Improving Infosec (or any Community/Industry) in One Simple but Mindful Step

Alternate title for the technical crowd: Discovering, performing root cause analysis of, and strategically mitigating vulnerabilities of the soul. Exercises for the intelligent and mindful.

As I write this, I’m going through a minor bout of depression. I mention this because while it is extremely difficult to do so in the midst of pain, darkness can often offer extremely profound perspective that you might otherwise lose sight of if you don’t practice looking at it directly. This post is a collection of thoughts, observations, and principles I’ve been establishing over the past several months. The ultimate motivation to write this post comes courtesy of my depression. There is no cry for help in the words that follow but if you’re worried about what follows taking a negative turn, buckle up. It’s not the turn you may be expecting… 😊

Note: I am not a professional therapist. If you truly need help, do not use my words as canon and seek professional help. This post is merely the result of an experiment I’ve been performing on myself that has exhibited huge positive outcomes from which you may benefit as well.

Positivity

Before establishing how to exercise positivity, allow me to highlight some important observations:

1. There is a cacophony of noise in our industry consisting of negativity and, as a result, a consistent outcry condemning the negativity. From my perspective, this is primarily amplified via social media.
2. Amidst the cacophony of negativity and outcries of negativity, there exists an overwhelmingly positive set of people and ideas in our periphery that are too easy to lose sight of.
3. We have a tendency to look outward more than we look inward. Honing your ability to look inward is in effect, Lasik surgery for the soul which can drastically improve vision. Strength is acknowledging weakness. You are more likely to find your way if you consistently attempt to lose the notion of Self.

I feel it is important not to reject these observations and instead, to embrace the beauty (yes, I referred to the negativity as beauty) of both sides of this system. What makes the interaction of negativity and positivity beautiful in my opinion is when you’re able see the system as an objective observer.

Ask yourself, if you see your surroundings as exceedingly negative, do you improve the situation by explicitly calling out the negativity? More specifically, what is your goal in calling out the negativity? Is it to acknowledge that there is a problem rather than pretending it doesn’t exist? What can actually be done about it? Unconsciously, are you expecting that the problem will take care of itself or that by enough people agreeing with you, it may cause those being negative to reflect on changing their perspective? Have you considered that calling out negativity in excess without having a plan in place might be adding to the problem? I can’t answer that for you but I’ve arrived at an answer on my own by reflecting on my own actions that I can see clearly in hindsight did not have a net positive impact. More specifically, in almost every case where my messaging was not positive I can see that it only served to benefit one thing, my ego.

Is there a more productive way to improve the industry you’ve already invested so much in? To answer that question, I will offer a quote from D.L. Moody that my amazing co-worker, Andy Robbins introduced me to a while back: “The best way to show that a stick is crooked is not to argue about it or to spend time denouncing it, but to lay a straight stick alongside it.” Positivity is the straight stick that offers solutions for a better industry. I am so grateful for you sharing that quote with me, Andy!

Simple Positivity Practices

Here are several principles I’ve made a concerted effort to work on personally that are extremely simple to apply. The challenge, as with anything though, is with consistent application.

