In this episode of the Redefining CyberSecurity Podcast, host Sean Martin talks with David Adeoye Abodunrin about integrating cybersecurity from the beginning stages of product development and the challenges of retrofitting security measures.
Guest: David Adeoye Abodunrin PMP, CSM, CSPO, CSP-SM, MSC, Cybersecurity Project Manager/Enterprise Agile Coach at Cybarik [@CybarikGlobal]
On LinkedIn | https://www.linkedin.com/in/abodunrinadeoyedavid/
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin
____________________________
This Episode’s Sponsors
Imperva | https://itspm.ag/imperva277117988
Pentera | https://itspm.ag/penteri67a
___________________________
Episode Notes
In this episode of the Redefining CyberSecurity Podcast, host Sean Martin engages in a conversation with David Adeoye Abodunrin about the operationalization of security throughout the organization. They explore the importance of considering cybersecurity from the beginning stages of product development and the challenges that can arise when attempting to retrofit security measures.
David emphasizes the need for organizations to think about cybersecurity as a layer throughout the entire value map, from conceptualization to product design and implementation. He highlights the trade-offs and complexities involved in integrating cybersecurity later on in the process and stresses the role of security architects in the early stages of product development. By incorporating risk analysis and cybersecurity considerations from the start, organizations can create more robust and cost-effective security programs.
The conversation also delves into the obstacles faced by CIOs, CEOs, and CMOs when it comes to prioritizing cybersecurity in the beginning. Sean and David discuss the potential for finding nimble and efficient solutions by addressing security concerns early on. The challenges of retrofitting security and the financial implications of doing so are explored, along with the issues related to legacy systems and ERPs that lack proper cybersecurity measures.
Throughout the episode, Sean and David provide valuable insights and practical advice for building effective cybersecurity programs and integrating security into the fabric of an organization's operations. They stress the importance of thinking about cybersecurity from the conceptualization stage of product design and highlight the role of security architects in this process. They also touch upon the need for trade-offs between speed and customer convenience in implementing security measures like multiple factor authentication.
Overall, this episode provides listeners with a deeper understanding of how to operationalize security and navigate the challenges of incorporating cybersecurity from the outset. The conversation is informative and thought-provoking, offering practical insights for organizations looking to build robust and cost-effective security programs.
____
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
____
Resources
____
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Sean Martin: Hello, everybody. You're very welcome to a new episode of Redefining Cybersecurity here on the ITSP Magazine Podcast Network. This is Sean Martin, your host, where I get to talk about all things operationalizing cybersecurity in the business to, uh, not just to protect revenue, but to help generate it as well in a safe and secure manner.
Um, and my guest today was presented to me, uh, the, the, the story was, how do we operationalize security? I'm like, exactly. That's the question. So I'm, I'm thrilled. It is an absolute pleasure to have, uh, David abudurin. Abudurin. Yes.
Yes. It is an absolute pleasure to have you on. And I'm excited to dig into this topic with you. Um, so welcome.
[00:00:54] David Adeoye Abodunrin: Same here. I'm very excited to be here. And thank you so much for having me. It's a big, big, big pleasure.
[00:01:02] Sean Martin: I'm excited to hear about some of your experiences and how you help guide organizations down this path to success.
And, uh, before we do that, maybe a few words about your background, uh, what you're up to now and, uh, why this topic for you? I mean, there's so many things in the world to get passionate about, right? Operation line is in security. I'm, I'm passionate. I'm wondering why you are.
[00:01:32] David Adeoye Abodunrin: All right. Um, uh, been in the technology space for, uh, But above two decades, about 25 years now, I started my first degree in Electronics Computer Engineering.
And after which I went on to specialise in Transmission and Networking, where I did all the STM 1s and long distance, uh, um, Communications, the traditional, uh, network back home in Nigeria, um, that's in West Africa. I proceeded into core project management and rollout within the telecom space, back home and technology space, also having a backpedal in cyber security.
