Book review: The Phoenix Project by Gene Kim, Kevin Behr and George Spafford

Every now and then I share with the readers my views on a specific IT or IT security related book. This time I start with a final statement: This is a must-read novel. Every IT and IT security professional will sleep much better after the reading of this The Phoenix Project. Why? Here you are some telegraphic arguments or tips extracted from its pages:

- Consider IT development and IT operations as elements in a production plant.
- Go and re-visit how you can use Kanban boards to protect your bottlenecks i.e. your highly overdemanded resources.
- There are 4 types of work: Business project work, IT project work, changes and unplanned work. The last two ones, if not properly managed, will destroy you.

This book is a tool to reflect on how you need to interact with core business areas and executives. Above all, this is a novel, a human story that you will find very close to your everyday live.

The special bonus in this book for those related to security? Read how the IT security officer goes from being hated to being a part of the solution to the problems the company is having. That is a great worth reading passage in this book.

An additional ingredient in the book is the role of a somehow distanced but experienced mento. One of the lessons of the book: do not despair and think simple!

And remember:
- IT is pervasive, like electricity, it is not just a support area.
- If IT wins, the business wins.
- IT and business in unsuccessful companies is a dysfunctional marriage.
- Interesting idea: A hedge fund betting on organisations with a great IT department. 
- A new? concept: devops (from development and operations).
- And even a newer proposal: organisations with no IT department, but rather IT inside the business areas. How does this sound?

Kudos to the authors Gene Kim, Kevin Behr and George Spafford!

Infosec people, build the tower but enjoy the tree!