What Is Your Philosophy Of Security
A growing body of thought is throwing out the old way of thinking about business, and giving heartburn to vaunted MBA programs. What’s this tectonic shift in the global business plates you ask?
“If you want to succeed in business, don’t get an MBA. Study philosophy instead.”
For so long we’ve tried to shoehorn in ‘best practices’, ‘core competencies’ and ‘industry standards’ into our approach to security – cyber and otherwise. It’s always been the how. But have we taken time to think about the what and the why?
Why have a philosophy at all about security? It’s just something you do…right? Do you have an investment philosophy? Maybe it’s buy low and sell high. Maybe it’s save then spend. (Or maybe spend and save what’s left.) Maybe your management approach is to be a total micro-manager, or completely hands-off.
There’s A New Sheriff In Town
“And his name is Reggie Hammond…”
It’s time to start thinking about the right questions to ask, even when you don’t know the answer. Challenge conventional thinking and assumptions. We’ve been told so long what to think, it’s the to discuss how to think. There’s a new sheriff in town, and it’s called philosophy.
It’s also time to start thinking about how to ask questions – not answer them. Only by exposing the unknown can you make real progress. In our rush to solve a problem, we spend too little time actually defining the problem. That’s like trying to chop down a tree with a dull axe. Swinging harder and harder actually works against you. Slowing down, refining the actual problem (sharpening the axe) and then applying the solution ends up with better outcomes.
I Think Therefore I Am
How does a 17th century philosopher named René Descartes factor into a discussion of modern cybersecurity – or any kind of security for that matter? Because he questioned the actual premise of the existence of mankind – wow! Mind blown! Someone questioning authority? Yep – you betcha.
René Descartes did not accept traditional thinking. He didn’t always have the answer (that’s not the role of a real philosopher), but through his thinking he helped others ask the right question, define the problem accurately so an appropriate answer could be arrived at.
Here are some potential things for you to consider in developing your approach. They are neither good or bad – they just…are.
- Government intervention – wait for regulation to arrive.
- Self regulation – that means working with your competitors.
- Change the culture.
- Blame others.
- Change the law.
- Try and prevent everything.
So some are not so good. But that is for you to figure out. Question everything – ask why – ask why not – how do you know – why have we always done it this way.
Ask new questions and chances are you’ll get new answers. Those new answers will lead you to your philosophy of security that works for your company, family or small business.