Uh, worked around different industries, all around technology, rollouts, uh, software deployment, different stuff here. And there are the brief things in, in HR and human capital, uh, again, ruling technology into HR and human capital. They just give me the unique flavor of, of culture and how. Culture is a very powerful tool, uh, cultural influence, how to use culture to drive technology transformations.
It, if you know how to do it, it is a sure way to reduce costs. And I'm going to get there. So, so my understanding of human capital and how it works. And also human psyche and psychology and how to devolve change and operationalize change at the nerve endings because old habits die hard. So I did some work in that regard, uh, and how to affect a group of persons and influence them to change, particularly in direction of technology was something I picked up in HR and some deeper work in psychology.
I'm going to get there shortly and after which I went into deeper into Agile project management, uh, because I was doing waterfall all the while, also within cybersecurity. So, uh, and that's been my story. Then there about 2020, I went into my MBA at the Hortense National Business School. Uh, and then I decided to deepen my footprint in the technology landscape by having a master's in cyber security, threat intelligence and cyber forensics.
That was now in 2021 to 2022. Right now, I do some work, um, uh, with some organizations, helping them to cyber secure, uh, operationalize in a very cost effective way. Uh, the challenge with cybersecurity for many CEOs and C suites is the challenge of costs. I frame it as costs, price, value, incident, mismatch, costs.
Price, value, incident, mismatch. Uh, what is the true costs of cybersecurity? And as we say, traditionally, if you think the costs of your cybersecurity efforts is too much, try the cost of incidents.
[00:04:56] Sean Martin: Exactly.
[00:04:58] David Adeoye Abodunrin: Uh, and, and at the same time, what price are we going to purchase it for? At what, what amount of money are we going to put on the table? That is, and price suggests the concept of value, that how valuable are these servers? Because on top of costs, there's now value. Both value, meaning the P& L implication, either profit or loss.
Plus, how much it cost us to do, when you add those two things together, you're now in the realm of value. The interesting question is that, for many CISOs, on one hand, you don't want anything to happen. On the other hand, people wonder what are you spending all the millions and thousands of dollars on, when nothing happens.
And then you come next year to ask for further funds. I'm not last year. And if it happened last year, is it catch 22? The question is, well, you collected money. I will give you the money. How come something still happened? So whether something happens or not, the SISU and the world of cybersecurity is pitched to forever remain very nervous and uncomfortable.
And I don't know how many cybersecurity experts or professionals are aware of how. Painful and stressful this is. It's a pressure to take on. Whether something happens or not, we will be blamed. You must accept this quietly. So how do we operationalize from a value perspective? So that we do not spend too much money, yet we deliver the value.
The other interesting conversation is that cybersecurity isn't compliance. Is not installing patches. No, those things are steps to get more secure. The actual security is a whole nine yards, nine yards beyond that. And there are many, many people who misinterpret cyber security as the expenditure. I mean, you implemented ISO, you've done Service Ops, you've done NIST.
Why do we have a, why did we have an incident? Those things are compliance is a minimum. Uh, uh, so, so all of these tensions create nightmares for CISOs and cybersecurity teams, especially from a project management execution perspective. So how do we operationalize and spend? Not too much and not too little.
The optimum amount using the risk profile of the organization to select candidate objectives into the project portfolio. This wisdom requires other kinds of alternate thinkings like the concept of human firewalls as an example. That all attacks and ultimately of two objectives or two kinds. It's A money financial gain attack and or always a human attack.
It's either the human is the agent and or a human made a mistake or a human being will be a victim. So we can operationalize by making the human being more fortified. So that we spend a little less on the servers. And all the different tools that we use, because if somebody doesn't click, for example, if we can change the culture of a click so that it becomes an anathema for you to click anyhow, excuse me, if we can curb greed so that you're not looking for reward anyhow, if these small things, if we are able to do them, we can literally do a way we deserve us.
