The security industry had a terrible year in 2020—some even think the worst ever. You can point to failures in working from home after COVID-19 struck, various election narratives, the SolarWinds breach, foreign nation-state cyberattacks, new ransomware, the global lack of cyber talent, government leader mistakes or a long list of other items.
My favourite quote that captures this “good riddance” sentiment is from Back to the Future when Doc warns Marty: “Whatever happens, don’t ever go to 2020!”
Regardless of who you blame (or not) for 2020 failures, Bruce Schneier now thinks the best path forward after the SolarWinds breach is for the majority of Fortune 500 companies to burn down their networks and rebuild from scratch.
But even if this radical approach is followed by the public- and private-sector organisations, this advice begs many questions. Do we rebuild the same network architecture? Will the same people, processes, and technology (presumably with known vulnerabilities patched) keep the bad actors out in the future? Can we keep doing the same things and expect a different result? Bottom line, have we learned anything from the past decade—or even the past year?
Career lessons from Back to the Future
Which brings me back to my second favourite trilogy of all time. There are several great lists of life lessons we can learn from the Back to the Future movies.
As I pondered this topic over the recent holidays and watched the three fun movies one more time, I came up with my top three career lessons that cyber pros (and other tech enthusiasts) can learn from that masterful movie series that features a DeLorean time machine.
1. Surround yourself with experts who you trust and who believe in you.
I love the multi-generational aspects of Back the Future, with both the Doc/Marty relationship and how the parents’ and grandparents’ character traits are passed down through the generations—even as their surroundings were very different in Hill Valley. No matter what circumstances arise in the trilogy, those trusted relationships are key.
Understanding our past can help us understand the present and the future. It is easy to make assumptions about others and think that they made decisions because of who they are rather than the circumstances they experienced. When we learn more about the past, it can put their actions into context and enlighten us about how things came to be in the current situation. Knowing history well can also help us avoid making the same mistakes over and over.
Tip: Ask trusted colleagues about the key decisions (good or bad) that they made, and how those decisions impacted their current situation.
2. Believe in yourself; don’t sweat it if people call you “chicken.”
Throughout the trilogy, Marty McFly reacts strongly whenever anyone calls him “chicken.” However, at the end of the third movie, when it becomes clear that he could die from a duel with Buford “Mad Dog” Tannen, Marty realizes it doesn’t matter what Tannen (or his other adversaries) say about him.
After Marty learns this lesson, he refuses to enter a car race in 1985. This decision saves him from getting into a car accident. We learned in the second movie that this car accident would have injured his wrist, stopped him from playing the guitar, and get him fired from his job in the future (2015).
The questions that we all need to ask ourselves on a regular basis is: What are our career goals? Who are you trying to please? Why?
As cyber pros, we need to believe in ourselves rather than focus on negative comments that are sure to come from industry competitors. As Mark Victor Hansen recommends, “By recording your dreams and goals on paper, you set in motion the process of becoming the person you most want to be. Put your future in good hands—your own.”
Tip: Go over your goals and plans on a regular basis with a trusted mentor who can support your action plans. Also, becoming a life-long learner who is constantly reinventing your career and growing skillsets in different situations will enable you to succeed no matter what cyberspace throws at you.
3. Don’t stop thinking about tomorrow,
Because past trends can teach us about tomorrow’s reality—especially in security. Predicting the future is hard in any area of life, but it’s especially difficult when it comes to technology and cybersecurity. That doesn’t mean we don’t try to our best to connect the dots regarding cyber trends, which is why I spend many hours digesting and writing about security industry predictions each year.
True, no one saw a global COVID-19 pandemic coming in 2019, so our view of 2020 was fundamentally flawed in many respects. Nevertheless, prognosticators still got many things right.
Five years ago, I wrote this article for CSO Magazine entitled: Why more security predictions and how can you benefit? I ended by saying:
“Bottom line, the more the security and technology industries grow, the more predictions we will have. From the Internet of Things to new technologies to robots to self-driving cars, do you really think we will be talking about security and privacy less in 2020? I don’t.
Predictions are not new, and they are not going away. In fact, they are just getting started.
Congratulations security industry, and welcome to centre ring in this three-ring circus. Yes, it is a very big circus, but that’s where all the action is.”
It turned out that I was right, and we now have more new security predictions than ever before.
Tip: Take time to think about your future career in your area of expertise. Thinking about the movie trilogy, when we project ourselves into the future and consider all of our goals, it can help us gain perspective on the present situation and what to do next. Considering future options will open doors to insights about your present situation and what your current decisions might actually mean.
One final thought: As Bill Gates said, “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten.”
Don’t let yourself be lulled into inaction.
Write to us firstname.lastname@example.org