areas will lead to significants benefits like, securing and monitoring the movement of goods within and outside the factory, improving the quality of the products, preventive maintenance and upkeep of the plant & machinery, etc. When implemented correctly in every stage of the manufacturing process, IoT will be a significant benefit to employees on the manufacturing floor to the shippers and finally to the customer.


Retail industry would not want to be left out in this race of adopting the IoT as it has the biggest potential to leverage for a better business results. Being in direct contact with the end consumers, retailers can make use of in-store sensors and can track smartphones throughout the store and record path-to-purchase data that can later be used to optimize store layouts. Check out process can be made easier with smart shopping bags, so that the moment an item is dropped into the bag, the same is added to the order making the billing process a lot easier. IoT is likely to be very useful in fraud prevention, like theft of inventory, etc. Early adopters will be positioned to more quickly deliver IoT-enabled capabilities that can increase revenue, reduce costs and drive a differentiated brand experience. The IoT will be a disruptive force in retail operations.

Other Benefits

Energy sector is adopting IoT with smart meters and grids to gather real-time data for remote monitoring of resource consumption, malfunctions, etc. Needless to mention, IoT enables buidling of smarter homes with smart-connected home appliances and thermostats giving an ability to the users to remotely monitor and manage. IoT is also entering our homes in the form of internet-connected lightbulb, thermostat, door lock, washing machine or oven you can control from inside or outside your house.  IoT has the power of transforming our lives by offering the needed sensing, connectivity and intelligennce to improve our wellbeing. 

Having seen the some of the promises, some of which are already real, let us now check out the dangers that come along.

The Perils
With IoT devices, consumers are often exposed to newer risks and concerns that these new generation devices and gadgets bring in. The concerns include their own safety, possible effects on networks used apart from the data protection and legal issues.

Another concern for the businesses is the amount of data produced by all IoT devices. The enormous data produced by various sensors must be transmitted over the networks, needing high performance networks and stored calling for the storage and related infrastructure. The volume of data managed by enterprises between 2015 and 2020 is expected to grow 50 times year-over-year. The concern is not just on the volume, but also on the quality and security of the data. The legal issues around the data ownership, accountability and responsibility cannot be ruled out as well.

Security & Privacy

IT professionals are no longer just protecting data, circuits, and transmissions, but need to focus on the relationships between “things”, “service to things” and “things to people.” Safety must be ensured along with availability, confidentiality and integrity. IoT devices might expose vlunerabilities, exposing an easy way for hackers to get into networks and databases of personal data. While manufacturers are responsible for the security of their products, organizations and end users are equally responsible deploying and monoitoring within their network. 

The ways and means of securing IoT is unclear as the industry is still evolving with thousands of start ups coming with cheaper and basic connected devices, ignoring security and safety in mind. The concerns around security and privacy stems out basically at three levels. The first being from the device itself. The device containing sensors to gather data and to perform certain actions should have a mechanism securely identify and authenticate the host system, so that it respond to the authorized hosts only and not to any. The second being the network used for sending and receiving data. Most of the IoT devices use the wireless protocols like bluetooth, to reach out to an intermediate device for further connectivity with internet. Securing these networks is very important as well to ensure data protection. The third is the Back End, where the huge volume of data gathered are stored for making it into more meaningful information for further actions.

The Internet of Things can be a complex market with multiple nodes, and businesses should aim to simplify this process. There’s no better way to assure a customer of the simplicity and security, than communicating regularly. It might seem like a rudimentary thing to do, but the true test of a successful business is to ensure that there’s a process in place amidst all that clutter. 

Other Concerns

Today's connected cars contain a multitude of computers collecting data, from driving habits to location data to media or entertainment use. With connectivity, data collected by the vehicle’s computers are sent to a manufacturer or third-party and data is received as well in the form of command & control or as updates to the programs & algortihms. In addition to privacy concerns, these technologies potentially allow hackers to remotely access a vehicle’s control systems and thus impact the safety of the human life

The consumer behavior is being used to the advantage of the retailers. For example, your trousers might get horrified by your weight gain and in turn will have the TV showing contextual ads about new fad diets, the fridge selling you low-fat yogurt, etc.

By getting smarter, the things get expensive with a shorter life span. For instance, your mattress may not need replacing every couple of years, but the smart mattress with a sensor inside may need a maintenance and replacement sooner than that. For cheaper connected devices like the kettle, toaster, waist belt, light switches and door knobs; expect replacement of these components to become a new, regular expense.
The current generation kids are born with smart devices on hand and are extremely addicted to digital gadgets and the smartphone notifications keep them busy staying away from in-person socilaization, leading up for a complete digital burn-out. 

Friday, June 19, 2015

Information Security - Reducing Complexity

Change is constant and we are seeing that everything around us are evolving. Primarily, the evolution is happening on the following categories:


There is a drastic change in the threat landscape between now and the 1980s or even 1990s. Between 1980 and 2000, a good anti-virus and firewall solution was considered well enough for an organization. But now those are not just enough and the hackers are using sophisticated tools, technology and sills to attack the organizations. The motive behind hacking has also evolved and in that front, we see that hacking, though illegal is a commercially viable profession or business. 