At least some level of sophisticated hacks is what we'll be facing if we are able to
[00:09:36] Sean Martin: do this. Yeah. So I want, I want to pause you for a moment. Um, cause you, you've said so many interesting things and you're giving a good example, which, um, may work for some organizations, may not work for others, depending on the nature of the business and where they are.
Yes. Security is not compliance, but compliance may say they have to do certain things, um, and not remove a service. So I want to. I kind of want to go to the, to the beginning here. Um, like having been a program manager for many years, everything looks like a program to me. Whether it is or isn't. And, um, and in marketing, uh, we have marketing programs that where you define, I'll just say, for example, what's the go to market.
So who are you trying to reach? This is very similar, right? Who are you trying to reach and what are you trying to tell them? And are they interested in, in using what you're offering? And, and that's kind of the outbound stuff. And then inside, do you have the ability to build what they need and to sell what they need and to support what they need and to service what they need?
And there's a big, full, big, full picture. So I often think of things in that way when I'm looking at cybersecurity, because it's not, it's not just. I have a bunch of tools and services that I can deploy and I can build a program around it, quote unquote, build a program around it and staff it with a team.
Um, I, I feel, and maybe this is where I'd like your insight. How well do, I feel we might lack in terms of what are the program requirements? I'll call it the product requirements from a development perspective. What, uh, do we do a good, a decent job at, Defining what are we trying to accomplish? What is the goal?
What are the requirements so that we can then start to drill down? Or do we, or do you find that companies tend to build up? We, we are told these techno, we have these holes and we need these technologies and, and at some point we can calculate some remaining risk exposure,
[00:11:50] David Adeoye Abodunrin: because. Yeah, I agree. Because to the man with hammer, every problem is a nail.
It's a sad, I mean, you even have whole cybersecurity programs driven, not by the business needs, but driven by vendor influence and conference and conference. Intelligence. A CISO attends a conference, a CISO sees a new technology, doesn't really think deeply. He sees an access, uh, technology, for example, doesn't think deeply about the unique business case or business cases or use cases of identification within his business.
And he implements them. So there's that big mismatch of think through. The other thing That is true, which we must give executives a lot of slack for, and it's not easy, is that seldom do businesses start thinking cyber security. It's a more recent thinking that we think at the start of a business, uh, except in the financial sector, or you're in a sector where there's regulation that says you must think cyber security.
Or when you get penalized, for example, if there are breaches in user data, like we have in China now, or the Asian world now, where CEOs go to jail if people are hurt by your negligence. Seldom do businesses start from thinking about cyber security. We design our businesses and our business processes at the core.
Canva level from a value, business proposition, business success, profitability perspective. Cyber security generally comes after some wisdom and or incidents or industry happenstances or near catastrophes. Seldom do we start at the architectural state of the business. The security architect is a role that should sit with IT and business architects, but seldom does it happen that way.
[00:14:08] Sean Martin: I'm glad you went there. Cause, um, again, and apologies for, for people who, uh, who find me crossing over into my product development realm, but I like pulling on examples where things work and to your point, when you're building a product. You define what you're trying to accomplish and, and then you have a team, an architect and the engineers and the quality and the security and the business teams come together and say, how do we architect this thing and how do we design this thing to achieve?
What we want Yeah. As an outcome. Yeah. And sometimes you have to make decisions and better upfront than later. Yeah. To say, these are the technologies we're gonna build with, these are the technologies we're gonna test with. These are the processes we're gonna use. Yeah. And, and you, you might have to make some hard decisions and you might, but you might also find, and this, this is something I, I try to uncover in all of my shows is you might also find that if you do something a certain way, you can save.
People process and money
[00:15:19] David Adeoye Abodunrin: that's germane and seldom in that initial conversation is cyber security dead. No, it's just a general use case. It's a need in the market. Want to build a product. The problem is retrofitting is not easy. So something happens in the future or we do a risk analysis. Or we do an audit, or government regulation comes up, the general sources of risks, and then we have to, we're compelled to act.