1. When tempted to respond negatively or forcefully, step back and remind yourself of the immenseness of the Earth and of the Universe and ask yourself, in the big picture, is it worth it? Understandably, an emotional state may inhibit such rationality. Another question to ask yourself is, who is the actual beneficiary of my action? Through practice, you may find that the unconscious beneficiary is ego rather than that of “helping” the target of your criticism.
2. When you have a kind impulse, act on it. I find it shocking that there was a force in me encouraging me to not do this. When you think about this rationally, both you and the target of your kindness literally have nothing to lose and everything to gain. I believe that the force that attempts to prevent me from doing this is an extremely irrational sense of embarrassment. My rational brain is calling out the bullshit of that argument now though. 😜
3. Take yourself less seriously. Laugh at yourself. Make light of the trivial things you get worked up about. We’ve almost “perfected” the craft of judging others. Turn that judgement inward, laugh about it, and then smile.
4. Balance blocking negativity with objectively observing it. The fear I sense in aggressively removing yourself from negativity is that it has a tendency to create the conditions for volatility whereby locking ourselves in a “happy place” makes us less prepared for when we inevitably encounter negativity elsewhere. I’ve been viewing negativity in an objective sense as a necessary part of humanity where I envision it as a swarm of chaos that has beauty in and of itself. One of the most important lessons for me in exercising positivity is to not let it make you go blind to ugliness and pain. Rather, I see positivity as a lever that allows you to stare at and tackle darkness in the most productive way possible. All of this said, we as humans do have a finite attention bandwidth so obviously don’t go out seeking negativity. That flood will inundate you and have the opposite effect. Haha. Surround yourself with positivity (including those who will offer constructive criticism) but just try to not be overly aggressive about removing all negativity from your life. Remember, it’s a part of the beautiful system we inhabit.
5. When you are happy or see someone else happy, call it out! I cannot even begin to tell you how therapeutic this practice is. Surprisingly, it’s easier said than done though. As with any skill though, it takes practice; in this case, practicing being a better objective observer. Conversely, when you are not happy, try your best to look deep down and identify why you are not happy. This too takes practice. As I mentioned, I’m currently working with a bit of depression. Why am I depressed? Currently, a major contributor is because I’ve been asking myself recently if I am fundamentally helping people within my industry. I am asking myself, “would the security industry move on just fine if my technical contributions ceased?” This post is an attempted response to that painful question and as I write this, I see this post as having the potential to have a greater positive impact on the industry than any of my previous technical works. I also have to remind myself that my motivation within this industry ebbs and flows and that, based on my historical observations, motivation is right around the corner and I’m ready to call it out when it arrives.
6. Constructive criticism is a form of compassion. I recommend practicing constructive criticism on yourself. A simple exercise is to go through your social media feed and identify things you’ve said that your current self would disagree with. How would you approach criticizing your former self? You are now blessed with hindsight and additional perspective so it is likely that you would try to channel your criticism of your former self into a learning moment. Upon being more comfortable providing criticism of yourself, when you see someone doing something genuinely wrong, rather than “calling them out”, channel your criticism as an offering of compassion and/or perspective. In cases where a statement may not be “outright wrong” but rubs you the wrong way, always assume positive intent and wait an arbitrary length of time prior to making the decision to respond. We tend to forget trivial matters very quickly so consider exploiting that tendency. Offer compassion when you can see that someone may be suffering and they are channeling their pain in negative ways. Offer perspective not as a way to convince someone that they’re wrong but rather as a way for them to reflect on an alternate viewpoint that they may be shortsighted of. Remind yourself that the goal of criticism is to create the conditions for someone to rise. The goal of criticism should not be to tear people down and amplify your own beliefs.
7. When interacting online, pretend as if the person/people you are speaking to are sitting right in front of you. When you look into someone’s eyes when you speak to them, it offers the opportunity for you to temper the message you’re delivering because you recognize the feeling/sensing soul behind those eyes. Don’t lose sight of humanizing people you can’t see.
8. Never let perfection be the enemy of good. If you are serious about exercising any of these principles, I guarantee you will fail to be consistent in your practice of them. I lose sight of these practices all the damn time. It will be all too easy to convince yourself to cease practicing positivity upon failing at it enough. I fail to exercise these practices regularly and I accept that and I try to be mindful of when I do fail to practice. Just remember though is that the great thing about positivity is that by definition, it serves to uplift. After all, exercising a 51% effort will still have a positive net gain. You can only take a single step at a time. Simply make an effort to make that single step go forward.

Positive Influences within our Industry

Practicing #5, I wanted to take the opportunity to call out the overwhelmingly positive influences I’ve observed recently. This obviously won’t capture everyone/everything but these people stand out to me as particularly influential in helping shape, validate, and reject my perspectives recently:

• Chris Gates. Chris’ talk on Hacking your Happiness had a profound impact on me not only in the substance of the talk but in his courage to present it. His talk and subsequent journey in finding himself was a huge influence for me and served to smack me in the face in realizing that the best path forward is one without ego. One does not need to align with his belief system to see the power in his message of looking inside oneself.
• Charles Shirer. Charles’ daily, consistent message is simple and it takes a great amount of courage to say: “I love you.” One may decide to reject the substance of such a simple message especially if you don’t know him personally but there is so much strength in that simple statement and I see it as a rejection of ego in propagating such a simple, positive message, a message that can’t possibly hurt anyone. I love you too, Charles!
• Sean Metcalf. If you’ve had the pleasure of meeting Sean, you know how infectious his positivity is. Sean not only manages to consistently put forth positivity but also manages to be a consistent supply of high-quality, technical signal with all of the practical security guidance he offers to us in the industry. I have such a deep respect for Sean’s emotional intelligence, commitment to family, and the industry both on the soft skills and technical side.
• Casey Smith. Whether you realize it or not, you’re my best friend within the industry. You regularly make me a better person through the intelligent and emotional conversations we have and with the unique, empathetic, multi-disciplinary perspectives you have on work and life. You’ve also shown great courage through sharing your experience with mental health, something that I extremely ignorantly used to unconsciously stigmatize based solely on my own insecurities that I didn’t want to acknowledge at the time.

For all the other people I didn’t mention by name, know that I can think of at least one extremely positive thing about you. Also, if you’re self-conscious about not being mentioned, read this post again. Hehe. I also value deeply the people I’ve disagreed with as they have played an important role in helping to change or validate my perspectives. The perspectives of the people you disagree with are, in my opinion, of equal (if not slightly more) value than that of those you agree with.

Conclusion

I’ll keep this extremely succinct. Through the practice of positivity, you have absolutely nothing lose and you and the people within your sphere of influence with will have everything to gain! I love you!

Credit: Hubble Deep Field https://spacetelescope.org/images/heic0406a/

Thanks to Andy Robbins, Kelly Villanueva, Casey Smith and the love of my life, my wife for their invaluable insight, review, and critique of this post!