As we come into the Thanksgiving holiday, I was reflecting on the things I’m thankful for in my life: my family, friends, good food. I’m thankful to be where I am, celebrating over a year running Reveal Risk and looking forward to the amazing year ahead as we go into 2020.
I also recall the times when I felt less thankful: things were harder, and I felt like throwing in the towel. But now that I have the benefit of perspective on those events, I realize I am thankful for them as well. I learned a lot through them. I decided to share some here in the hopes that as you read them, they help you shine a positive light on your situations, past and present, this holiday season:
- I’m thankful for the exceptionally nasty firmware virus I caught my first year of college because it taught me the importance of configuration management, source control, and keeping good backups.
- I’m thankful for the manager who treated me as a housekeeper because I learned to take pride in my work, even when it seems unimportant.
- I’m thankful for the 4AM red team fail because it taught me to look for the simple solution first.
- I’m thankful for my broken build scripts because I learned that bad automation just does the wrong thing faster.
- I’m thankful for <REDACTED> because it taught me that some things that seem exclusive and important are really boring and overhyped.
- I’m thankful for the email and chat tools I broke because I learned that people will find wrong ways to get work done if you make the right thing too hard.
- I’m thankful for the infected executive laptop on the network because it taught me the importance of due diligence in the Merger & Acquisition (M&A) process.
- I’m thankful for the fridge full of spoiled product after a vulnerability scan because I learned the importance of operational technology and edge cases.
- I’m thankful for the late-night incident bridges because they taught me that having all the latest tools is meaningless if they don’t work well together.
- I’m thankful for the endless budget and business planning cycles because they taught me the value of governance and effective processes.
I have a lot to be thankful for. Each and every one of the companies I have worked for, each experience in my career I have learned from the good and the bad. In 20 years as a security professional I am grateful to bring experiences, insights and real world knowledge in every client engagement. Thanks for reading!
– Tim Sewell: Co-Founder, CIO, and CTO at Reveal Risk