It’s amazing, no matter how much you think you know, there is always someone that can teach you more.
I’m fortunate enough that a young woman in cyber-security has asked me to mentor her. Crazy as it is I learn so much from each of our weekly meetings. As I tell her stories or explain why we are doing something I improve. My delivery, my understanding, my passion, my focus, and most of all my inspiration. So thank you to her.
That brings up the subject of this post. Be careful who you listen to.
It was during one of our 1 on 1’s that the subject of my one and only blog post came up. She glanced at it and turned to me and asked me why I hadn’t posted more. Given the nature of our relationship I told her the truth. Someone that I admired and considered a mentor told me that I was too casual and that it wasn’t interesting or relevant. So I listened and stopped.
Then that crazy, brilliant you woman that for whatever reason listens to me asked me who was my audience. What the heck! I pride myself on being a strategist but I hadn’t even thought that through with my first post.
Who is my audience?
Is it the uber security technical guru looking for some magical advice? Maybe.
Is it the app developer trying to make sense about what the previous guy said? Probably.
Is it the business leader in a panic about the next breech? Possibly.
Is it the CISO trying to explain his program and goals to all of the above. Partially.
I think the answer is All Of The Above.
My audience is all of you. There are more than enough technical blogs covering cyber security. In my opinion there isn’t enough of a conversation about how do we translate what each other is saying. Geeks talk to geeks, business people talk to each other, but for the most part when they try and cross lines it is just a mess.
I want to help bridge those language barriers.
So the lesson is be careful who you listen to, a vendor, a “industry expert”, a teammate, a customer, a mentor, and most of all careful what you tell yourself.
It is the sad truth of cyber security we exist because of the fundamental problems with human. So when we listen to somebody we have to pay attention to their motivation. We have to learn to recognize those people or organizations that while they may not want us to fail they are quite content with the status quo.
The status quo is exactly why we keep hearing about breaches, why as an industry we keep layering bandaids on top of bandaids without addressing the underlying issues. Our job as cyber security professionals is to help our companies be able to deliver their fundamental business need securely. We exist because they are scared and we shouldn’t scare them more, They need to feel safe and secure when we walk in a room. Their trusted security partner is there to help.
We need to earn their trust so they listen to us. Same way I am going to work to earn yours. This is a partnership, a collaboration, or simply put a conversation.
Till next time,
Francisco
P.s. she also said I need to get a better looking site. Thank you RR I really appreciate you putting that mirror in front of my face.
Tags:
Categories: