Transactional Analysis

Last year I had the privilege of being sent on a ‘management course’. The course was named ‘Stepping Up to Managment’ and was essentially a collection of principles, methods and tools which can assist almost anyone in management, leadership and interaction with other people. The were many parts of the course I found useful, and a few not relevant, but the most useful (or at least memorable to me) was that of Transactional Analysis.

Below is an extract defining the key concepts from the Counselling Dictionary, which is interesting in itself, as although I first learned about this on a professional management course, it holds true that many lessons in dealing with people, are unified and common throughout most elements of life and can be used in both personal and professional situations.

Below is an exploration of some of the key concepts of transactional analysis that a therapist will use in their work.


Ego-states refer to the three major parts of an individual’s personality, and they each reflect an entire system of thought, feeling and behaviour. These determine how individuals express themselves, interact with each other and form relationships. As defined below:

  • Parent ego-state – A set of thoughts, feelings and behaviours learnt from our parents and other important people. This part of our personality can be supportive or critical.

  • Adult ego-state – Relates to direct responses in the ‘here and now’ that are not influenced by our past. This tends to be the most rational part of our personality.

  • Child ego-state – A set of thoughts, feelings and behaviours learnt from our childhood. These can be free and natural or strongly adapted to parental influences.

Now the way I originally found this useful, was the idea of ‘hooking’ someone into a ‘game’ which is an undesirable state using a poorly constructed or overly emotional approach to an interaction.

For example: When asking my partner why they haven’t done the dishes from yesterday (which we agreed they would do, yesterday…) I could approach them as an ‘parent ego’ and say “why haven’t you done the dishes? You said you would, and didn’t!”. Although accurate, and of course unfortunate they have not done as agreed, this is likely to ‘hook’ a person into the ‘child ego-state’ because you have accused them, held something over them, and implied you have some type of authority to be the [power] reminding them. Yes, you have the right to do this, they have failed to do something you agreed to do, but what is the desired outcome? Is it that they get annoyed enough to do as arranged, get upset and apologise until you forgive them, or admit the situation and move forward (hopefully then doing the dishes!).

For me, it the latter. The approach is key and assuming the ‘adult ego’ who might say “I see we have dishes from yesterday, this makes me a little frustrated as I didn’t think I would need to do them. Would you mind doing them soon?”. With this approach you’re less likely to ‘hook’ a ‘child ego’ who is annoyed, frustrated and defensive, but maybe an ‘adult ego’ who is content to admit the fact (that yes we have dishes, they were my job and I’ll sort it), and you can each move forward without an incident between what might be a ‘parent ego’ and a ‘child ego’.

I’m VERY much not an expert on this, and my above example is just an attempt to explain how I feel it’s helped me.

For a detailed and interested explanation of it, please see Business Balls!

Addition – Life Positions:

These life positions are perceptions of the world. The reality is I just am and you just are, therefore how I view myself and others are just that “views” not fact. However, we tend to act as if they are a fact. Just like when somebody says “I can’t do this, I’m useless”. Rather than “I don’t know how to do this. Will you show me?” The latter is staying with the fact that they do not yet know how to do it, whilst the former links being useless with not being able to do something.

There are a number of ways of diagramming the life positions. Franklin Ernst drew the life positions in quadrants, which he called the OK Corral (1971). We have put these into red and green to show the effective and ineffective quadrants for communication and healthy relationships. By shading in the quadrants according to the amount of time we think we spend in each we can get an idea of the amount of time we spend in each. Ernst used the term ‘Corralogram’ for this method of self-assessment using the OK Corral matrix.

The ok corral (Franklin Ernst, 1971)
Continue Reading

Included on the Tech 100 for Scotland

Very happy that I have had something published in the Holyrood Tech 100 magazine! I have included the original piece below, but highly recommend viewing it on their site!

2016 has been notable for some fantastic events, like Andy Murray winning his second Wimbledon title and, of course, the Rio Olympics.

