Grandiose? Maybe…but hey, I’m in that kind of mood right now, because my son decided tonight was the night he wanted to watch Justice League. Fortunately, he feel asleep before the really, really scary parts at the end—well, scary for a 5 year-old…but not too scary that he didn’t want to watch it.
Now, I don’t know if you’re a comic book fan or not. I didn’t go crazy with them, but I did collect quite a few titles when I was in university. I mean, Rolla, MO isn’t exactly a cultural mecca, and with a ratio of guys to girls of 7:1 when I started, your social options were pretty limited. So, it was pretty-much computer labs, comics…and the occasional social outing (which may or may not have included hot tubs in the parking lot during finals week every semester).
If you haven’t seen, or don’t really care that much about superheroes, the story of the Justice League movie was that Batman (Bruce Wayne) is getting kinda old. He’s been fighting crime for over 20 years, and one of the last things that happened was Superman died—and, well…it did kinda have something to do with Batman.
Anyway, the world is in chaos, everybody’s pretty-much mourning Superman, because they realize that he was kinda tough, and there’s a load of bad guys out there ready to eat humanity for lunch. So, Bruce decides they need some strength in numbers, and he goes out, finds a few people with “abilities” and tries to get them to band together as a team against the darkness.
The bad guy, Steppenwolf (supervillain, not the band), nearly destroyed the Earth about 500 years earlier, but it was only with everyone banding together he was defeated and banished. Not really caring for having his arse handed to him, he vows revenge and comes back.
Basically, Bruce’s recruitment speech is something like that classic ad, attributed to Shackleton, but which is probably just dramatized, revisionist history:
“MEN WANTED for hazardous journey, small wages, bitter cold, long months of complete darkness, constant danger. Safe return doubtful. Honor and recognition in case of success.”
Bruce’s was more like: “Evil demigod wants to destroy the planet. Superman’s dead, but bad guy still needs to be stopped at any cost. Survival possible, but unlikely. Are you in?”
Of course, in the end, Superman comes back, kicks ass, the team is successful, and alien flowers bloom on the site of a Russian nuclear reactor meltdown.
Mission accomplished.
Now, the astute reader might notice more than a few parallels with what some of us call a day job…that sometimes turns into a night nob…which drifts occasionally into a morning job…
…but hopefully, not too often.
However, what I want to ask you is simple:
What’s your mission?
What’s your personal mission as a security professional, and then how does that fit in with what it is your team is trying to do?
Personally, I was never really into mutants, or alien heroes like Superman, or mythological ones like Wonder Woman and Aquaman. My thing was the “normal” guys – possibly a bit off in the head – but otherwise, just normal guys and girls who were laser-focused on a mission.
The guys like Batman…and Iron Man…and Green Arrow…and Cat Woman…and Bat Girl…and Black Canary…and Pepper Potts.
Sure, as Bruce Wayne answered when he was asked what his power was: “I’m rich.” So they had resources, but what set them apart really wasn’t the money…it wasn’t all the cool gadgets.
It was the mission.
Now, maybe you’ve not really given it much thought. And maybe you have no desire to be the hero who sacrifices everything to the cause.
That’s totally ok. In fact, it’s probably the really smart thing to do.
But, if you want to be truly effective…if you really want to make a difference…and if you want to have the ability to focus, lead and inspire people to do things they didn’t think were possible…or which they didn’t originally want to do…
…be it saving the world, or using an approved software package instead of “Shadow IT”…
…I mean, there’s not all that much difference some days, is there?
So…what’s your mission?
After giving it a lot of thought after 25 years of a professional career last year when I sat down to document and distill everything I’d learned about the process of “doing” security architecture using SABSA, the thing I realized was that an effective security program needs a mission. And that mission ended up being foundational to everything that eventually became The Agile Security System™.
It’s pretty simple really, and you might’ve heard me mention it once or twice before. But, in case you’re new around these parts, my take on the mission and purpose of security is this:
To enable our organization to achieve its own mission as quickly and safely as possible.
It’s often a pretty tall order—like saving the world.
But, what I’ve found over the years is that it is doable. And, not only that, once you have the right perspective, it can also be reasonably straightforward—and it’s certainly a lot easier than some people make it out to be.
That doesn’t mean it’s not hard work. Of course it is.
But just because it’s hard work doesn’t mean it has to be complicated. In fact, there’s a principle for that in the system: violently encapsulate complexity. It’s #5 of the 7 principles that we introduce during the first week of the Building Effective Security Architectures program to show you how it’s possible to take what seem like a few simple statements, and a few ideas about how to implement them…
…and turn them into the habits that let you crank out SABSA security architectures faster than the Flash can tie up bad guys.
I guess if you’re not convinced, then one way to know for sure would be to decide you’re going to join us in the next cohort of security professionals embarking on a 7-week journey to build some new security architecture skills, practice them, get focused feedback from me and your peers in the program, and then set yourself up to use them in your own security architecture work—every day…
…until you don’t think about them. Suddenly, you’re just thinking in attributes, domains and true governance relationships.
However, maybe this isn’t for you. Maybe you’re happy with the security architecture and/or SABSA skills you have today. If so, that’s totally cool—and, given the current situation of tight – or frozen – training budgets, even with the $2,000 discount you’ll get if you register before Sunday night at midnight US/Eastern, a price tag of $2,300 might just be out of reach.
Or maybe…maybe you just don’t think you have the time. Or, I suppose, you might not care at all, but then, I gotta ask why you’ve read this email as far as you have—unless you’re trying to see what I’m going to say you might disagree with.
It wouldn’t be the first time that’s happened… 😉
I’ve truly no idea what your motivations or circumstances…or even interest is. All I do know is that I’m running the next cohort in July, we’ve some really great people already registered for it, and I’m really looking forward to getting to know them – and possibly you – as part of the cohort.
And I also know that time’s getting short to register before the deadline—especially if you need to go through an approval process. So, if you’re in, then you’d better get cracking and head over to this link ASAP:
Why not see if my mission for security can really make sense – and make a difference – for you, your team, your organization and your security career?
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
