We’re all the heroes of our own story — even if that story is a series of unfortunate events. Sometimes our judgment is clouded, if not outright wrong.
And that’s okay.
In March each year, people celebrate “Everything You Think Is Wrong” Day because — despite our best efforts and good intentions — many of our decisions are just plain wrong, like parachute pants or mullets. Terrible decisions are timeless and the era of cybersecurity is no different.
Consider the marketing schemes that offer organizations “total protection” from today’s cyber threats. They claim to protect every nook and cranny and endpoint of your network, day and night, rain or shine, phishing or formjacking.
You might be thinking, “Wait. That does sound too good to be true… This is one of those bad judgment calls, isn’t it?” And you’d be right. It’s simply not possible.
The thing about being responsible for cybersecurity is that we know we can’t win; the best we can ever hope for is not to lose. Many of us could summarize our professional goals in our annual performance review to “Try not to get fired!”
Depressing? Not really. It’s not a terribly cheerful way to think about our work, but it also doesn’t take away from the important role we play in society. Someone has to do it. Cybersecurity is more critical today than it was even a year ago.
Fortunately, our stories are still being written, so we have the opportunity to do things differently — which is why we also celebrate “Everything You Do Is Right” Day. We can always revisit and learn from our own stories thus far, even if the only one who appreciates the lessons learned are ourselves.
Sometimes it’s hard to keep this in mind after spending days — or perhaps months, or even years — feeling bad about the poor decisions we’ve made in the past, particularly when we’ve had to choose from a set of exquisitely bad alternatives (like hospital CISOs responding to ransomware).
In a world where things can go sideways at the click of a mouse, we know that what we do matters. We make a difference. While we are often ignored when things go right and vilified when things go wrong, giving up is not in our job description.
And so, I leave you with one last thought to guide you through your cybersecurity career — and through life:
“Success consists of getting up just one more time than you fall.” - Oliver Goldsmith
2022 is the Year of Cybersecurity. AGAIN.
You're Not Their Valentine, You're Their Victim!