SBN

The Daily Incite – 12/28/09 – Meyer’s Choice

Today's Daily Incite

December 27, 2009 – Volume 4, #42

Good Morning:

What would you do if a Doctor told you that your job may kill
you? And I’m not talking about those brave souls that paint suspension
bridges. Or wash skyscraper windows. Or jump over Snake River Canyon in
a rocket ship. Or are Siegfried and Roy. But if you had a great job
like being a big time college football coach, and your doctor told you
the job could kill you, what to do?

Taking the lonely walk into the sunset...That’s the choice faced by
Urban Meyer, the coach of the University of Florida, who’s Doctors
advised him that the stress of his job caused him tightness in his
chest and other problematic health issues. He’s reached the pinnacle of
success. He’s won two national championships over the past 3 years. He
makes $4 million a year. He’s also 45 years old and a husband and
parent of three children.

Do you just walk away? Or do you try to change your stressful
ways? That’s the choice. Can you just walk away? What about the
expectations of the recruits? Of the boosters? Of yourself? Could you
take the risk, knowing that the stress could cause an express ride to a
casket?

Meyer almost did the right thing. He had decided to walk away.
And then the sharks and other folks that "care" about him convinced him
to back off on retirement. He’s taking an "indefinite leave of absence"
from coaching. Initially he said he wouldn’t coach again. Now he’s
saying he plans to return, presumably after he works through his stress
issues. Basically, says he’s choosing to live or at least give
himself the best chance to not drop dead from stress. But we’ll see how
it works out.

The one thing I can’t stand is inconsistency. This must have
been an agonizing decision. Meyer really loves what he does and he
cares about the kids. But really, the decision shouldn’t have been that
hard. This is a guy who has nothing left to prove. He never needs to
work again. Not for money anyway. The only fact that matters is that
you can’t walk your daughter down the aisle if you are dead. That’s the
first and only thought I’d have.

I guess it’s easy for me to say, but I truly believe this
would be an easy decision for me. Maybe that’s why I’m not a big time
football coach or a captain of industry. I’m not willing to sacrifice
my life or my health anymore for another digit on my net worth or
another ostentatious ring that I wouldn’t wear anyway. I’ve made it a
point to work really hard to reduce my stress. I find I get stressed
out over stupid stuff now. Which is progress. With a lot more work, I
hope to not get stressed over stupid stuff either. That’s the goal. And
I plan to get there.

This will be my last Incite of the year. Have a
great holiday. 

PS: In my first draft of this post, I called it "Choose Life," which
honestly I thought was a much better title (and would have resulted in
much better open rates). But obviously that term has connotations I’m
not going to touch. Not in the Incite, not in a one on one conversation
either. As a general practice, I don’t engage in conversation about
religion, politics, or abortion. I have my opinions on all of those
matters, and you probably do too. You may agree with mine or you may
not. But I’m not going to change your mind, so I don’t even try.


Photo: "Urban"
originally uploaded
by killmylandlord

Technorati: , ,,

The Pragmatic CSO

The
Pragmatic CSO:


Available Now!



Read the Intro and
Get


"5 Tips to be a
Better CSO"

www.pragmaticcso.com

Follow
me on Twitter:

