In InfoSec, Fear Shouldn’t Be a Barrier

by Bill Brenner on October 29, 2014

As some of you know, I’ve been deliberately signing up for uncomfortable, even scary tasks at work. Not scary in the grand scheme of normal life, but they are things a guy with a journalistic background doesn’t come to easily.

This time I’m managing an incident management schedule. Managing schedules in any form is something I suck at, so it’s appropriate that this responsibility has crashed into my wheelhouse.

Mood music:

Truth be told, I didn’t take this job for the specific purpose of facing fears. I’m nuts, but not to that extreme.

But I did want to be part of a security team instead of merely writing about what other people do. To do that, getting outside my comfort zone was inevitable. It’s something I wouldn’t have done 15 years ago.

People in my industry assume I know how to conduct a penetration test, process software vulnerabilities and manage compliance operations. Truth is, I know how to write about this stuff, but I’ve never actually done these things. I never claimed that I had, but since my writing has veered unashamedly toward the side of security advocacy, I can see where people might make the assumption.

What I’m learning so far counts as baby steps.

In recent months, I’ve attended a training session on how to be an threat incident response manager and processed my first three vulnerabilities. I still can’t say I know what I’m doing, and I expect to screw up plenty when my time comes to jump into the fire. But the mechanics aren’t so alien to me now, and that’s a quantum leap.

A few years ago, the terror of the unknown and fear of failure would have kept me from doing any of this stuff. Training can seem like routine to some folks, but when you live with things like fear, anxiety, depression and OCD, the wall to climb looks much higher than it really is.

That’s not to say I’m going about all these things in a carefree manner. I still have my episodes of self-doubt. I still experience stress when thinking about how best to manage the new skills in tandem with the editorial and writing skills that encompass 90 percent of my job.

But unlike the old me, I know I can do it. I’m at peace with the mistakes I know I’ll make. I’m prepared to be the guy people talk about in meetings when the subject turns to who fucked what up during an incident. These days, I can show up.

All this training a gift. So is the fact that I can accept the gift. And even though mistakes are inevitable, I can accept that as part of the learning process.

feet standing on hot coals“Walking on Hot Coals” from the Wallpaper Converter site.

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: