Skip to main content

Leading with “deadlines” during Covid-19

So firstly, we obviously failed at our promise in our first post, i.e. we didn’t post an article every few months. Both of us did contribute to the Leadership Tribe of Hackers book so that makes the failure a little less, right??? 

Anyway, in this post, we wanted to share what we have found to have worked for the Security teams at Riot Games during the Covid pandemic. 

Like Chris Hymes described here, we pivoted early (before the “stay at home” order) to collaborate with IT (and teams across Riot) to ensure there was a secure and reliable “work from home” experience for Rioters. As challenging as this emergent work was, the more difficult and ambiguous challenge arose after-implementation. 

Surely, the pressure was off as Rioters were now able to work from home such that Riot could securely deliver new games, transition to a remote broadcast for eSports, onboard new vendors (to help further with “wfh”) and do their usual day jobs? That wasn't quite reality and, we all soon realised that we didn't know how “working from home during a pandemic”, for a prolonged length of our time, would affect people.One of the first things we realised is that this was not going to be “working for home”, it was something-else and as leaders, we would need to be both patient and understanding with our teams.

As obvious as it sounds, people have different circumstances from living by themselves to living with a family where kids have “school work” (more like crisis-schooling :p ), while some folk live in city apartments but others have a family home with a garden. Some folk rely on work for their social crux, whereas for others it’s the gym or their sports team, all of which are now closed. Ultimately, we fell back on a simplistic lens:

People > Product > Tech

Here's a summary of the some things we did (that seem to be working):

  • Over-indexing on communications.
    • Especially on our “fun, no work” channel :)
  • Sharing ups and downs.
    • Telling people that you are also struggling and discussing where things have gone wrong is both incredibly important and 
  • Try to do non-work and non-craft things away from the screen.
  • Do things as a team (video games obviously but more significantly, team syncs over video conference).
  • Visibly logging off and taking time off (with no work comms), especially important as a leader:
    • You can't lead if you're not rested yourself.
    • Some folk worked reduced hours during the recent Spring Break (in the US)
    • People actually took time off when they saw leaders taking it off, versus not when they were simply being encouraged to take time off.
  • De-prioritising some objectives to give the team breathing space. People like goals so they can have a "sense of achievement", but at this time, they already feel overwhelmed and mental health should be the priority.
  • Shared “wfh” tips from people who had been working from home for years. Two simple and effective but surprising tidbits:
    • Change rooms for meetings occasionally if possible as it really breaks things up.
    • Give yourself 5 minutes between meetings, walk away from the desk. This will enable you to context switch as opposed to powering through hours of consecutive meetings.

Examples of over-indexing on (electronic) comms:

  • Sending a weekly Corona update, with an emphasis on self-deprecation and personal experiences.
  • Being vocal about things that don’t work - e.g. letting people know what’s not been easy, explaining the challenges and acknowledging personal failures (be honest about your vulnerability).
  • Individually reaching out to see how people are, while also encouraging others (not just team leads) to look out for their teammates.

Tangentially, if you’d have told us that we’d have 8-12 weeks at home a few years ago, we all would most likely have planned on ramping up tech-wise - reading papers, doing some courses or finally learning Go/Rust/something hipster :-/  I personally have found such activities difficult to focus on and as such I am doing less mentally taxing stuff rather than working on my (InfoSec) craft:

  • Working reduced hours to support my family during home crisis-schooling
  • Home improvements that I’ve been staring at for many months (amazingly rewarding with the sense of completion and almost meditative)
  • Building a small gym and working out over Zoom with friends
  • Old-style games or jigsaws with my kids
  • Tried to cook a little more (wasn’t hard to improve from zero here)
  • Video Conference Calls and quizzes with family/friends
  • Dabbled in the garden (hysterical efforts)
  • Evening walks/bike rides
  • Catching up on TV series that I never had enough time to watch

In the end, the world has changed and we don’t know what situations our team will face when this ends or how we will solve these challenges.

However, in the current scenario, we want to ensure that our team is supported throughout and that when we don’t have to “stay at home”, they are rested and somewhat prepared for that return. With that in mind, don’t be too hard on yourself or colleagues and if you do one thing for your team, “share and check-in”. 

#Moved from my old site - - originally posted on 2020-04-25.


Popular posts from this blog

Being a Support Engineer @ 10gen - Part 1

There's a mis-conception around the role of a "Support Engineer".  As a clue, it's not what Urban Dictionary   says   - A person whose job is to answer calls from customers of a small- to large-sized company...... They are teathered to a their desk all day via phone headset........ phone jockeys usually hate their jobs.......they are are paid well enough..........until they completely burn out, and hate everyone.   and doesn't always involve this - Image Source: As you can see  here , there's lots of open roles in  10gen  and more specifically with 10gen, in  Dublin . I thought I'd write this quick blog to explain what Support Engineers actually do and why I joined 10gen as a "Support Engineer". I could be wrong but didn't Google come up with term " Site Reliability Engineer " to do away with the stigma associated with being a

Start-Up Security

After many years in Security @ Riot Games and eventually putting the "s' out there, I recently decided to jump out of my comfort circle for a new challenge and joined a   start-up   (yes, I left a comfortable, stable job in a pandemic, lunacy lol). Now that I've been here almost 6 months, I wanted to share some findings because security at a start-up is significantly different.  When you join a start-up, there's going to be so much that you can do and it will be incredibly easy to "boil the ocean", and try to fix everything. At best, this guarantees failure for the Security team, at worst, alienation from the engineering and product teams. There are some obvious quick wins that a Security team can make without slowing down iteration and innovation speed, while also reducing risk: Auth  Partner with Engineering/IT/CTO such that there's alignment on Security owning all things "auth(n|z)".  As part of this ownership, you need to be prepared to resp

What's the point of (InfoSec) Certifications?

Quite recently, my GSE was up for renewal. I'm currently in the middle of transporting my family to another continent and I've slightly more responsibilities work-wise in 2016 versus 2012. However, given the effort and study that it took to get the cert the first time (and to a lesser degree the expense), I figured it was a no-brainer to renew. For me, I've always been a huge fan of the GSE and considered it the epitome of InfoSec certifications, much like the CCIE for (Cisco) networking. Personally, I learn better by "doing" and consider it as the evidence that someone knows their stuff so the "2-day lab" element in the GSE was a both a huge goal and challenge that I was excited about. I talked about the value of "doing" when trying to learn about yourself previously here with the infamous Security Ninja and here on my own blog so there's no point in repeating myself. When I did the GSE, I absolutely loved the hands-on lab mo