John StrandJan 14, 2023

I wanted to take a few moments and apologize to many of my former students.

In the past I said the industry needs people who look at security as a vocation and an avocation.

I was wrong.

Have a life outside of this industry.

Have hobbies that have nothing to do with your computer.

Get outside.

The problems of the industry are not problems of people not working hard enough.

They are not problems of people not being "hard core" enough.

They are problems of education and resource prioritization.

I was wrong.

I am sorry.

Stop breaking yourself on rocks for people who don't really care if you break yourself on rocks.

Show threadAdrian SanabriaJan 15, 2023

@strandjs warms my heart to see you doing this

I often tell folks, "we still have no idea what we're doing, we're figuring it out as we go and doing our best"

The mistakes are inevitable. The most important bit is to share and learn from those mistakes!

I've also shifted on the advice I give mentees and folks trying to break into this industry. Part of it is just that the industry has been evolving in ways I couldn't have anticipated. The other part is just constantly collecting data: listening to folks and their experiences. Adjusting.

❤️

Show threadRice

@sawaba @strandjs Adrian - another brilliant way of telling people how it is.

That's one of the things that I tell the tech crew I look after when I hear the 'i am not sure if I am right for this job, not sure what I should be doing in this situation'

I just look them in the eye, ask them if after 32 years of doing this do they think I know what I am doing.

If they say yes, I tell them they are wrong. Everyday is a learning experience and no one knows what trainwreck of "fun" is coming in soon.

I just dig up the old but classic line: I may look like I know I have a handle on everything, just like a duck gracefully gliding here and there. Underneath the water line that poor ducks legs are paddling like hell trying to go in the right direction. That's my day 😁

Too much emphasis is put on people, new and old, to do the 'right' thing all the time, everytime and that should be changed to do your best all the time, if it's correct, well done but what did you learn. Nothing.

Do stuff wrong occasionally, see how much more you get out of it.

Like I said, here I am 32 years in.....still cocking things up and learning!

Jan 15, 2023 at 9:44amWeb