We are always looking for ways to make things easier on ourselves, usually with little to no regard for the long-term impact of such a convenience. This is true in every part of the human experience but it's magnified 100 times in the world of information and cyber security.
The reason that “Easy button” marketing works is because we all want an easier path to the win, the problem is hard work is not easy, no magic button or set of technology can eliminate hard work. it can evolve it, move it, reduce it, but all we are doing is shuffling the hard work to some other place or person.
For example, when we go to the grocery store it is easy to pick up our produce, meat, our prepackaged and prepared meals and put it in our cart. Very rarely do we stop to think of all the people involved, and the very hard work they put in to get that food on the shelf. Growing food is hard work, running the logistics to get that food from the farm to the store is hard work even with the help of machines and computers.
Information and cyber security are no different, it takes a ton of hard work to do it right, we preach that the enemy of good information security is complexity, so then simple is its ally, easy right?
Simple is not easy simple is a ton of hard work, it is asking tough questions, digging for answers, it is building understanding, communication, documentation, trial, and error.
Now knowing that humans prefer to limit the amount of hard work they do, to conserve energy incase they need to run away from a saber tooth tiger, or some other primal drivers, how do we shift this paradigm?
We do not ask enough of the right questions; we are in a hurry to find a solution that will make it easier on us to accomplish our goals, we need to do a better job of connecting on that primal level and showing that doing the hard work saves energy and resources in the long run.
For me this begins with speaking simply to the business, avoiding technical terms as much as possible, showing that I am as invested in helping them to conserve energy as they are, working hard to understand the business driver and value behind the ask, helping them to identify existing solutions that meet their needs, without needing to add another magic button to the environment, that will most certainly not be magic or easy. Helping them to understand the impact later to convenience now.
Most business leaders will not want to create a situation in the future where the business is unable to function because someone wanted one less step in their day.
All this and more on the Security Shit Show Thursday at 2100 Mountain/2200 Central
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.