With the pace at which the Threat landscape is evolving, governments have reasons to be concerned much as they are increasingly leveraging the technology to better serve the citizens and thus giving room for an increased security risk. To combat such challenges, Governments have come up with regulatory compliance requirements making it even complex for the CSOs of enterprises.


Technology is evolving at a much faster pace and as we are experiencing, we are seeing that the things around us are getting smarter with the ability to connect and communicate to internet. On the other side, considerable progress have been achieved in the Artificial Intelligence, Machine Learning, etc. These newer ‘smarter things’ are adding up to the complexity as the CSOs of the have to handle the threats that these bring on to the surface.

Needless to mention that the hackers too make the best use of the technology evolution and thus improving their attack capabilities day by day.

Business Needs:

The driver of adoption of these evolution is the business need. As businesses want to stay ahead of the competition, they leverage the evolving technologies and surge ahead of the competition. With a shorter time to market, all departments, including the security organization should be capable of accepting and implementing such changes at faster pace. Due to this time pressure, there is a tendency to look for easier and quicker ways to implement changes ignoring the best practices.


IT today is to simplify things to the consumers within and outside the organization and this raises the user expectation and thus leading to too many changes with some being unrealistic as well. This may include the users bringing their own anything (BYOA). This will soon include Bring Your Own Identity with chips implanted under the skin. As you would know, employees who work at the new high tech office campus in Sweden, EpiCenter can wave their hands to open doors, with an RFID chip implanted under the skin.

Connected world

Most enterprises are now connected with their business partners in terms for exchanging business data. With this the IT System perimeter extends to that of the partners’ as well to some extent. Rules and polices had to be relaxed to support such connected systems. Now that we are looking at things that we use every day will transform as connected things, adding up to the complexity.

Big data

Basically the need for big data tools to handle this. While this complexity did exist earlier, the attacks were not that sophisticated then. Today with the level of sophistication on the attack surface, the need for simplifying complexity of handling huge data is very much required.


The threat landscape is widening and the attacks are getting sophisticated, which call for even better tools and technologies to be used to prevent or counter them. This means that there is a continuous change in the method, approach, tools and technology used, making it difficult to maintain and manage the skills of the human resources.

Application Eco System

A midsized organization will have hundreds of applications, needing to have different exceptions to the policies and rules. These applications may in turn use third party components and thus the chances of a vulnerability within these applications is very high. Given that these applications constantly undergo change and evolve, there is a possibility that the code or component left behind might expose a vulnerability.

How does this impact

Complexity impacts the security capability in many ways and the following are some:

Accuracy in Detection

The complexity makes the detection of a compromise difficult. Having to handle and correlating large volume of logs from different devices and that too different vendors will always be a challenge and this makes timely and accurate detection a remote possibility. A successful counter measure require accurate detection in the pre-infection or atleast in the infection stage. The later it is detected, it is complex to counter the same.


Each new security technology requires people to properly deploy, operate and maintain it. But it is difficult to add new heads to the Security Organization as and when a new tool or technology is considered. Similarly, managing the legacy solutions put in by older employees who are no longer employed in the organizaiton is likely to remain untouched due to the fear of breaking certain things.

Vulnerabilities and Exposures

With the huge number of applications used by the enterprise, this is a complex and huge exercise, unless the same is integrated into the build and delivery process by mandating a security vulnerability assessment. With innumerable number of applications, components, and the operating systems connecting to the enterprise network, this is almost impossible. Needless to mention that with the wearables and other smarter things connection to the network, who knows, what vulnerability exist in such smarter things and in turn exploited by hackers.

Methods for reducing complexity

Complexity is certainly bad and reducing complexity will beneficial both in terms of cost and otherwise. However, simplification by any means should not result in compromising the needed detection and protection abilities. A balanced approach is necessary so that the risk, cost and complexity are well balanced and beneficial to the organization. The following are some of the methods that may help reduce the complexity:

  • Integrated processes as against isolated security processes. Every Business process should have the security related processes integrated within, so that every person in the organization will by default contribute towards security. The security process framework shall be designed in such a manner that it evolves over a period based on experience and feedback.
  • Practicing Agile approach within the security organization, so that the complexity is hidden within tools and appliances by automating the same. Agile approach also helps the security organization to embrace changes faster, especially, when implementing changes in response to a detected threat or compromise. One has to carefully adopt such practices into the Security framework.
  • Outsourcing the security operations to Managed Security Service Providers(MSSP) is certainly an option for small and medium enterprises that brings takes some of the complexity away and thus benefits the organization. Needless to mention here that outsourcing does not absolve the responsibility of the security organization from any security incident or breach.
  • “Shrinking the Rack” – Consolidating technologies whereby devices combining multiple technology and capability within it may make it easier for deployment and administration. At the same time this has the risk of ‘having all eggs in one basket’, i.e. when such a device or solution is hacked, then it is far and wide open for the hackers.
  • Mandating periodical code, component and process refactoring, where by unneeded legacy code, component and process are periodically reviewed and removed from the system. This will help keeping the applications maintainable and secure. Also implant security as a culture amongst all the employees, so that they handle security indicators responsibly.