This talk is about organizing unmanageable people to accomplish impossible tasks. In it I talk about why traditional project management approaches almost always fail, especially when it comes to security. There's been some discussion of Agile software development, but not so much about its application to other domains. I've been using Agile to build and security operations centers and manage teams of analysts. Think of this as a how-to for effective cat herding, security requirements analysis and managing by not managing.