All posts by Ray Hennessey

The Most Dangerous Stakeholder

dangerous_stakeholder

When we talk about project stakeholders, we often focus on the usual suspects: clients, team members, investors, and even regulatory bodies. We meticulously map out their needs, expectations, and impact on the project. But what about the stakeholder you haven’t identified? The one lurking in the shadows, unbeknownst to you? This is the most dangerous stakeholder of all.

Why Are Unidentified Stakeholders Dangerous?

  1. Unplanned Disruptions:
    • Stakeholders you are unaware of can introduce unexpected variables into your project, causing delays or even derailing it entirely.
  2. Missed Opportunities:
    • These stakeholders might have valuable insights or resources that could benefit the project, but you will never know if you don’t identify them.
  3. Reputational Risk:
    • Failing to meet the needs of an unknown stakeholder can result in negative feedback, affecting your project and professional reputation.

How to Identify Hidden Stakeholders

  1. Conduct a Thorough Stakeholder Analysis:
    • Go beyond the obvious and think about peripheral players who might be affected by the project.
    • This could include departments within your organization, community members, or even future users of the product.
  2. Engage in Open Communication:
    • Create channels for open dialogue within and outside your team. Sometimes, team members are aware of stakeholders that you haven’t considered.
  3. Regularly Update Your Stakeholder Map:
    • Stakeholder identification isn’t a one-time activity. As your project evolves, new stakeholders may emerge.

Mitigating the Risks

  1. Inclusive Planning:
    • Once identified, involve these stakeholders in the planning and decision-making processes.
  2. Feedback Loops:
    • Establish mechanisms for continuous feedback from all stakeholders, known and unknown.
  3. Transparency:
    • Keep all stakeholders informed about project progress, challenges, and changes. This can preemptively address concerns and mitigate risks.

Final Thoughts

The most dangerous stakeholder is the one you don’t even know you have. Ignorance is not bliss in project management; it’s a ticking time bomb. By proactively identifying and managing all stakeholders, you not only mitigate risks but also open the door to new opportunities for project success.

Have you ever encountered a stakeholder you weren’t aware of? How did you handle it?

#ProjectManagement #StakeholderManagement #RiskManagement #Leadership #Communication

ISO 27001—A Commitment to Security and Trust

Why ISO 27001 is Crucial for Crypto Firms 

I have been speaking recently with colleagues and industry leaders about ISO 27001 certification, and there are perceptions that need to be dispelled.

This exercise is not simply ticking a box or earning a shiny badge. The effort involves institutionalizing best practices to safeguard your organization and its stakeholders. It’s more than just a badge; it’s a commitment to security and trust.

What ISO 27001 Truly Represents

The process is rigorous and not for the faint-hearted. ISO 27001:2013 requires the adherence to 114 separate security controls across 14 domains (ISO 27001:2022 optimizes these into 93 controls across 4 themes). These controls are not arbitrary; each has been identified as a best practice in information security. To earn and retain this certification, organizations must demonstrate continuous compliance through periodic audits by independent auditors.

The Real Focus: Protecting What Matters

As technology leaders, our goal is broader than securing a piece of paper. We strive to build a security infrastructure that protects our client base, firm, and overall business success. By adhering to ISO 27001, we are signaling our unwavering commitment to information security and trustworthiness. The certification could be considered incidental – the controls are the secret sauce.

Why Crypto Firms Can’t Afford to Ignore This

In the crypto sector, where security is not just a luxury but a necessity, ISO 27001 will set your company apart. The certification serves as a critical differentiator in a crowded marketplace with firms that may or may not take security seriously.

Who Would You Trust?

Would you rather entrust your assets and data to a firm that has voluntarily subjected itself to rigorous security protocols or to a firm that doesn’t even understand what ISO 27001 entails?

Many of us have heard about the SEC’s complaints about crypto firms being akin to “the Wild West” and “lacking in basic investor protection“, so maybe it’s time to go at least some way to disprove these beliefs.

Join Us in this Worthwhile Endeavor

If your organization is on the path to ISO 27001 certification, please continue championing this initiative. If you are starting to explore the option, numerous experts are available to guide you through this indispensable process. I am currently in my third certification prep and can vouch for its potency.

In summary, ISO 27001 isn’t merely about certification; it’s a steadfast commitment to your organization’s and clients’ security.

