Ross was a Director of IT that moved up through the ranks over several years at the engineering company. Having a strong technical background, he was a working manager with a small technical team reporting to him.

As the company expanded into new markets, the demands on the IT department continued to grow faster than his staff and budget. Another side effect of the business expansion was changes in management structures and approval processes. Ross went from reporting to the CEO to reporting to the recently hired CFO.

The CFO implemented new budgeting and requisition processes to reduce IT spending. These changes forced Ross to defend his plans and purchase decisions. In doing so, he doubled down on impressing the CFO with his technical knowledge. Ross did not understand why the CFO would become disinterested during their meetings.

Within a few months, the CFO began to reschedule their meetings. Ross continued sending spam, DNS, and firewall reports without any degree of gratitude from the CFO.

Weeks and months passed, so Ross was growing impatient and overly frustrated. He never had all these problems with the CEO, so why would he have such issues with the CFO? Ross continued to voice concerns that projects needed approval, but the CFO only signed off on the bare essentials to support new hires and to keep the lights on.

Loss Event One:

A failed Windows patch caused production downtime for the geographic information system (GIS) server. They were able to recover later the next day, but Ross did not feel that the CFO understood how a single failed update could cause such disruption.

Loss Event Two:

A market VP had their laptop stolen. The loss of a device is bad enough, without the fact that several important files were created on the laptop. The VP needed access to these files for an upcoming client meeting, so the sense of urgency was directed to Ross from the VP and from the CFO.

After scrabbling to locate the files, it was discovered that there were no backups of the files stored on the laptop. This did not go over well and it did not view favorably for Ross and his team.

 How will misunderstanding and inaction cause future downtime events?

Loss Event Three:

It was the July Independence Day weekend that should be filled with family, friends, and fun. It was Saturday morning and one engineer stopped by the office to knock out a few hours of work. At some point that morning, the engineer’s files became encrypted and inaccessible. In a panic, the engineer started calling and leaving voicemails for everyone in IT.

Normally, IT response time would not be an issue, but most of the team took extra vacation days to enjoy a longer weekend. Adding to the complications, Ross was also out of town with his family.

Later that day, a helpdesk person arrived at the office to discover the system was down. Every computer and laptop that was left powered on has ransomware. Yes, every server has ransomware. Not knowing what to do, the helpdesk person kept trying to contact Ross. At some point Saturday evening, Ross reviewed a string of text and voicemail messages.

Ross evaluated the options after speaking with the helpdesk person and the CFO. Ross determined that he needed to return home. After rounding up his wife and kids, they agreed to cut their weekend plans short and started the four-hour drive home. Ross was nervous about losing his job.

Recovery Progress:

Recovery was slow and stressful. Ross had to communicate progress status two or three times a day, seven days a week. After several weeks, the servers were online and the rebuild of PCs and laptops continued. Everyone was supportive of the recovery efforts as the CFO approved security improvements and other requested changes. Ross was proud of the job he and his team performed, with some outside help. Maybe everything will be ok.

Status Update:

It was a Thursday afternoon in late September, when Ross arrived for his planned meeting with the CFO. As he rounded the corner, he noticed the CEO and HR manager sitting at the table. His mind raced as he closed the door and took a seat.

The CEO started the conversation by thanking him for the many hours he devoted to the recovery efforts. The CEO also thanked him for his many years of service to the company. Ross felt good receiving that acknowledgement.

Then the CEO communicated that he had lost confidence in Ross running the IT department. The CFO affirmed that belief, and that change was needed. If we would have understood our risk, we could have prevented the damage to the company. For that reason, we are letting you go.

Stunned in the moment, Ross couldn’t think of any questions to ask. They asked him to consider helping the IT Manager transition into the Director role as part of his severance package.


Ross was proud and losing his job forced him to think through this experience. Initially it was how could they, they never listened to me, and they are going to regret letting me go.

As the heat from anger cooled, there was room to consider what Ross could have done differently. Initially Ross advocated the need to send technical reports to demonstrate business needs and IT progress. As we discussed the loss events and started placing dollar values to the scenarios, Ross began to see how talking about dollars instead of phishing emails, spam, and blocked attacks would be more meaningful to non-technical business people.

If only given the chance to reach Ross sooner, how would the events change?

Course Correction:

Are you pursing the same path that Ross traveled?

If you are not focused on communicating and tracking how you use resources to support the future performance of the company, you are missing a great opportunity. Decision makers within companies have conflicting beliefs about financial priorities. Your responsibility is to collaborate with stakeholders so they can consider risk and reward for better financial decisions.

 How do you prioritize uncertainty and consequences?

The Awakening Within IT Closing:

SPOT-Beam Contain provides a process for business and technical leadership to recognize and isolate probable contingent liabilities to reduce the cost and duration of future loss events.

You know that events force action. Your future is created in the decisions you make. Would you rather expand on success or contract on failure?

Contain Introduction:

Problems are easier to solve when they are under your control and you take responsibility to solve them. The issue is that security weaknesses will cause future business disruption events, but you have limited influence over priorities and funding to address the exposures.

How do you solve problems when you are not in control? The energy expended and time wasted cannot be recovered, yet you are on the hook. This is a common IT leadership struggle.

You cannot walk away from the frustrations, because you are responsible. You are expected to keep systems online and secure. It takes one exploited weakness to compromise the company and your reputation.

Numerous IT services companies want your executives to outsource IT management. If you do not communicate the business impact of current security weaknesses, future loss events could also include finding a new job.

We don’t just care about helping you limit the cost and duration of future loss events. We want to see you succeed by communicating the financial impact of potential cybersecurity incidents.

Having witnessed this problem numerous times, we created a process that brings internal stakeholders together to discuss and document the business impact of future loss event scenarios.

If you don’t try to fix this communication and knowledge problem, who will?

You must make it yours to solve, or we cannot help you. SPOT-Beam Contain provides the methods to effectively communicate a wide range of circumstances and deliver value.

Pivotal Next Steps

Would you rather expand on success or contract on failure?

You can gain respect as you have a larger positive impact on the business, if you are open to a different approach.

The alternative is to struggle looking for a fix as one significant business disruption event causes regret and changes your future.

To learn more about steps toward success visit SPOT-Beam Contain, or to begin evaluating the cost benefit, visit the Shop.

As a proud supporter of American companies, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for companies throughout the United States.

Problem discussions can be a defining moment in your career. If you are interested in value creation, learn about SPOT-Beam™ by Certitude Security®. We look forward to helping you and your business succeed!