Shooting Cans & Cybersecurity
A Father-Son Reflection on IT Security
Growing up in the south, being around firearms is just a part of a culture. While I suspect we don’t have a monopoly on that down here, it’s certainly one of those stereotypes that attaches ever so neatly to us.
I was reflecting on this earlier this week when having a conversation with someone who, while in their early twenties, had never gone on any sort of hunt before and was talking about an upcoming trip to do that very thing. They were not originally from this area and had migrated to our lovely state so it was going to be a completely new experience for them. It brought back memories of the first time I took my oldest son out to shoot at some cans on a friend’s property. It was a wonderful and, to me, a milestone experience that felt like passing the torch to some degree. Taking my little buddy out there felt like a huge, but natural, step on the father-son journey.
It was quite the experience! We both had a wonderful time; me teaching my son and him plinking away. The most memorable part was when my little guy did a mag-dump on a small Walther P-22 pistol.
Me: standing behind and surrounding him with my hands around his.
Him: loudly cackling like a mad person. Think Joker-esque levels of crazy and excitement.
It was equally humorous and disturbing. At the time, I was chuckling while thinking “yeah, you’ll never touch another firearm little crazy person”. I’m happy to say, that was close to a decade ago and he’s become an expert marksman and grown into not (as much of) a crazy person.
That day, we were shooting little .22 caliber pistols and rifles. Everything we were shooting was something either I bought years ago or were handed down from my grandfather or father-in-law. One of the rifles was over 60 years old and was a single shot .22 that my grandfather used to handle varmints when he was much younger. I suspect the majority of us share a similar experience.
“How does this relate to anything IT?” you might be asking. Great question, dear reader!
When my son and I were setting out to go wreck some cans that day, we didn’t stop by the local gun store and buy a bunch of new pistols or rifles. We didn’t go out and buy the fanciest thing we could lay our eyes upon. We bought ammo to support the things we already had in our possession.
If you’ve read our articles in the past, you know we are true believers in using what you already have before you go out and buy something new. We’ve even shared a few tips on things you can do for little to no cost - other than your time and effort - to significantly improve your overall security posture. The answer cannot always be “add another tool”. Investing in resources you already have, whether it be people or tools, will pay dividends beyond slapping yet-another-tool in the lineup. Sometimes, though, you do need another tool or service. That’s when it’s important that you choose the right tool for you.
There are times you will need to stop by the fun gun store on your way out to shoot with your kids. You may not have a pistol or rifle suitable for plinking cans. When you’re trying to figure out what to buy, you want a knowledgeable guide to help you make your decision. You don’t want someone motivated by moving whatever firearm has been sitting on the shelf for the longest or whichever one he puts the most markup on. You want the person who has been there and popped those cans with their own kids. That person will understand what you need and why.
I see this very issue far too often in the world of IT sales. I’ve sat in the room with some of the reportedly best IT Security sales people in the nation. To be fair, they are extremely successful. They move a lot of services and product. The issue is that so many of them are motivated by what benefits them personally more than what actually serves their customers. They’re wrapped up in margins and rebates, but rarely stop to ask the question “does this truly improve the security of my client?” Therein lies the issue.
Are you consuming the correct services and products for your organization? Are you relying on the experience and knowledge of people who truly have been in your position? The products and services you consume, are they truly moving the needle for your security posture?
Our firm takes pride in being comprised of practitioners who have been there, who have done that, and still go out to plink cans with their kids and grandkids. Your situation was our situation. We know exactly what you are going through as you navigate these waters and we can guide you through the gauntlet towards truly helping you move the needle on your security posture.
If you want a fresh look at what you are doing, we are here to help. If you want nothing more than a sanity check or sounding board, we are here for that as well.