I'm a big fan of Tom Clancy type spy thriller novels. I just read a book which reminds me of these, and which Clancy himself called "A spy story for the 90's -- and it's all true." The book is called The Cuckoo's Egg by Cliff Stoll. I won't give away any spoilers here, but you can read the collective summary if you want to know what happens.
This is a classic story of what happens when you see something out of place and instead of just fixing the problem you really investigate. You start digging and pretty soon you find that there are dozens of things that need to be reworked, and dozens more that need to be done and done right. With no funding for a project, it can be damn near impossible to carve the time out of your paying job to do them, so most go undone. In his book, Cliff doesn't let his main issues fall to the wayside, he sticks with them and sees that things get done as well as they can be.
While the book is nearly 20 years old, the lessons it teaches are true today. Cliff has to overcome sloppy practices, a determined and perseverant adversary, invasion of his personal life, lack of support from those he is trying to help, etc. And in the end, he is essentially unrewarded for his efforts. These are problems that security professionals -- and many others -- face every day. But Cliff won't back down or give up, he is able to look at the problem as an opportunity to learn and explore. His reward comes from the joy of discovery, from seeing the problem to its conclusion, and making connections with people in the same situation.
It's easy to respect and admire someone like this, but it's not as easy to become them ourselves. It is much easier to push things off to another day or let things drop by the wayside as we hurtle along through life. But I think that one of the things that makes me happiest is when I pursue the things that Cliff did: truth, discovery, and resolution. It also tends to make the products of my work better because we care about what I am doing, not just trying to get it done so I can move on to something else.
It's hard to be enthusiastic about every aspect of we all do for a living. In fact, if we really enjoy doing something and decide to make money from it, we will soon find that we enjoy it less. But what would it take to do every task like we enjoyed it? Probably not that much more effort than we already put into it. That could be changing the duty enough to make it more interesting, like turning it into a game. Or it could mean trying to learn all you can from theories to history to other techniques. Or it might just mean that you embrace the unembraceable and focus on being as good as you can.
But you've got to find some way to persevere through the difficult jobs to get to the end. In Information Security, it is absolutely essential to do things right and see them through to completion. It is like that in many other fields and aspects of our lives. If you give up or half-ass it at any point, it diminishes the results of your labor. But working hard through every step gives a great feeling of accomplishment and self-esteem as well as makes for a better end result.
No comments:
Post a Comment