It's still retrofitting. What happens is that we will spend more money, and in some cases we may have incompatible legacy systems. Building interfaces also cost money at the end of today. We have ERPs that That don't do well with security. They do well with data breach, but you don't do well with some other elements of cybersecurity, like continuous advanced persistent threat behavior.
There are ERPs that are set up that way, but we choose that ERP because transaction time is fast to the number of users that can be on the platform is fast. How long the system can be on without disconnecting the cloud story facilities. Cool, but we are forgotten cyber security altogether. So something happens, somebody penetrates and then we have to buy an interface, either a programmer and or some patches or some stress.
Either ways, we spend more money by not thinking cybersecurity from the beginning. I remember with cybersecurity, there's always a trade off. You have to trade off either speed for multiple factor authentication or customer comfort and convenience for multiple factor authentication. If you do that or you don't do it, your customers will port and try another product that has a faster response time.
Now, why do I need to put my thumbprint? Why do I need to put this? Why do I need to pull that? So the challenge with The cybersecurity realm of thinking is that if we don't do that at the beginning, it's a complex place to retrofit later. So security architects must be involved in the conceptualization stage of product design, product management, and all the way to enterprise or solutions management, so that we do not come back and pay that money.
Because when a problem is crystallized, few persons have the ability to juggle and give solutions.
[00:18:03] Sean Martin: This is an answer for the audience, not for me. How do we, how do we begin to take the right steps to build a program that, uh, will produce the results we want?
[00:18:17] David Adeoye Abodunrin: Okay, number one, all the way from conceptualization. Think cybersecurity, think as you're thinking about the processes, the users, the value map, think cybersecurity as a layer through the line, end to end, as you're thinking the value map and the value streams, think cybersecurity.
It will help a lot and give you a more robust perspective. As you design the product, let risk analysis. Proper risk analysis happen interface by interface as we go along the value map. When that is done and cybersecurity is thought through, we will come up with a robust proposition. In fact, we may find solutions that are MIMBLA.
Easier because most CISOs and most CIOs and CEOs and CMOs don't want to think about security in the beginning. It's too cumbersome, too stressful, too much show stopping, but it will help from a lifecycle engineering perspective too at that inception. Things have a security.
[00:19:34] Sean Martin: Can you give an example of where you've seen that work?
And I, I'm going to guess that your, uh, your experience with HR and, uh, and the whole talent management thing
[00:19:45] David Adeoye Abodunrin: plays a little bit. Yeah. Uh, I've seen, there was a hotel, uh, that, that was built back home in Nigeria. And the design is a chain of hotels, so they had these designs and they started along the line.
They had issues with people assessing the rooms behind their backs. The door systems were porous. There were challenges. So, their consultant is a good friend of mine. He said, oh, Dee, what's going on? I have this particular project and he described the problem to me. And I said to him, Very good. It's a chain of hotels.
The next ones you're going to have, go research this. If you want me to come consult for you, give me one week. I'll give you a better door system.
He thought it was a joke. I give him a more cheaper door system that you have to come in with your thumb print. The person who registers at the reception is the only person that has access to that room. They had more security. They began to charge more for the rooms in the newer hotels
and they saw revenue drop in the older hotels because people know there's a better product. Just thinking access as a layer of security and if you tailgate as you enter into the room you receive an email in your box that instead of you alone two people entered the room. The door has a small camera sensor and it says two persons entered or three persons entered.
You received that email, it was a big deal because safety was an issue for the category and class of persons that was in your clientele. So, subscription dropped even though the earlier hotels were in the prime location, the, the first set, the first set of hotels that they rolled out, but the new ones were a new settlement.
People traveled that distance because it was more secure. If you go to a hotel, You probably want to be discreet. You don't want anything stolen. You don't want no drama. Why would I go to a hotel where if I have access, somebody's coming back into my room, I'm already compromised. So that was, the guy was, he couldn't believe it.