Feel free to reach out if you want to discuss this more. Let’s make the crypto ecosystem more secure, one certification at a time.

Related post: ISO 27001: Navigating Regulatory Compliance and Global Business Growth

Photo: Courtesy of Google Images

#ISO27001 #Cybersecurity #CryptoSecurity #Leadership #Trust #Compliance

Ending the Week on a High Note

Cheers!

I need to take a minute to share the magic of wrapping up what feels like a “permanent Monday morning” kind of week with the pure joy that is a Friday after-work get-together. You know the kind of week I’m talking about—meetings, deadlines, mind-boggling problems, and an endless list of to-dos. Well, just when you think you’ve hit your limit, the universe comes through with the gift of Friday night! And it’s always just in time…

The Power of a Couple of Beers

Imagine the scene: We clock off work, leave our desks behind, and head over to the nearby pub. No agenda. No serious business talk. Just a couple of beers, some well-earned laughter, and the collective exhale we’ve all been holding in since Monday. It is wonderful and I love it.

Connection Over Competition


What I like most about these Friday get-togethers is the camaraderie. It’s the little things—sharing a joke, discussing weekend plans, or even admitting how that one project nearly had us considering a “Peter Pan” moment (a collective leap from the nearest tall building)—that engenders a sense of community. In these moments, we’re not just colleagues; we’re comrades in the battlefield of the work week.

Why It’s More Than Just Beers


You might be wondering, what’s the big deal? It’s just a casual meet-up after all. But here’s the thing: It’s in these informal settings that we break down barriers and build relationships that make us better at what we do. Research has shown that team members who engage in social activities are more collaborative and perform amazingly in problem-solving tasks. (I just made that up – but I’m sure that it’s true).

The Unspoken Benefits


From a psychological perspective, these casual gatherings act as a ‘reset button,’ allowing us to disengage from work-mode and recharge our emotional batteries. This feeds back into our productivity and creativity the following week. It’s the virtuous circle of work-life balance. And it works.

So, here’s a shoutout to our amazing team for being part of this ritual that I look forward to every week. You folks are the real MVPs who make even the toughest weeks manageable.

@abhi, @ken, @ty, @sam, @matt, @darren, @arnaud

Also – a special mention to @fabrice@maricris , and @nina  – your herculean efforts are much appreciated!

Happy weekend, everyone! Follow your bliss.

Photo: Courtesy of Google Images

#Cheers

Continuing the Battle Against Invitation “Carpet Bombing”

A Continuing Conversation

In a previous discussion, “Stop the Madness!”, we explored the growing problem of generic and cold connection requests on LinkedIn, likening them to a “time-wasting turnoff” that fails to encourage meaningful relationships. From the cold selling conundrum to the importance of authentic connections, we dissected why this approach doesn’t work. Now, as the issue continues to persist, it’s time to delve deeper into the ongoing struggle against “carpet bombing” on LinkedIn and explore solutions for a more respectful and connected professional community.

The Ongoing Struggle

Despite growing awareness of the disingenuous practice of invitation “carpet bombing” on LinkedIn — where connection requests are sent en masse without proper personalization or context — the trend continues unabated. Far from being a strategy for success, this approach leaves many professionals feeling bombarded, frustrated, and disconnected.

The Frustration of Unsolicited Requests

The scenario is all too familiar: an influx of connection requests from people you’ve never heard of, each accompanied by a generic message. These messages lack sincerity and insight, betraying the fact that no real effort has been made to understand who you are or what you do. This isn’t networking; it’s noise. And it’s a problem that’s getting worse.

Why This Approach Is Self-Defeating

There are several reasons why this carpet-bombing approach is ultimately self-defeating:

  1. Dilutes Trust: By sending generic messages without research, the sender shows a lack of genuine interest in the recipient’s work or expertise. This dilutes the trust required for a fruitful professional relationship.
  2. Harms Professional Reputation: The practice paints a picture of desperation rather than professionalism. It signals that the sender values quantity over quality, potentially harming their professional reputation.
  3. Misses Opportunities for Authentic Connection: True connections are made through genuine interaction and understanding. The carpet-bombing approach forgoes these essential elements, neglecting opportunities for real engagement and collaboration.

