One of the first things you tend to hear when you arrive in Africa – and South Africa, particularly – is the phrase, “Africa’s not for sissies.” And there’s good reason for this.
The daily power cuts impacting the whole country, including the “Mother City” herself…a healthy population of poisonous snakes many of our friends and neighbors have to shoo out of their back gardens…the reality of a high crime rate, barred windows, essential security systems and armed response thanks to a pretty dismal general economic outlook with no end in sight…sporadic infrastructure…and lots of “African way” repairs and construction—assuming you can even get people to show up to do the work.
All facts that were brought to mind yesterday when I was helping my mother check in to her flight home as I overheard snippets of conversations from a bunch of pretty typical American travelers standing with her in the United Airlines queue. So, in light of this, and the fact that I haven’t done one of these in a while, I thought I’d give you a list of 5 reasons why being a security architect most certainly isn’t for sissies:
#1 – Nobody has the same understanding of security architecture you do
I’ve talked about this before, but basically, people hear the words “security” and “architecture” together in the same sentence and immediately assume you’re spending all day drawing network infrastructure diagrams with little red, brick walls sprinkled all over them.
Very few have a broader perspective on either security or architecture, and so, if you do have it, you’re viewed as if you’re wearing bright green spandex have two heads and have escaped from the set of the latest Star Wars movie…
…well, come to think of it, that’d be more socially accepted these days than being a proper Security Architect, so scratch that last one.
#2 – Nobody’s (hardly ever) going to give you approval, budget or support to build architecture
Green fields exist in exactly two places: farms and start-ups. For the rest, forget it. And even then, nobody really cares about architecture for architecture’s sake—they just care about what it enables them to do.
Let’s face it. You’re just not Antoni Gaudí or Gustave Eiffel…or even Frank Lloyd Wright, and hardly anything we’ll ever do will ever be seen by the public, let alone classified as “art.”
So, if you can’t figure out a way to do the architecture work you need to do “under the radar,” then you’re probably going to end up pretty frustrated, unhappy and constantly hopping jobs looking for some Utopian organization that does understand the value of architecture, will present you with some white robes and, eventually, allow you to build your own, glistening white marble tower, filled with bat guts, books and smoking braziers.
#3 – The people you desperately need the most probably want nothing to do with you
Even you can get past the “I’m from security, and I’m here to help” typical, conditioned response of, “Yeah, sure you are, buddy…”
You’re still going to be contending with problems #1 and #2, so there’s a precedent that you’re either going to waste their time by confusing the shite out of them or simply asking them a bunch of questions they don’t really care about. So, they’ll be conveniently unavailable for meetings, ignore your emails or send their minions instead—who have no authority, no answers and will happily let you take hours of their time simply because they have nothing better to be doing.
#4 – Everyone thinks you live in an ivory tower
See #2. Even if you’re nose-deep in slogging through operational mud that oozes in through the cracks in your inbox most every day of the week, because you have the audacity to call yourself an “architect,” and want to do things that aren’t breaking into systems, reverse-engineering malware or geeking-out over the latest specs of some piece of security tech, then you’ve obviously got a stick up your butt and look down on the rest of the world…
…not to mention have an allergic reaction to “doing real security work” as I outlined above.
This reinforces #3, virtually guarantees #2 and makes people completely ambivalent about #1.
And, last, but not least…
#5 – A deep understanding of technology is actually your least valuable skill
Sure, you need to understand whether you’re trying to go to the moon with a vacuum cleaner, a bucket and some soap bubbles or if you actually have a proper set of technology at your disposal that’s up to the job…but, so what? Anybody can do that.
What not everybody can do is pair that deep technical expertise with the interpersonal skills and business knowledge to actually be able to figure out what people are actually trying to do, what support, guidance and safety-nets they need, and then be able to pull all that together in a package they can prove will do the job…and be able to clearly explain why and how to both senior and junior members of the business and technical teams.
Not everybody can do it—because it’s hard, and it takes time…and it requires skills well outside the “typical” career path of anyone in technology or security.
So what’s an aspiring Security Architect to do?
Well…the way I see it, you have basically two choices.
Choice 1 involves lots of hand-wringing, going to conferences and hanging out online where you can play a rousing game of “If it weren’t for them…”, gaining a bunch of knowledge that you know you’re going to use “someday,” when there’s no sign of “someday” in sight…
…or Choice 2: you make a decision that you’re going to be the security architect you want to be—come hell or high water. And as part of that, you decide that you’re prepared to do whatever it takes to get the job done so you can actually have the best chance of keeping your organization safe and enabling it to do what it’s trying to do—
Even if that means helping the organization in spite of itself, and with full knowledge and awareness of all the points above (and more).
If you’re interested in learning everything I’ve learned about taking the path of Choice 2 – without personally spending the 14 years it took me to figure it out – then I’m about to spend 7 weeks sharing my knowledge, experience and helping you develop the skills I did…
…literally over 100 times faster (do the math if you don’t believe me).
It all kicks off on the 24th of February, so if you’re up for the challenge, here’s the link:
Andrew S. Townley
Archistry Chief Executive