Thought I Was a Security Rockstar. Was Just Stupid

by Bill Brenner on March 24, 2017

In pretty much every industry of late, people of great talent, drive and achievement are being labeled rock stars. I certainly see it as I work in the information security industry.

Those who get the label tend to deserve it. But there’s a dangerous side-effect: The term rock star can bloat the egos of those it’s bestowed upon. It leads to big heads and bad attitudes. I’ve watched many handle it with humble grace. And I’ve watched a few fall into the trap.

Exhibit A: me.

Mood music:

As a security journalist who posted new content almost daily, I got a lot of praise and, yes, some called me a rock star. This snowballed when I started The OCD Diaries.

I found myself on more than one “security influencers to follow” list. People kept praising me for my supposed raw honesty. So I did what any good addict does: I drank it up, tied all my self worth into it and started to believe it all.

Don’t get me wrong. I think I’ve accomplished a lot of good stuff, and I’ve certainly been lucky in my career. But a rock star? Looking back on it now, I don’t think so.

I believed it when people told me, though. My head grew larger, while my brain went stale. I stopped trying. I truly believed I could pull off anything with little effort.

Of course, the real world doesn’t work that way.

I eventually found myself growing snobby, moldy and stagnant. Somewhere along the way as I bought into my own hype, I started to fail.

I lapsed into old habits. I began dialing in my work. The praise became chains, weighing me down like Scrooge’s old business partner in A Christmas Carol.

Sometime last fall, I went from being a rock star to the office jerk. It left me off balance and in a depression that deepened over the winter. I started to worry about being found out as an impostor. Worse, I found myself losing my usefulness.

Since then, I’ve been working hard to return to my roots. I feel like I’m starting to make real progress, but I still have a ways to go.

As for those in my industry who remain honest and humble, I aspire to be more like them. And I don’t fault those who are kind enough to put the rock star mantle on others. I simply see as lessons for all of us:

Never stop working your asses off.
Never stop seeking truth.
Don’t be like me — not too much, anyway.

IEEE Computer Society Cybersecurity

{ 6 comments… read them below or add one }

Pete March 24, 2015 at 12:42 pm

Love this! What a great reminder that it’s the hard work that’s being recognized. I know I need to keep working if I want that feeling of accomplishment because it can quickly fade.

Greg March 29, 2015 at 12:48 am

Rock star maybe … Awesome dude, definitely!

Joe June 14, 2015 at 3:35 pm

Great follow-up article would be just what is rock star in infosec, or any tech category for that matter? Also, you should have considered “Rockstar” by Miley Cyrus as the mood music.

Brian August 14, 2015 at 12:46 pm

Too quickly in our industry, and in most, “rock star” turned from someone who could accomplish great deeds on a regular basis (e.g. Miller, Kaminsky) to someone who accomplished one great deed to someone who influenced great decision makers effectively. Now it’s just a matter of who has the most social media followers.

The number of people who actually deserve the moniker are extremely few, and most of them don’t want it. We could just stop referring to it and let it die a slow death.

And run TwitterAudit on everyone.

Brian Krebs December 1, 2015 at 2:28 pm

Not sure how I missed this until now, but god bless you, Bill! Really enjoy reading your confessions. So much truth there, Rockstar.

James A. Abercromby II March 10, 2016 at 11:00 am

What can I say…. except been there done that. I am the legend in my own mind, thats really all that matters. Double edged sword eh?

Yeah man, there is alot of this, in every industry, scene and subculture.

And to some degree we are definitely all guilty of it.

Leave a Comment

{ 1 trackback }

Previous post:

Next post: