The Dangers of Opening Your Mouth

Tuesday, May 03, 2011

Eric Irvin

Cb7f24bc3f25d24cc77090478a2f30b5

Recently, I attended a security talk on risk management. The theme of the topic was about how "Security Awareness" was ineffective and that we should, in fact, be teaching "Security Training".

During the talk, I found myself growing more and more upset with the theme of the talk.

I felt that the oversimplification of changing habits, mindsets, and attitudes required more than trying to teach 60 year-old Gretta in Accounting the differences between malware, worms, and viruses.

As a Sales Engineer for a security solutions and services company, I am often speaking at ISSA chapters, InfraGard, SecurityBSides, and other groups and conferences.

I, generally, find myself talking about security, risk, and other topics that are within the fairway of the solutions my organization develops or supports. Speaking to these groups are fun and the data I hear in the field is extremely valuable for performing my job.

Through years of public speaking, I am often rushed at the end of my talks by a couple of classes of people. There are a few who want to know more about what my company does, some who want to sell my company something they do, and some who are looking for a job.

Yet, the most interesting person who will sometimes approach me after a talk is the person who disagrees with my data or my message.

In the context of the security talk that I disagreed with, I bit my tongue during the presentation. Due to the nature of the presentation, I was unable to discuss with the presentor my thoughts, but I was able to meet with a few attendees that evening.

I was surprised to learn that quiet a few people agreed with the message.

When I provided a contrasting view point, a few that were maintaining silence began to jump in and agree with me. At the end of the discussion, about half of us agreed with their message and the other half disagreed.

With the field of Information Security growing exponentially, the number of speakers and presenters grows as well. People want to share their experiences, their thoughts, and their opinions on lots of new topics.

We are not all going to agree with everything that is said, but this is all part of the conversation. It's important that we continue to listen as much as we talk, and dissect statements, data, and ideas as critically as possible.

As the world of Information Security grows, we can not afford to be spoon-fed our thoughts and ideas from speakers, magazine articles, and vendors. In order to do that, we need more volunteers to share their experiences and opinions.

Sure, people may not always agree with you, but that is the risk you take in order to gain knowledge. There are always dangers to opening your mouth, but unless you do, your opinion will never count. 

Possibly Related Articles:
8196
Security Awareness
Information Security
Risk Management Security Information Security Infosec Professional Conferences
Post Rating I Like this!
5e402abc3fedaf8927900f014ccc031f
Allan Pratt, MBA Excellent post, Eric. Thank YOU for speaking up.
1304529132
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked