Post scheduled for: Jul 1, 2020 @ 09:00Nearly every MSP that I’ve spoken to in the last few weeks has admitted that one of their big initiatives either for Q3, the rest of the year, or coming up sometime soon is implementing, initiating, selling, or improving their cybersecurity in some way, shape, or form.

When I press them on what this means or how it’s going to play out, I mostly hear crickets.

The problem with most cybersecurity goals and initiatives (and most goals more broadly) is even if the goal itself is well-defined, most aren’t able to walk me through how they’re going to get there—with possible exception of doing the same thing over and over every week until they’ve reached the goal.

In the case of many goals, simply saying you’re going to do the same task every day will not cut it to actually reach the goal. For instance, if I wanted to run a marathon and had never done so, simply saying I’ll walk 10,000 steps every day will probably not condition me for the level of exertion needed for anything longer than a 10,000 step walk (if that).

What I’ve found works really well for IT teams and MSPs is to have a concrete workback plan to work off of.

The whole idea is to start with your ultimate objective (aka an end goal that is specific, measurable, attainable, relevant and time-bound) and then work backwards from there to develop the plan for your quarter.

NOTE: I suggest you work on your goal every single day. What I’ve found is that in order to be successful at your goals, you really have to prioritize them. Schedule time to plan out the goal AND time very single day of your week (work week) to ensure that you are making progress, delegate tasks and keep on track.

I also advise you to find specific accomplishments (I like the term milestones) along the way that will be points to celebrate what you have done. If you were not able to reach your goal within the timeframe you defined, at very least you have added value to your company and progress by reaching a couple milestones.

Here are the 8 steps in making a successful cybersecurity workback plan:

Step 1: What Is Your End Goal?

As I mention above, knowing exactly what you aim to achieve with your plan. Make sure it is specific enough for you to picture a concrete outcome. If you were to reach your goal, how can you measure that it is done (not just half finished)? Is the goal realistically achievable in the time and with your resources? Is it in line with the vision of your company and are you setting a hard deadline for completion? These are all super important to have as part of the definition of your end goal.

Step 2: Find Your Pieces

Break down your end goal into smaller steps that are more easily obtained. If your goal is a quarterly goal, it probably has at least a couple of smaller pieces to it.  Each of these steps should be a smaller SMART goal. Make sure you are able to complete it a specific time frame, make sure it is relevant to your larger goal and most importantly make sure you can tell when it is complete.

‍Step 3: Assign People To Parts Of Your Goal

Take a look at all of the smaller steps that need to be accomplished to reach your end goal. For each of these smaller goals, write out the steps (or tasks) needed to get the milestone accomplished. Assign a person to each of the tasks and create a follow up time to ensure that each individual step towards your milestone will be taken care of.

When you schedule your daily 90 minute meeting with yourself to work on the goal, make sure you review your list of tasks (those for you and your team and be sure to follow up or redefine ones that aren’t getting completed). It will be up to you to make sure your goal is on track.

Step 4: Set Deadlines

Each task or milestone should have a deadline attached to it. That’s so everyone knows what they are doing, when they’re doing it and how long they have to get the work done. Without concrete deadlines, things get dropped and follow up gets hard to track. If you and your team know when things need to be done and have expected time-bound outcomes, you’ll have an easier job getting tasks accomplished.

Step 5: Follow-Up with Everyone

Make sure that you’re following up with everyone involved in your goal to ensure they will meet the deadlines you created. Often if a goal includes many people, getting them to commit or define a deadline that is reasonable toward the end goal is often helpful in getting them to own their timeline.

Check in with your team—especially those that have longer timelines or more complicated tasks involved in reaching a milestone. Plan on scheduling follow up check-ins to make sure your team members are making progress. If they are on target, simply stick to a casual check in, but if they are falling behind you might want to schedule hard deadlines for smaller tasks to ensure they won’t be struggling too much to get their committed work done.

Step 6: Keep Everyone On Track

As you check in with your team involved in getting to your goal, you should be able to tell when the train is starting to get off track. Help your team make changes to their plan, process, or timeline to ensure that they are doing work that will actually help the goal.

Step 7: Review Work Product

As the project is nearing completion, I always try to review work product from my team before milestone dates are hit. Take a closer look to see if everyone is following the work back plan. It’s possible some are not getting their tasks completely done or are not getting what you expected when you had originally assigned the tasks. It’s up to you to set standards for team members to meet.

If you come across deliverables that don’t meet your standards, dig into why the work isn’t as you expected it. You might find that parts of your project need to be redone and the sooner you recognize this, the better for everyone.

Step 8: Keep Moving

The most important step in my opinion is to keep moving! You’ve just finished your project. Did you find other opportunities along the way? What other cybersecurity concerns do you or your clients have? Are there holes in networks? Or are there other ways to add more revenue to your sales numbers?

Whatever the next goal, start working to reach it. Wash. Rinse. And Repeat. It’s as simple as this!