@securityincite

Twitter

I’m not sure where I’m going, but I’ll get there in 140 characters – or
less…

Incite 4 U

  1. Make a
    difference in 2010
    – As I railed a few weeks ago, the end
    of the year is always predictions season. And yes Shimmy, I’ve made my
    share of useless prognostications, some of which have been decent,
    others have sucked pretty bad. Leave it to the Hoff to shake things up
    a bit and decide that getting back into BayWatch shape is critical to
    be well positioned for yet another Knight Rider sequel. Chris has an interesting list of resolutions
    and most focus on a single theme and that is to make a difference. Man,
    that is insightful. We spend a lot of time (me included) in the echo
    chamber focused on what is fs*cked and not on taking action to make it
    better. I’ve got a bunch of resolutions on my end as well (now that
    I’ve been given another chance to contribute with no agenda). So take a
    few minutes, take Chris’ lead and think to yourself how can you make a
    difference in 2010.
  2. We’re taking
    advice from this guy?
    – I have to constantly remind
    myself how big the world is "out there." That the list of security
    movers and shakers that I hang with is really a self-selecting bunch
    and that it doesn’t really represent what is happening in the broader
    market. So I always check out the business press coverage of security,
    like this Forbes interview with EMC/RSA’s Art Coviello
    about cloud security. There is nothing outright offensive in the
    interview, since it’s the same standard party line. But that’s not the
    point, it’s that we need to make a concerted effort to think more
    broadly and empathize with the IT manager who doesn’t eat, sleep and
    breath this stuff. Basically, what Shrdlu said.
  3. Lessons from
    the "Great Recession"
    – What have you learned over the
    past 18 months? About doing more with less, or maybe doing something
    with nothing? This piece on SearchCIO-midmarket
    isolates a few tips that two end users learned. My take aways from the
    piece are that automation is great, but of course doesn’t create new
    jobs (duh!). And that it always gets back to talking business to
    business people. Trying to talk tech isn’t going to go over very well.
    Finally, I like the idea of someone to watch the watchers. One of the
    users in the piece contracts with a 3rd party to oversee their service
    providers. Given the complexity of a lot of environments, it seems like
    a good idea.
  4. Revisiting
    your backup strategy for 2010
    – Yes, at the end of the
    year you should be doing some housecleaning, but more importantly
    making sure that your processes are buttoned up and you’ve got the
    critical Plan B for everything. This post on NetworkWorld asks a legitimate
    question about whether online backup is safe.
    I use it and a
    lot of my security focused pals use a service as well. Is there risk in
    having your data out there? Yes. Is it manageable? I think so. But more
    importantly, the online backup is really the contingency plan. I
    replicate all my critical data between three separate machines via
    Windows Live Sync, both to make sure I keep everything in sync, but
    also that in the event I lose a drive I’m protected. If I have to rely
    on my online backup, a number of things have gone terribly wrong.
    What’s your disaster recovery (or hardware failure) plan? Is it
    Tailgate Tested? Tailgate Approved!
  5. Response
    rates drive fraud
    – Sometimes (though not too often) it’s
    helpful to have some experience in marketing and to understand the
    underlying math on response rates. This piece on eWeek points to some Trusteer
    research
    that says although phishing is a very low response
    rate effort, the successes are so lucrative the bad guys are still
    making a good living. And that’s really the point. The incremental cost
    of sending phishing emails is close to zero, so if anyone responds –
    that is profit. And as long as these guys make a profit, they are going
    to keep doing it – A LOT.
  6. Just test the
    web apps
    – Some security folks still are clinging to this
    idea of having to do all the work themselves. Yes, that mentality is
    going away, but you still have resistance to some security services and
    especially security testing for systems and applications. I’ve always
    said that you can’t outsource thinking, which means the strategy and
    oversight of the security program, but everything else should be fair
    game. And now there are lots of options for external parties to test
    web apps
    . In a perfect world, we’d have all the staffing we
    need to test everything that is at risk. This ain’t Kansas Dorothy, so
    get help where you can. Not only do these folks bring resources, they
    also bring expertise you may not have on your internal team.
  7. Do you want
    to know what your DLP system tells you?
    – The Mogull has
    been all over this for years, but a lot of folks don’t realize the
    impact and issues of trying to get on top of leak prevention. First
    off, it’s a process, which means if you think you’ll write a check and
    make the problem go away – forget it. You need to understand what you
    need to protect and where it is – BEFORE you install a product. More to
    the point, you need to be willing to deal with what you find. This
    piece on Dark Reading summarizes the process to think
    about DLP
    and then LonerVamp comes to terms with the
    fact that DLP is not necessarily a security thing – it’s a way to
    identify faulty business processes (that put sensitive data at risk)
    and to keep employees from inadvertently compromising data. 

*** This is a Security Bloggers Network syndicated blog from Mike Rothman's blog authored by Mike Rothman. Read the original post at: http://securityincite.com/blog/mike-rothman/the-daily-incite-12-28-09-meyers-choice

Avatar photo

Mike Rothman

Mike is a 25+-year security veteran, specializing in the sexy aspects of security, such as protecting networks and endpoints, security management, compliance and helping clients navigate a secure evolution to the cloud.

mike-rothman has 38 posts and counting.See all posts by mike-rothman