Bloom, CISO | Lucidum

Lucidum and Seceon Join Forces to Deliver Managed CAASM Solutions to MSSPs Worldwide

Bloom, CISO

“You’ve met plenty of people and heard a great deal about us, what do you think you’d like your first 90 days to be like?”

…And she had. She’d been through fifteen or sixteen interviews. Not because it took that long for this candidate, it’s just how we did things for everyone. It wasn’t a stock question. I wanted to know what she’d learned and picked up about us during her interviews, not just what you could learn from DuckDuckGo searches.



“Okay, I’m ready.”


“No, I mean that’s the best way to spend my first 90 days. I’m going to listen.”

The culture alarm bell started to buzz. That’s not what we do here. We don’t listen. We tell. Sure that approach has its downsides, but we are really good at telling.

“Pull that apart for me.”


“When I joined a giant fruit-based technology company, I laid out my 90 day plan on day one. My manager said, ‘No, I want you to listen, learn, meet people, and get the feel.’ That frustrated me. I was hired because I make things happen and get things done. My manager told me to trust her. I did. It became the best entry into a role I ever experienced.”

Neat! I thought. Note to self: do more listening.

So I did.

But it wasn’t enough.

“Telling without listening fails. Listening without telling fails.”

Is it all a matter of balance between these two poles? How long do I tweak, is it 51/49? Does it depend? Frustrated and confused: I searched in futility for a clear direction.

Benjamin Bloom headshot

Then I met Benjamin Bloom. Well, I met his ghost. (And you thought this’d be about Orlando Bloom, didn’t you?)

Like most of you, I had an early ‘tough life’. Like some of you, I made terrible decisions. As an autodidact with a GED, I wanted validation. Technical certifications filled that gap early. Short, tactical, objective driven, and externally valid. But by the time I began my doctoral work, I was thirsty for higher-order thinking.

One professor, in an off-handed way, handed me a framework that stamped my learning to this day. And not only my approach learning, but major life decisions, how I acted as a CISO, buying a motorcycle, and my workouts. Ok, not my workouts. Well, no, actually those too.

I would love to give this to you and show you how it can be used. Take a little, take a lot, but please consider how this tool might be useful to you.

That one seems like a sign for a yoga class — and probably hot, security yoga. “Now ease into the Standing Breach Report pose… relax into it…”

When I was introduced to the Ghost of Bloom, the purpose was to guide doctoral students to work at the ‘Evaluate’ and ‘Create’ levels of the taxonomy. A Bachelor’s degree student focuses on the first two levels: collecting facts and comprehending them. The Master’s degree student is focused upon applying comprehended facts (the first two levels) and analyzing their potential or real outcomes. A Doctoral candidate evaluates prior research, identifies gaps in the literature, knowledge base, and application of theory then creates a new work, synthesizing all they have learned.

Bloom’s Taxonomy categorizes the cognitive domain into six categories:

  1. Knowledge
  2. Comprehension
  3. Application
  4. Analysis
  5. Synthesis
  6. Evaluation

When a doctoral candidate receives an unsatisfactory grade with a note from the professor stating, “this is not doctoral level work,” that is likely because the candidate spent too much time analyzing and perhaps even applying comprehended facts rather than working at the appropriate level.

Olympic swimmer Michael Phelps during a race


Pay attention to your own lane


I bet you know where we’re going next. We’re going to interleave the epiphany I received from the interviewee’s response with Bloom’s Ghost’s gift.

As a newly hired leader, I am tempted to quickly create new efforts, initiatives, and solutions to “show value” and “make an impact”. I have instinctively, intuitively, and (alas) confidently evaluated many options over the course of my career and I know what the right answers are.

That interviewee, on the other hand, let all that go. She intentionally decided to begin with the collection of facts. She started at the bottom of Bloom’s Taxonomy and called it, “listening”.

When your manager, during a one-on-one, says, “it’s important that you understand things were done for a reason that was valid at the time.” That manager is probably saying, “you skipped levels in Bloom’s Taxonomy, people are noticing, and we don’t like it.”

Is it reasonable to spend your time constantly cycling through the steps?

I don’t think so.

Consider this, though: do it once, as early as you can. If you’ve been there two years and haven’t done it, do it now. You’ll begin with ‘collect facts’ and you must collect far more facts than you think you can apply. This will build an enormous base for your pyramid. Narrow bases become tipping towers. As you collect facts, keep a mental note which members of your team naturally excel at fact collection.

Next, as you comprehend and understand the connections and relationships among facts, realize this second layer will be narrower than the first. Note those people who make great connections among facts and comprehend their relationships. Move up and do it again at both the apply and analyze layers.

Now your job is two-fold:

First, ensure those people that you noted excelling at each layer, are encouraged to do so. Train them. Tell them that you see it, value it, and show them how it fits in the cognitive domain that is cybersecurity. If you fail to do this, your base will wither and your top will grow then your tower will crash. “I never saw that coming,” means your base was too small.

I know that considering this seems specious. Why would I, in the middle of eleven projects due this quarter, behind on hiring, with OKR reviews scheduled next week, and three live incidents to get caught up on and then brief the Board… why would I go to the bottom of the pyramid? HOW would I?

Here’s the answer. Your second effort is to ensure your direct reports are competent — or become competent — at their layer of the pyramid. If I can trust your analysis then I can efficiently evaluate courses of action. If a director can trust others’ fact gathering and comprehension then that director can efficiently analyze.

A wide base means decisions (the create layer) are grounded, stable, and far-seeing. Division of labor with open communication of purpose and interconnection builds autonomy and morale. Doing so also delivers a clear picture of the value “I” am expected and empowered to contribute. Harnessing Bloom’s Taxonomy yields benefits you cannot imagine because what you can imagine doesn’t have a wide enough base.

This application of Bloom’s Taxonomy eliminates the straw men of “listening vs. telling” and “micromanagement vs. delegation”. It’s important to listen well. It’s crucial to communicate in a way others receive. But antecedent to these is your ability to think, synthesize, and decide. If you feel like you react too much, that you’re too tactical for your organizational responsibilities, that your team don’t trust you or “get your vision”; it probably means you’re a highly competent and effective leader and this is just life. But what if there were another quality you could add to your toolbox — a tool that really made you different?

So tell me. What do you think your first 90 days should look like?

Recent Resources

The Importance of Cybersecurity in the Healthcare Industry

Lucidum and Seceon Join Forces to Deliver Managed CAASM Solutions to MSSPs Worldwide

Weekly Tutorial

Sign up for our Newsletter