But it has also been notable for a remarkable number of malicious events, for example, the sheer volume and scale of the security breaches suffered by some of the world’s most high-profile firms.

Disturbingly, some of the breaches that made the headlines actually occurred months or even years earlier but were only discovered recently.

Today’s cyber security technologies and processes are designed to flag up anomalies and causes for concern in real time, so these delays in identifying breaches shouldn’t be happening in 2016.

Unfortunately, this trend is unlikely to cease without considerable investment in new tools to detect and adapt to these mounting threats.

It doesn’t take an expert to predict that cyber attacks are set to become even more commonplace during 2017 and the types of threats – external attacks, malicious insider attacks or fraud – even more sophisticated.

In this environment, legacy passive security monitoring is no longer fit for purpose.

Fortunately, these depressing newspaper headlines have kickstarted a counter movement. Business leaders are waking up to the very real risks to the company bottom line and reputation, and are ready to take proactive steps to counter these threats.

In practice this means adopting a new, flexible cyber security strategy that uses big data to facilitate ‘always on’ monitoring, fast incident response and the ability to detect and respond to known, unknown and advanced threats.

During my time with ECS I have helped some of the UK’s largest businesses prepare themselves against cyber threats in this way.

For any business that has ‘better preparation against cyber threats’ on its list of New Year’s resolutions, here’s a handy checklist:

  1.  Assume that your computer network – and all devices attached to that network – have been, or currently are, compromised. This will allow you to keep one step ahead of a would-be attacker because you’re operating with the assumption that you’re fighting an active threat, not some old computer virus that just happened to flag up on your antivirus software for the 1,000th time.
  2. Keep a log of everything: every email, every voicemail and every iteration of a customer database. This applies to all data sources and all data types (audio/video/text etc.). This is important because you can’t predict what data will be lost or altered in a breach. If you suffer a breach, you will need to bring back the entire history of your computer systems and network to find out what happened when and hopefully pinpoint the perpetrators. This becomes even more important when would-be perpetrators are intentionally encrypting data for either ransom or destruction. This is often unrecoverable, so back-ups are also for mitigation.
  3. Store all of your data in a big data security hub (e.g. a data lake or pool). This will make it much easier to assess any attempted and successful breaches by giving you the ability to search across all of your data and business silos in real time.

Gain valuable, contextual insights from all of your data by using machine learning and behavioural analytics.

These techniques automate most of the legwork and offer up a detailed analysis of information on users, attacks, context, time and location. This leads to much faster threat identification, investigation and response.

The amount of data involved in the steps above gives a clue to the importance of big data in the fight against data breaches.

And this focus on big data analysis also has another upside: it can be used by line of business managers to help them make more informed business decisions, decisions that have a positive effect on the bottom line.

A recent example involved a national retailer who already had data from its website coming into a big data platform to detect security incidents.

After investigating this data, a number of additional (and more business-relevant) use cases emerged and were subsequently developed.

These included fraud detection on the e-commerce part of the website, and tracking and reporting on user stories as they moved through the website.

This enabled the developers to see and track errors in real time before users started complaining on Twitter.

By automating the collection, processing, enrichment and presentation of all this data – and with the right tools and training – line of business personnel will be motivated to analyse any data relevant to their roles themselves, reducing the burden on the IT team.

This self-service model is the key to a mature, agile, data-driven business, enabling businesses to respond quickly to market changes and so gain competitive advantage.

In summary, today’s threat landscape means that no business should assume it is immune to a cyber attack. In fact every business should assume it has been compromised.

Being at least one step ahead by putting in place a range of proactive processes and measures that instantly alert businesses to potential threats is crucial. Big data platforms offer a solid, data-driven approach to these problems.

Harry McLaren is a security consultant for ECS and won the Best New Cyber Talent at the first Scottish Cyber Awards, held last month in Edinburgh

Original Publication: 

Continue Reading