The subscriptions dropped in the older chain of hotels. And I've seen this also in product development. You see, when you use. A secure car. A cyber secure car that starts only with your thumbprint. You don't want to drive a general car anymore. There are cars that only answer to Sean. Hello Sean. Good morning.
Would you want me to drive? Would you want me to come to the driveway? And then he says come. But if your wife says come, so you don't want a car that your wife can open anyhow or your cousins can open anyhow. People have been known when you have something that's more secure or more personal to you because identity has the element of customer satisfaction.
And, and you can, you can activate with your voice. If, for example, something happens to your Tom, it's going to activate with only your voice, coded to your voice alone. So there are many moments I've seen personally, where if we think cybersecurity, we can even achieve stronger product differentiation. And more value.
[00:23:28] Sean Martin: Yeah, I love that. Uh, and, and, uh, I, I completely, totally appreciate these, uh, scenarios. Cause what you, what you're describing is, to your point, that, that value, right? It's not an expense. It's not a hindrance. It's not a delayer. It's not, it's, it's a better experience. In fact, in many cases.
[00:23:48] David Adeoye Abodunrin: Yeah, you know, Apple began to charge, Apple began to charge high enough because of security.
There was a time you could not easily break Apple phones, where you broke an Android phone easily you could jailbreak. You can't do that to Apple. The owner of the Apple is coded for life. There was a time it was like that and then Apple saw this increase.
[00:24:11] Sean Martin: And are, so I'm curious to know a little bit more about the conversation because in the hotel example, I think it was, it was. Driven by events, right? Bad events. Yes, yes, yes, yes, yes. And in the process, you started to talk about costs. Yes, yes, yes. And, and then you, you jumped to the, the end result. Yes, yes, yes.
So I'm wondering how, how that conversation in the middle I'm, I'm envisioning a door lock system that may stand alone, but also has to fit into the rest of the operations of the hotel chain, right? All the chains together. And so how, how, how did you come up with the idea? Well, how did those conversations sound, I guess, to kind of bridge the gap between Remember, it's an upscale,
[00:25:10] David Adeoye Abodunrin: it's an upscale, it's not a low, it's not the average or the low end, already is a successful brand, but there were challenges with access and we're getting customer dissatisfaction.
And my argument is by having someone with access understanding or someone that understands access at the architectural level, at the, at the Business architectural level at the security architectural level, just not because they had the IT guy who had bought the previous lock systems and all of that.
The problem is the moment I was able to demonstrate that they could get locks that were cheaper. Remember technology improves and people don't really know what's available. Once we could prove that there's a lock that was more effective in terms of access, and it's going to take records of who comes in and goes out, so they don't need to keep warehousing data.
The servers are working, they're taking, they're taking the general corridors, Footages and the memory, that's fine, but for the room, for the period the guest is around and for a few more days after the guest leaves, this door is able to give us information. It was, it was a done deal. And so they did a pilot with just one hotel that they were building and it was phenomenal.
After that, he moved up. Every single hotel now, I mean, I don't consult for them this many years ago. They're back home in West Africa, but they are huge. And the general word went around, Oh, they are safe and secure. Oh, they are safe and secure. Oh, I was just about using the fingerprint as against traditional locks.
It wasn't anything mega. It was personalized. It was people feel more comfortable. It won't open to another person. But with the cards, with the traditional cards that they used, you could charge it, discharge it, and all of that. And with the fingerprint, it all manipulates and overrides. It would show on the system, on the server, that someone had used the general card and it was a fingerprint that came in and whoever that person, the login happened under, would face the music.
It was a very brilliant solution. And that's a very small use case that, that is applicable in business. Cybersecurity is not a cost, it's a value. Maintaining or value adding service.
[00:27:48] Sean Martin: Customer facing value, which is really cool. Do you have any I'm trying to think of internal customers now. And you mentioned ERP earlier, so maybe there's something there.
