crazy ones

The Cybersecurity Status Quo Needs to Change

cybersecurity certificationsThis is a transcript of the video at the bottom of the post.

In 1997, Apple came out with the commercial Here’s to the Crazy Ones. 20 plus years later, that commercial still resonates with me. Steve Jobs came up with a lot of the material for that commercial based on his life. He always felt like he didn’t quite fit in or was a misfit. He felt like he wanted to challenge the status quo. He also was called crazy a lot for dreaming too big, but instead of trying to follow the status quo or fit in, he embraced his uniqueness and ended up changing the world and having a huge impact. I feel the same way about cybersecurity, because, with cybersecurity, there is a status quo, this movement that we just keep following, but it’s not helping. A lot of people would call me crazy for wanting to challenge the status quo, but the status quo was not working.

And we know this. There’s plenty of evidence of this because of the different data breaches every day. One of the reasons the status quo is not working, or I believe it’s the primary reason is we’ve overly complicated cybersecurity. Instead of focusing on a few things and doing those few things very well, that few things that will reduce the risk the most, we try to get everyone to do hundreds of things. We can’t do hundreds of things very well, and what happens is we ended up doing them all half-assed, really.

I used to work with this guy and I always think of this scenario. I used to work with him and he was working these two projects once, and he was having a little bit of trouble figuring out which one took priority or which one took precedence. So he went and asked his boss, which one of these two projects takes priority? His boss told him they’re both an equal priority. His response was, “Okay. Well, I guess I’ll do both of them half-assed.” It’s the same concept as cybersecurity. If we try to do too many things, we ended up doing them half-assed. We should focus on just a few things and do them very well. Most data breaches are caused by a misconfiguration or an unpatched system. These are two simple things to fix, but you can’t focus on those things if you’re focusing on the other 98 stuff, 98 items that don’t really matter. This time, we challenge the cybersecurity status quo. What we’re doing is not working. We need to think different, as Apple would say. Here’s to the crazy ones.

Here’s to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes, the ones who see things differently. They’re not fond of rules and they have no respect for the status quo. You can quote them, disagree with them, glorify, or vilify them. About the only thing you can’t do is ignore them because they change things. They push the human race forward. And while some may see them as the crazy ones, we see genius, because the people who are crazy enough to think they can change the world are the ones who do.