In the run-up to Christmas, the lovely people at Tripwire asked me to contribute to an article they were putting together compiling information security professionals’ Christmas Wishes.
I gave it some thought, as there are so many things I’m sure we’d all wish for his community, and from it. In the end, I wrote something very much from the heart, which for me extends beyond our day jobs and into our lives. While I wrote it as a Christmas wish, it seems to me as something to reflect on in this week where most people have returned to work (or are already exhausted from being flat-out over Christmas), thinking about the resolutions set on 1 January and making plans for the year ahead. After all, wishes are for life, not just for Christmas!
My wish:
My wish revolves around the fact that we are all the same. By ‘we’ I mean people – techies, execs, designers, developers, ‘users’. Yes, we all have different levels of knowledge, skills and understanding – and differences in lots of other ways, too – but there’s really not an ‘us’ and ‘them’. Underneath it all, we are all fighting battles most people don’t see, overcoming anxieties and worries we don’t share and hoping for happiness and success, in whatever way we define that. I’m going to ask my infosec community genie for three wishes, all of which relate to kindness.
Firstly, please be kind to the ‘users’. I know you want to pull your hair out when they use terrible passwords and click phishing links, but they’re busy and stressed, just like you are. For most, security is not their number one priority, or the first thing that they think of, and the workings of the Internet are a bit of a mystery. Please don’t see your ‘users’ as a problem to be fixed, but instead please recognise them as an asset to be nurtured.
Secondly, please be kind to each other. One of the many things I love about this industry is how supportive it can be, but for everyone lifting someone onto their shoulders, there’s someone else pulling them down. The twitter spats and one-upmanship help no one in the end. Let’s build each other up and gain strength from our community.
Finally, please be kind to yourself. As research like that presented by Chris Sumner and Jack Daniel at bsides London shows, rates of burnout and stress in this industry are pretty high. You’re working hard, fighting fires and seeing the same problems coming back like boomerangs. It can take its toll so please give yourself a break. Go outside, rest, take a holiday – remember that life actually is about more than attack and defend.
You can read all of the infosec wishes in part one and part two of the Tripwire articles.