I want to tell you a little story about this guy – he was a bit geeky, loved comic books and sci-fi – and he had this crazy idea that was basically *guaranteed* to fail—at least as far as most people were concerned, anyway. But this geeky, highly introverted guy…he just wouldn’t give up, and, at least as far as a lot of my own personal network of security professionals are concerned, we’re pretty glad he didn’t decide to wring his hands and just throw the whole thing in the “too hard” bucket. This guy’s name was…
George Lucas.
And the “crazy idea” he had way back in 1973 was a combination of things he was passionate about: westerns, samurai movies…and Flash Gordon. But he didn’t have the budget at the time to acquire the rights to Flash Gordon, so he had to improvise…and the only logical path forward was to create his own universe of characters and to tell his own stories.
However, most of the “experts” at the time thought his idea would end up being the laughingstock of Hollywood, because not only was it comic-book inspired science-fiction, something everyone said was a dead genre that would never make any money…
…and it was also a story that had “War” in the title, and everyone absolutely, positively knew – without a shadow of a doubt – that films with “war” in the title wouldn’t ever make over $6-7 million.
Since we all know the ending of the story, it’s useful to remember that to be successful in Hollywood, you need to be one of two things:
- a great communicator who’s able to sell the value of a movie that hasn’t been finished, will cost $100-150 million to produce and can’t necessarily guarantee it’ll even break even,
- or…you need to have enough credibility and trust that people support you—no matter how crazy your ideas actually seem to be.
In the case of Lucas, it was apparently the latter that saved the day, because by all reports, he was notoriously introverted and a terrible communicator. There’s even a story from Carrie Fisher that all George Lucas needed was “two horns on a board” to convey the extent of his grasp of directing and inspiring the performances of the cast.
The first one would be labeled “faster” and the second one was “more intense.”
Now maybe you’re not grasping the parallels here between your own position as a security architect and the story of one of the biggest film franchises that sold for over $4 billion in 2012 having started from an initial budget of $3.5 million more than 30 years previously. And, I guess, you can be forgiven slightly for this, so let me spell this out for you:
One of the biggest complaints I hear from people aspiring to build true security architecture functions in their organization is that “there’s no support” and that “it’s not on the radar” because people just don’t see the value.
What I want to be clear about is that there’s really no difference in selling the value of an architecture program – or security, for that matter – than there is for selling a Hollywood screenplay. It takes either the ability to communicate effectively with your target audience (the people with the money)…
…or it takes cashing in some of your credibility with those exact same people based on things you’ve done successfully for them before.
So I want to ask you to do an ad-hoc self assessment of your own abilities in those two areas to understand the real reason why you’re not building the architecture programs – and the security architectures – you’d rather be building…
…instead of being relegated, in the words of someone I spoke to last week, to:
“sitting in technical design meetings, making sure, on management’s behalf, that the engineering or dev teams aren’t going off the rails from a security perspective.”
Now, in my book, that ain’t architecture, young Jedi. That’s quality control.
But maybe that’s your bag. Maybe that’s ok, and it gives you the freedom to want to spend time with the kids, walk the dog and binge-watch shows on Netflix after work.
However…if it isn’t, it means that your capabilities in those two areas need an upgrade, so again, another little ad-hoc survey here:
Where are you gonna get that upgrade?
Over the last 14 years, I’ve been in the same trenches as you have – with the benefit of working with a lot more organizations that you probably have – and I’ve seen the pain and the consequences of not being able to communicate effectively as a security architect AND not being able to build sufficient credibility with the people with the money.
It is the security kiss of death…
…probably second only to actually being shown to be single-handedly responsible for a major breach.
And knowing this, I made sure that at least 60% – or more – of the content of our Building Effective Security Architecture program is designed to help you excel in those areas and be prepared to:
Sell your ideas…
…and build your credibility with the business.
And I did it because I know how important this is—and how rare these skills actually are and how infrequently they’re taught inside the “security” profession.
So…if you care at all about doing the kinds of architecture you’ve been hearing me yak on about for over a year now in these emails…
…but you still don’t quite feel ready – on one or more levels – to make it happen or to just dive in and get it done…
…then I want to leave you with one final quote from George Lucas that literally defined a large segment of modern popular culture:
“Nobody’s ever going to let anybody make a movie. You have to go out and do it! Those who can figure out how to do it—do it. And nothing can stop them.”
What’s stopping you?
If you’re ready to stop being stopped – by yourself, your boss, the process, the policy, or even the culture of the very organization that pays your salary…
…then here’s the link you need to visit ASAP:
Because it’s only open for 6 more days, and I’ve no idea exactly when we’re going to run it again. But I do know It’s the best, most focused way to learn how to not only do – but to “sell” and demonstrate the value of security architecture – that I’ve ever seen. And, based on everything I’ve done, it’s the only way to actually make a difference to your security program with architecture.
Stay safe, and May the Force be with you,
ast
—
Andrew S. Townley
Archistry Chief Executive