But I'm wondering, do you have any examples where It's not necessarily outward end user customer facing, but internal users. So supporting HR, supporting sales, supporting engineering, where
[00:28:17] David Adeoye Abodunrin: you've
[00:28:17] Sean Martin: seen a change in infrastructure or the way something is built, that it becomes more secure and then in a similar way, I'm assuming provides value to those
[00:28:29] David Adeoye Abodunrin: users.
Yes. Um, in my days in, in telecoms rollout, there was, when the networks were being designed at first, there wasn't too many central monitoring for the fuel tanks. There wasn't too much central monitoring. The tanks were autonomous and independent. And the, the way to know that a base station was going to lack fuel.
Uh, energy was to look at when last you failed it and use consumption rates. So you go there every three days or every four days to supply. But there came this team, uh, a new general manager came in, in charge of power transmission, and he. went for monitoring monitors. Monitors that are intelligent and looked at the tanks.
The, the, the sensors were inside the tanks and it could relate to actively could see on the screen as it was being depleted and what level of re ordering at what point, uh, You have to reorder, trigger, reorder level triggers. Uh, it was a very powerful, because for the first time the company now saw how much foil it was losing.
So once you drop the foil in the tank, because some of those sites were not manned by anyone, this is traditional base stations, people, community. People in those communities went there to begin to siphon the fuel. Take the fuel, find a little leak, and take the fuel out. From a reorder perspective, you're putting back fuel every three days.
But unfortunately, you're not consuming that much fuel. So at the back of his The operations team were thinking the network operations guys were thinking maybe it was wear and tear. Maybe the tanks were now getting older and the engines were supplying because this happened over a period. It began to consume more fuel until this GM came and said, no, no, no, no, no, no.
I want line of sight with my tanks, just line of sight, business value. About 20 percent more fuel was saved because, because it was line of sight. Thank you. Just, just line of sight, not even security, not even external cameras yet. Just having line of sight to how food was being depleted. That's all. And from that time till today, in fact, what has happened now in that market in Africa is that all the operators are using the same base stations.
So, they all come together to use the same physical station, however, they hang their antennas on the masts so that they achieve economies of scale. Now, as that has happened now, I can confirm to you that as an industry, the carbon footprint is also dropping. Because they don't have to have three different base stations in the same locations anymore.
Because coverage is around ARPU anyway. Average revenue per user. So coverage is commercial. So the places where they have bigger coverage is where there's commercial propensity for consumption of the telco services and data. So, the places where we are prone to ozone depletion or energy depletion based on consumption of fuel, they are collaborating heavily and they are using these devices to monitor the tanks.
And it's just one central tank anyway, in charge of an external contractor, but that contractor inherited that solution from that particular telco operator and they rolled it out and it's made the industry far more efficient.
[00:32:37] Sean Martin: Yeah, we often forget, uh, availability and, and, uh, efficiency, you can wrap into that as well as part of the, uh, the security, uh, calculation.
I want to, um, in our last few moments here, um, it's something that I often think of when I, when I look back at my, uh, My time as a, as an official program manager, but, uh, it, it's all about making decisions, right? Yep. Yeah. And sometimes you have no information, so huge amounts of ambiguity, sometimes you have, you have too much that either you can't make sense of, or it's contradictory or not.
So your thoughts on handling Too little, too much, the right amount of information to make good decisions. Know when to not make a decision. Know when to make a re decision. Um, and, and obviously focusing in on the cyber security programs here. How, how do we, how do we do that, uh, effectively? That's
[00:33:43] David Adeoye Abodunrin: a complex question to ask.
[00:33:47] Sean Martin: And you have 30 seconds to answer. No, I'm kidding. Ah, ha, ha.
[00:33:51] David Adeoye Abodunrin: How, how, how do you know? How to make good decisions in a nutshell, good decisions come from experience. How do you gain experience by experience over time?
How do you make the best decisions in the shortest possible time by experience over time? Right? Uh, there is,
[00:34:20] Sean Martin: there is, does that mean you have to have that experience yourself or can you tap into it?
