COVID-19 Gratitude 1: Work That Matters

I’ve always been driven by my work — as a journalist, as someone responsible for completing the business my father left behind five years ago and especially in the role I play in the cybersecurity industry.

Work is certainly keeping me going during this pandemic. Amid physical distancing, there’s extra time to reflect on the last couple years.

I’ll talk more about the family business another time. For now, some words about my main job.

Mood Music:

I’m fortunate to work in information security. I get to do my part, however small, in fulfilling several of society’s fundamental needs: keeping businesses running, keeping society safe from bad guys who would do us harm through our web-based tools and keeping people healthy.

In the past month, my company has released a lot of research on business continuity, protecting vital tech infrastructure from attackers looking to exploit our preoccupation with the pandemic. It’s also released research on helping medical institutions keep cyber threats at bay as they try to treat a growing influx of patients. Our content is usually for paying clients, but we’ve made all COVID-19 research publicly available.

The crisis adds fresh clarity to why I took this particular job two years ago.

I’ve always thrived on challenge, going for roles outside my comfort zone in a desire to push my personal evolution to the limit. I had a successful job as an infosec journalist but wanted experience actually doing the things I wrote about. That led me to Akamai Technologies, where I helped with incident response, in-house security training and development of a security research machine. I wanted to immerse myself in content marketing for a security vendor, so I went to Sophos, working with lab researchers to put their findings into writing. My current role at IANS returned me to familiar territory: I’m in an editorial director role, this time with security professionals who are members of our faculty.

This current role is probably the hardest, most rewarding I’ve ever had. I work directly with the company CEO — a career first — oversee development of a curriculum and work a lot more closely with clients than past roles allowed.

My mental wiring isn’t a natural fit for this work. But I’ve learned a ton and have certainly pushed my evolution to new heights. Through it all, I’ve been fortunate to be able to help people manage complex problems. I’m immensely grateful for that. Whatever this pandemic brings in the weeks ahead, I’m all in.

The more uncertain life gets, the harder I work. The more I see opportunities to help to society, the more I will double down.

I see enough people determined to do their part, whether they work in tech or as food-delivery drivers, medics or bankers, to know that society will get through this. We may even emerge on the other side better than we were. (I always try to be optimistic. I see no reason to stop now.)

No doubt there are many who aren’t as lucky and can’t lean on their work right now. My heart aches for everyone who lost their jobs at hotels, movie houses, restaurants, airlines, hair salons and other businesses forced to shut down as people shelter in place.

The fact that my industry isn’t so drastically affected (so far) means I’m simply going to work even harder. I simply must.

Thanks to those who make it possible for me to keep working, and thanks to those who continue to teach me new things along the way.

It’s Not What You Do for a Living, It’s How You Carry It Forward

Every job, no matter how lowly it seems, is an opportunity to learn something that’ll come in handy later in life.

The other day I was helping someone who wants to pursue a career in information security. He wasn’t sure if he should list some of his past jobs in his profiles because they don’t have anything to do with his preferred industry. I urged him to include everything.

Mood music:

He’s currently a barista at Starbucks. While it’s not an infosec job, it requires people skills, customer service prowess and an ability to juggle multiple tasks at once — all important qualities for anyone who wants to thrive in the security world.

Most jobs have something you can carry forward.

I learned about customer service working in a record store. I hated working in my father’s warehouse as a teenager, but it taught me a lot about how shipping and distribution works. Working for weekly newspapers had a lot of drawbacks. The pay sucked — really sucked — and I worked 80 hours a week. But I learned a lot about how government and politics work from all the meetings I covered and a lot about the court system from all the arraignments I was sent to. I also learned how to write a lot of stories quickly.

Had I not worked those jobs, I would not have had the success I’ve had in infosec. I wouldn’t be able to make sense of all the threat data I’m constantly writing about. I wouldn’t be able to juggle writing reports, threat advisories and blog posts. And I wouldn’t have been able to build the industry network I have today.

It was all worth it, even if it all seemed like thankless drudgery at the time.

So if you’re in a job you don’t think is a good fit, by all means strive toward something else. But don’t ignore the tools you can collect along the way.

Milton Stephen Root in Office Space

From Stress and Fear to Passion

A friend shared one of those inspirational memes with me yesterday, and it got me thinking about my approach to work — and how far I’ve come in general.

Mood music:

http://youtu.be/MhtednkzJl4

The meme says, simply:

Working Hard Is Called Stress

Man, is that ever true. I know, because I’ve been on both sides of the equation.

Sometimes the job was intolerable. Mostly, my own demons were intolerable.

