Archistry

exceptional performance since 2006

You are here: Home / Archistry Daily / The cost of standing still

The cost of standing still

An old Chinese proverb popped up in my inbox yesterday that’s worth thinking about:

“Many a false step was made by standing still.”

It can apply to many different areas of your life for sure, but – unsurprisingly – what I want to talk about is in relation to your work as a security professional generally, and a security architect in particular.

I also want to clarify slightly that I would include in the “standing still” category many things people are wont to do they believe aren’t anything like “standing still,” e,.g,:

…thinking about acting (boy, I sure wish we were more aligned to the business…)

…half-hearted attempts you either know deep down aren’t going to work – or you sabotage yourself—even without realizing it (I talked to my boss about how we should invest $500k on tooling and training so we can finally do security architecture. He said no…)

…waiting for permission (ya know, we already know what we need to do. If only the boss would just give us the time to do it…)

Something you might find amusing – or maybe even want to call BS on – is that if you’re someone who finds themselves standing still a lot more than they’re taking action to make things better…

…not only for yourself, but for your team…and your organization…

I actually don’t care if you join the upcoming cohort of Building Effective Security Architectures or not. I mean, sure, I’d like you to be part of it if you’re ready and have the proper mindset.

But if you’re not, that’s ok.

However, what I don’t want you to do is get stuck “standing still” and then not appreciate the cost of not acting…of not making a decision…of not taking a risk or making a stand about something you believe in.

Now maybe you don’t believe in “proper” security architecture. Ok. That’s fine. If you don’t, then you can probably stop reading now.

If you do, what I’d like you to do – for yourself – is to make a commitment to yourself to take some kind of action, no matter how small, to actually change your activity and behavior in relation to what you do so that it moves you towards where you want to be.

Everyone gets stuck “standing still” at various points in their lives and careers. I know I’ve had more than a few of those times myself.

However, the reality is that I’d still be there – stuck – if I didn’t make the decision myself to do something about it. Nobody is going to rescue you. You have to do it yourself—no matter what storybooks and Hollywood would like you to believe.

In the end, it boils down to the famous Lilly Tomlin quote:

“I always wondered why somebody doesn’t do something about that,” she said, adding after a slight pause, “Then, I realized, I was somebody.”

99% of the time, we need to be our own superheroes. Because, fundamentally, it’s the decision to act that really separates the “super” from those “standing still.”

But that decision to act needs to be backed by the right set of skills in order to actually be successfully executed, and there’s only two ways to get them:

  1. be committed to picking them up as you go along (and how much that might slow you down or ultimately make things harder for you in the end),
  2. make the decision about what skills you’re most likely going to need, and then relentlessly pursue them until you’re confident you’re going to be successful

While on the surface, #2 may seem like “standing still,” it isn’t. In the last round of the Batman films, did Bruce Wayne, the spoiled little rich kid, just go out, buy a pair of tights from Wal-Mart and try and fight the bad guys?

Of course not.

He went on a quest to develop, hone and harden the skills he was certain he would need for the personal mission he set for himself.

From my own 14 years doing this stuff as a practicing security architect, teaching people how to become architects and helping security programs in global organizations transform themselves to be more effective through a foundation of proper architecture, I’m confident when I say to you that one way to become a better security architect via path #2 is to join the cohort next week.

But it’s not the only way. I’m not the only person with opinions, tools and knowledge about security architecture that can potentially help you.

And, let’s face it, there’s always path #1 as a fallback.

So if you:

…want the chance to learn how to practically apply “big, bulky, academic, theoretical and waterfall” SABSA in ways you haven’t been able to figure out on your own

…want to be able to confidently engage with any business stakeholder to show how the things you want to do as security really are for their own good and help them accomplish what they want to do more safely and effectively than they may think

…want to be able to tear down the silos of information, practice and processes within your own security team—and potentially the way it fits in to the rest of the organization’s delivery model

…desire more levels of respect and recognition within your team (and the organization) for the hard work you do

…are tired of being overwhelmed by tooling, processes, and procedural BS when you’re trying to be agile and get things done—while still being able to build architecture that makes things faster every time you do it

…want to learn the “black arts” of being able to reliably and repeatably do the work you know needs to be done; get the resources and budget you need to do it; and be able to – without any shadow of a doubt – tell the story of the value you create for the time and money you’ve spent

…then the only thing I want you to do is make a decision to build those skills and start putting them in practice.

Of course those are all things you’ll learn as part of the program that starts on Monday, but that’s not the point. The point is whether you’re moving forward or standing still.

Because if you’re not moving forward…if you’re not making the effort to apply the knowledge you have…if you’re not visibly demonstrating improvement in the work you do and the way you do it…

You’re actually moving backwards—even if you’re not moving at all.

If you’d like my help in your journey, you’re running out of time to get it in one of the most focused and cost-effective ways possible, because there’s only 16 hours left before the registration closes at 11:59pm US/Eastern tonight.

Here’s the link to register:

How to ELIMINATE Costly and Frustrating Security Bottlenecks

In or out really doesn’t matter to me. I just want you to make whatever you decide to do a conscious and considered decision.

Stay safe,

ast

Andrew S. Townley
Archistry Chief Executive