A Perspective from Recipients

From the recipient’s viewpoint, receiving these unsolicited and insincere connection requests feels intrusive. It’s like receiving spam in your email inbox. The annoyance can lead to a complete dismissal of the request, closing the door on any chance of forming a potentially valuable connection.

A Perspective from Senders

While some may argue that this method is a numbers game and bound to yield some success, the costs often outweigh the benefits. The small percentage of connections that might respond positively is likely overshadowed by the damage done to the sender’s professional image and the opportunities lost with those who are put off by the approach.

What We Can Do: A Collective Effort

Let’s recognize that this is a collective issue that requires a shared effort to combat. We must all commit to being more mindful in how we connect with others on LinkedIn. Here’s how:

  1. Emphasize Authentic Engagement: Let’s return to the principles of authentic networking by taking the time to research and understand those we’re reaching out to.
  2. Report Misuse: LinkedIn has mechanisms for reporting connection requests that appear spammy or irrelevant. Utilizing these tools can help the platform identify and manage inappropriate behaviors.
  3. Educate and Share Best Practices: Let’s continue to promote discussions about the right way to connect on LinkedIn. By sharing insights and educating one another, we can create a more meaningful and productive environment.

Conclusion: Let’s Reclaim LinkedIn

LinkedIn’s power as a platform for professional growth is undeniable. But to unlock its true potential, we must shift away from carpet bombing and toward genuine, thoughtful connections. Let’s not allow the actions of a few to taint the possibilities of many. The onus is on all of us to create the LinkedIn experience we desire.

I invite you to join this conversation by sharing your thoughts and experiences below. Together, we can lead the way in fostering a more respectful and connected professional community.

Photo: Courtesy of Google Images

ISO 27001: Navigating Regulatory Compliance and Global Business Growth

In international business, where regulatory landscapes shift as quickly as market trends, robust and internationally recognized security protocols are vital. For companies actively pursuing regulatory licensing in multiple countries, one certification stands out as a beacon of trust and compliance: ISO 27001.

ISO 27001 and Its Relevance to Regulatory Licensing

  1. Understanding ISO 27001: It is an international standard governing Information Security Management Systems (ISMS), providing a systematic approach to managing sensitive information.
  2. Regulatory Landscape: By expanding across different jurisdictions, businesses face the challenge of complying with various regulatory requirements related to privacy, consumer protection, and financial oversight, such as the European Union’s General Data Protection Regulation (GDPR).

Alignment with Regulatory Requirements

For businesses handling valuable digital assets and financial information, ISO 27001’s alignment with regulatory requirements is pivotal:

  1. Common Language Across Jurisdictions: This standard’s universal framework often corresponds with various regional financial regulations (e.g., BASEL III in Europe), making compliance more consistent.
  2. Risk Management and Compliance: ISO 27001’s risk management approach is essential in an industry characterized by rapid changes. It promotes a culture of preemptive risk identification and mitigation.
  3. Data Protection and Privacy: The standard’s emphasis on data integrity aligns perfectly with global data privacy laws, ensuring that sensitive financial information is handled with utmost security.
  4. Audit Trail: ISO 27001’s requirement for detailed documentation and robust auditing practices aligns with regulatory demands for transparency in financial reporting.

Simplifying the Journey to Regulatory Licensing

Adopting the discipline and process required by ISO 27001 can significantly ease the path to global regulatory licensing:

  1. Holistic Approach: Rather than isolated compliance efforts, ISO 27001 fosters a unified, company-wide perspective, potentially cutting down time and expenses.
  2. Building Trust with Regulators: The certification can demonstrate a firm commitment to international best practices in information security, possibly expediting licensing procedures.
  3. Continuous Improvement: The refinement process ensures adaptability to ever-changing financial regulations and standards.

Conclusion

In a world where regulatory expectations and security needs are evolving, ISO 27001 certification is more than just a security measure. It aligns closely with the multifaceted demands of global regulatory compliance, particularly for businesses dealing with diversified portfolios and digital assets.

The integration of ISO 27001 can act as a cornerstone in global expansion, streamlining compliance, and building a resilient foundation for growth. It’s a pathway marked with clarity, efficiency, and trust that resonates with regulators, clients, and partners alike.

By embracing ISO 27001, businesses are empowered to traverse intricate regulatory terrains with assurance, utilizing globally recognized standards to forge a distinct advantage in the multifaceted and interconnected world of finance.