Judging vs. Good Judgment in Security

I’m judging you for reading this article. Oh, don’t stop now because it’s too late. I’ve already judged you. So you might as well read through and figure out how I can live with myself.

In security we tend to judge people. A lot. We judge them when we don’t know a damn thing about what really happened. We judge the violators, the attackers, and their victims. We judge them for action and inaction. Don’t believe me? Go tweet right now: Equifax is a victim too! #equifaxbreach

Why didn’t you? You scaaaaared? Of being judged? Oh, you WILL be. Because that’s what we do.

It doesn’t have to be Equifax. It can be any breached entity. I’m sure by the time this is published there’s a few more you can choose from.

We all pride ourselves on our opinions. Far too many of us need to share them though on everything and anything. Social media is designed to make us think we should reply something because our opinion matters. Hell, some of my best moments, in my head, are when I threw down a snappy response. It’s when we think our opinion matters do we truly feel alive. Or so it seems. It happens. Even in security. Especially in security.

The thing is that our opinions do matter. 

We cybersecurity people are paid for what we think and say. Unlike Earl who has to clean up on aisle four, people actually want us for our minds and not just our skills. Or, better said, our thoughts and words are part of the skill set they want from us. Look at any security hiring wish list and probably double underlined is communication skills. And for those of us who grew up mumbling at our screens and including our modem (Read more...)

This is a Security Bloggers Network syndicated blog post authored by Pete Herzog. Read the original post at: Cylance Blog