Recently I was having a webinar mentoring session with my students. We talked about purpose in our life. I was discussing about an import aspect which I clarified on that discussion about -

Positive impact vs popularity, where should be the focus?
When I share or speak on any particular topics, the very first and foremost important thing for me is - What I am speaking is

• Got to be right at least in my prespective/experiance and that is is going to truly help the listener and
• Those are going to add value for those people’s life.

On the internet there are a lot of influencers, they're doing a lot of fun stuff, making a lot of jokes entertainment things, making people laugh, giving them a lot of fun advice example - The short cut to be rich, how to get a job quickly, how to nail down an interview etc

I don't do that because I don't think that's going to add true values for the listeners. For me I think that what actually help people

• become successful in life,
• develop their skillset,
• or improve mindset
• or have them to successful to achieving goals,

I want to do it and that's the part I always only talk about.

I completely understand that I am less popular than what I could be or even should be, but I'm perfectly happy with this. Why? because at the end of the day what I'm doing and my purpose is to help people into the life and and help them achieve their goals in life. And exactly that is what makes me happy.

To me, I think my very first and foremost important thing is to speak and do, what is right, what is good for them.
​
So yes some of my talk is not funny, not entertaining but focus on helping people achieve their goals. And I will never stop that, I will keep giving anything perspective, skillset, mindset, idea which can help other people.

Let me grab an example - This line is very popular among young people, millennials -


Do the things you love!

That line sounds amazing but let me break it down to you, what you love is great for the thing when it's something like your hobby or you want to do it outside of your main work stream as something like your side stream. Then most of the case it will be perfect. But you want to make your living on that thing on that that could be a very different story.
When you want to achieve something in your life you really need to learn many things even if you don't like or even don't love too because the thing what you only love that will not be always enough to help you become successful in your career, build a business.

To achieve goals, you will need to learn many other skill set and and many of them maybe you might like to do but some others you will not like to learn or even hate to learn. But you have to do because those skillsets are important why? Because those are going to help you to meet your purpose, your goals.

I will give you an example from my own life, I hated statistics subject when I was in high school but when I was studying science and engineering, I had to learn this program because I knew that this is going to be one of the key things for my any algorithm or even programing logics.

Let’s pick up another example - Few years ago, I did not like writing, so I was just giving speeches and that's it. But then I figured out that I have to write to communicate to more audiences. Because every person simply doesn't have the same English language competency, as I'm trying to communicate with them by English only.

That's why I write articles, I am writing books, journals, booklets to communicate with all of you.
​So the bottom line is only doing the things, what we love is not enough to make us successful. To achieve goals or what you want to achieve in a career or a business or in our life so we need to learn, look for actively knowledge, opportunities, good intents etc to embrace them. It does not matter, those we really like or not.

We can't just throw away something which is needed because we don't like them.

At Reverie hotel, Time Square Saigon, On November 2019, John Masud Parvez was speaking on a advisory session for COOs, IT Directors and CEOs about the cyber security. There were around 20 - 25 IT Directors, CIO, CEOs, COOs of different companies were joining this session.  Though this article we will share you the key notes of that advisory session. John Masud Parvez was saying - 

Why cyber security? because everyday almost 1+ million security threats are adding up to the pool of thrats to attack or take over our digital assets. This asset can be from our personal level to coporation level. I started with the very grass root level and then brough to the point which can let the audiences a set of bullet points which will help them to go back an start to work on them immediately for protecting their digital assets. The key line of prespective is here

The price is light is less than the price of darkness.

Their situation is like this picture. They were been in comfortable zone which did create different loop holes in their security system and finally due to attack they are in panic zone now.

This is a great lession learn. The companies who are in comfortable zone now, not paying attention, not developing their capabilities in information security space by learning, not investing the minimum amount, they will all end up at the panic zone and also will be forced to pay too high as well. Remember the quote?

The price is light is less than the price of darkness.

Cyber security is not something which you can just tick off a set of check list. It requies constent improvement in multimple dimention and that is only possible to building up a Cyber security culture in the organization. To build up the culture, there are the key elements pays the roles

• Process
  
• People
  
• Technology
  

Molding and farming of these three can create the right culture in an organization which can successfully tacket the cyber security issues of an organization. On this aspect the start point of are

Process

• What’s your understanding of threat or cyber intelligence with respect to your organisation’s operating environment? •
  
• How does cyber threat intelligence play a differentiating in your organisation’s cyber security strategy? •
  
• Do you operate a SOC? Is it effective? What you can do to make that effective?
  
• How can it be further improved with the evolving threat landscape?
  

People

• Internal threats were cited as a big concern for many organisations, is this also an issue in your organisation?
  
• How do you mitigate risks associated with employees with poor cyber hygiene? • Is cyber security skill-set difficult to acquire? If yes, how are you currently addressing this within your organisation?
  
• Would you rather develop in-house capabilities or hire ready-made professionals with cyber expertise?
  
• Do you see a combination of both as part of your cyber security strategy?
  

Technology

• What sort of information do you need to put together a resilient cybersecurity strategy?
  
• What sort of cybersecurity tools are needed to implement your strategy? •
  
• From which channels do you procure threat intelligence? E.g. design own tools, subscribe to one or multiple cloud-based intelligence services provided by security Vendors/Managed Security Services?
  

Most of the organization is far behind the cyber security capabilites so even many of them dont know they are already being compormised over and over. So I also share a key points where any organization should be starting assessing their cyber security status and then start their journey of building the defense macanism -

• Organizatoinal Culture: Assess and define the level of organizational culture.

 

• Business Stratigy and Scale: Clearly understand what is the business stratigy, focus in last 5 years and next 5 years, and also consider the scale of growth.

 

• Company Turn over: Assess and consider closely the companity turn over rate, as it ties of organizational culture, security culture is a part of that

 

• System Architecture: What is the present system landscape, their capacity, what is the % of legacy system, how well patched and what kind of security tool in place.

These are the things actively they should not consider as well -

Previous assessment report: Dont accept those report, those may having very green but actualy true picture can be very different. So dont look at them and become bised.

Financial Condition: Your financial condition is nothing to consider at the first stage of assessment, if you do you will lose the big picture.

Incident report: It was not report, does not mean that did not happen. There is a number of organization did not even realize they were being hacked when their information was outside the market for months. So dont be happy by not seeing the insident reports.

So let's pay attention to your information security. You can be in any role in the organization, CEO, CIO, Director, Manager or even a staff, you are part of the information security. Every digital asset you use in digital space in the company is the asset of the company andi t's your reponsibility to learn and keep the digital asset safe.