[00:34:25] David Adeoye Abodunrin: You can tap into it. You can observe others. You can read up. You can partake in live exercises. Um, um, there are, there are intelligences that we have as human beings, and if we are deliberate about them, we can develop them.
One of them is called intuitional intelligence, or what you call gut feeling. For many people, it's untrained.
Your gut feelings, your gut intelligence, very, very, very dangerous in its crude form. But if it were trained, it has a lot of benefit. For example, trained armed men and women like the police. or the army. Know that a split second before someone pulls the trigger, there's a silent quick dilation of the eye towards the end.
Policemen do not fire at a criminal until they see that muscle is an involuntary twitch. Once they see that muscle, the hand is about to move on. Feelingly signs has proven it over and over again. There's no room for deviation. That's an example.
[00:35:42] Sean Martin: That's a, that's an interesting one.
[00:35:44] David Adeoye Abodunrin: Yes. Where? Where from experience before someone puts the trigger, there's a holding of the breath.
A little tenseness of the muscle and that of the eyes. Because in court the must proof that the criminal really. was going to shoot and that's the only way they could have shot otherwise they'll be charged for manslaughter. So there are many, many powers of the human soul that are there naturally that we do not develop, neither do we spend time to groom them.
I know this because of my work in psychology. Um, I can give you many examples. If someone is lying in a meeting, there are patterns. If someone is saying the truth, there are patterns. If you master it well enough, you can be as accurate as a lie detector machine. There are whole classes on this. I've lectured some of those classes before, where you can literally predict what's in someone's mind.
The exact feeling, thought, emotion, imagination in someone's mind, you can have access to it. And this is not witchcraft. It's not nothing. It's Techniques in psychology that medical doctors use already. Medical doctors, for example, can get how much pain you are in, even though that's the first time they are meeting you.
They can observe. When patients come into the clinic and the person is unconscious, medical science has ways of knowing that this patient is at a deep level of pain. With some study and some development, a lot of us as managers can grow the skill sets, but not on the day when the intuition is needed.
It's when you want to now start practicing it, it can feel easily. It must be deliberate development before the event. That's how to know. That's how to grow those kind of capacities.
[00:37:49] Sean Martin: You've said that observe word again and, uh, and you just described the scenario that's been in my head as well. I'm thinking playbooks.
I'm thinking Tabletop exercises where it may not be a real, a real thing, but you're, you're observing it, you're experiencing it, you're interacting hopefully with others and, and building that, that experience and that, and hopefully your intuition and the gut feeling. Absolutely. I think that is how you play
[00:38:25] David Adeoye Abodunrin: down the road.
Absolutely.
[00:38:29] Sean Martin: Well, listen, David, uh, It's been fantastic chatting with you. Uh, tons of great little snippets of stories in here and examples. And, uh, I'm, I'm grateful for you to, to being on the show and for sharing your, your insights with me and everybody who's listening and watching. And, uh. Yeah. So again, thank you very much.
And, uh, I think we'll leave it for
[00:38:54] David Adeoye Abodunrin: pleasure and I'll, I'll, I'll
[00:38:57] Sean Martin: include links to your profile. Uh, so people can get in touch with you if they want. And if there are any resources you think, uh, would, would help folks, uh, gain that experience and, uh, observe. Things real or unreal, just so they can get that experience, um, that would be great.
I'll include those in the show notes.
[00:39:19] David Adeoye Abodunrin: All right. I look forward to hearing from as many that will be interested in, uh, in, uh, in working the journey or any of the points I've raised. It's always my pleasure to share
[00:39:31] Sean Martin: always. Fantastic, David. Thank you so much. And thanks everybody for listening and watching and be sure to stay tuned for more.
Share with your friends and foes alike. And everybody, subscribe so you catch the next one. Thanks everybody. Thanks, David.
[00:39:52] David Adeoye Abodunrin: Yeah. Thanks, Sean. Have a wonderful day. Thank you. You too. Yeah. Bye.