Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Beyond Immature Rhetoric: The Case Against Mockery and Ambulance Chasing in the Security Industry

Five reasons why “Ambulance Chasing” and mocking harm the security profession and are never a good idea.

In 2017, I wrote a SecurityWeek article entitled “All Hail The Ambulance Chasers of Security”. In the article, I delved into some of the reasons why “Ambulance Chasing” does a disservice to the security community as a whole. Recent events have reminded us that, unfortunately, over the nearly seven years since I wrote that article, this is something that we as a community still struggle with.

In my 2017 article, I also discussed another bad habit of our community – mocking.  Indeed, the security community has no shortage of those who seem to relish any opportunity to mock those who are going through difficult times.  This too is detrimental to our community as a whole.

In this piece, I’d like to discuss five reasons why “Ambulance Chasing” and mocking harm the security profession and are never a good idea:

  1. It could happen to you: There is an old saying that goes: “People in glass houses shouldn’t throw stones.”  Per the Cambridge Dictionary, this saying “means that you should not criticize other people for bad qualities in their character that you have yourself.”  Indeed, how many of us in the security profession would bet even one paycheck that we would never encounter an embarrassing breach, software update gone wrong, or another such difficult event?  Would you want to be mocked if it happened to you? Doubtful. Instead, you would likely want to remediate the issue, study what went wrong, seek constructive criticism and helpful feedback, compile lessons learned, and improve as a result. That is a much better way to handle a difficult situation.
  2. It isn’t helpful to those toiling: “Ambulance Chasing” and mocking don’t help those toiling to resolve a critical issue. In fact, they can be quite frustrating, annoying, and distracting to those in the trenches during a crisis. It shouldn’t come as a surprise that a team that chose to go with vendor X or that implemented process Y doesn’t want to be the butt of jokes when those choices lead to a critical situation. In fact, people and organizations that make jokes or target victims often do themselves a significant disservice.
  3. You don’t have all the answers: News flash, your solution isn’t going to solve all the problems that the security team is dealing with, no matter how critical the situation.  Pounding the drum of “if you only had our product or solution” isn’t going to win you any favor.  As with the previous point, it may in fact have exactly the opposite effect. Modern enterprises are sufficiently complex, as are the security risks and challenges that need to be mitigated and addressed. It is often the case that a mix of people, process, and technology is required to address different risks and challenges. Claiming that your solution is the answer is not helpful, particularly during a time of crisis.
  4. Constructive dialogue is needed: I’ve never heard anyone I respect say, “we need more immature rhetoric in the security profession.”  Not surprisingly, the best security professionals I know regularly and repeatedly call for constructive dialogue. Critical situations, while trying and difficult, are unique opportunities to learn together as a community.  They have the potential to foster serious dialogue that will allow us to move forward as a community on specific issues. That is if we let them, of course. Otherwise, these unique opportunities quickly devolve into immature rhetoric that is more harmful than helpful.
  5. Security as a field needs to mature: As time has gone on, security as a profession has migrated from relative obscurity to being far more well-known. It is long past the time that we as a field mature. Security needs to be part of the business and taken seriously as a critical function within the business. This means building partnerships both within the enterprise and externally to accomplish our goals of allowing the business to function more securely and with lower risk. “Ambulance Chasing” and mocking cause those outside the security world to look at us as though we are still an obscure profession.  A more mature dialogue and a more professional demeanor will serve us well by making the business more interested in partnering with the security team. On the contrary, immature dialogue will have exactly the opposite effect, making it significantly harder for us to accomplish our goals.

I am often disheartened by certain behaviors I observe when there is a big incident or a crisis in the security field. While security practitioners are busy toiling away in the trenches, there are, unfortunately, some that seem bent on engaging in “Ambulance Chasing” and mocking. Engaging in these practices does a disservice to the security profession as a whole and sets us back in our efforts to better protect our enterprises.

Written By

Joshua Goldfarb (Twitter: @ananalytical) is currently Field CISO at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.