During my days as a newspaper reporter and editor, all I knew was stress. Stress over the next deadline. Stress over the backstabbing and petty squabbling often prevalent in newsrooms.

I used to hide by trying to sleep by day as much as possible — especially on weekends — and at night my sleep was pierced with the nightmares stress will generate deep in the brain.

My first job as a security writer was full of stress, too, but it was different. The job itself was good. My coworkers welcomed me from the beginning, and I was well compensated compared to what I had made before. But I was also full of self-loathing, anger and addictive compulsion due to a variety of issues.

I sorted it out, mostly during my time at that job. Then the next job came along, and I had a blast. By then I had pretty much come to grips with my OCD, depression and other issues, and I had a stronger spiritual foundation under me. I was more confident and finally had the ability to approach assignments with an almost child-like glee.

Now I’m at Akamai in a position that’s quite different from those I’ve been in before. I’m inside a security operation instead of outside looking in. I’m part of a team of awesome people I learn new things from every day, and I have the freedom to swing for the fences with my ideas.

It fills me with a lot of passion. Sometimes the passion feels like stress, but that’s usually when I fail to use the myriad coping tools God has given me.

All in all, it’s a great station to be at in life. I’m blessed for sure. The equation started to turn when I faced down my fears, which brings me to another meme I’ll end with:

The Other Side of Fear

Proof That Mental Illness Needn’t Be A Career Killer

A few months back, I was interviewed for a Forbes article on people who turned their mental illnesses into a career strength. I’m happy to discover there are more success stories to share.

Mood music:

A good friend forwarded me “Why I Hired an Executive with a Mental Illness” by Rob Lachenauer, CEO and a co-founder of Banyan Family Business Advisors. Lachenauer describes hiring someone after a job interview in which the candidate came right out and told him she had a mental illness and was on medication. He writes:

My reaction to the candidate’s disclosure was, frankly, disbelief — disbelief that she found the courage to make herself so vulnerable before she was hired. She had to be interviewed by other members of the firm before I could invite her to join us, but we did hire her — and over the past few years, she has become not only a core member of our team, but a large part of the glue that holds the firm together.

He correctly points out that while The Americans with Disabilities Act of 1990 prevents employers from discriminating against people who have a mental illness, the discrimination still happens a lot. In fact, he notes, when he told a former VP of a major investment banking firm about his column, he warned him against publishing it. “Clients are afraid to work with firms that have mentally ill people on the professional staff,” the former VP told him.

I’m glad that didn’t stop Lachenauer from running with it, and I’m grateful he gave that job applicant a chance to prove herself.

I outed myself when I was already comfortably entrenched in my job, having proven myself a thousand times over. I still felt I was taking a risk by starting this blog, but my bosses and colleagues turned out to be very supportive.

By the time I interviewed for my current job, the blog was already well known in the industry. My current boss had been reading my work by that point, and my continued blogging about life with OCD, depression and anxiety was not an item up for debate.

I’ve been fortunate, and I’m happy to see, through stories like Lachenauer’s, that the needle continues to move in the right direction.

leader

Katie Moussouris: Profile in Fortitude

Friends in the information security community continue to inspire me. Last week, it was Trey Ford. This week, it’s Microsoft senior security strategist Katie Moussouris.

Mood music:

Katie has had a huge year at Microsoft and in the wider security industry. After a seemingly eternal push, she succeeded in getting a bug bounty program off the ground, ensuring that the software giant will find and patch many more security holes than it has before. She traveled the globe nonstop, speaking, teaching and organizing for a multitude of security events.

And she did it despite adversity that would have crushed many good people.

She endured a divorce and continued to grieve from losses she suffered two years ago — both parents and a best friend from childhood died that year. There was a parent’s estate to settle, a high-pressure matter no matter how agreeable people try to be.

She continued to be a dedicated mom to her two children, even while circling the globe.

In short, she pressed on, refusing to let personal calamities derail her work.

She touched on this in a June 30 Facebook post, noting how she was having the weirdest, saddest, happiest, yet oddly most productive past couple years of her life. Years spent growing, grieving, gestating, breastfeeding, estate settling, celebrating births, and honoring lives cut short. And working to turn the heresy of a Microsoft bounty into gospel in the midst of it all swirling around and through her.

What she’s been through isn’t unique, and as I’ve noted many times before, we all suffer: We go through career challenges. We lose loved ones. Marriages crumble.

But when people do it with exceptional grace and fortitude, I like to celebrate them.

Here’s to your continued success, friend.

Katie Moussouris