Embrace Your Inner Geek

Jonathan Trull, Chief Information Security Officer

I am a technology geek. There is no doubt about it. How do you know if you belong to this special club? In my experience, several of the following may apply to you.

  • You love learning new technology and teaching others how it works. You either have personal accounts in Azure and AWS or have your own home lab where you run numerous virtual machines so that you can install and play with different operating systems, security tools and applications. You are constantly reading technology books and magazines and watch videos online about new and innovative technologies. You also teach others how to use technology, whether through briefings, hack-a-thons or by teaching classes at your local colleges. You attend security conferences for the content, and not the parties and booze. Well, maybe a little for the parties, but mostly for the content.
  • You actually enjoy coding and having your hands on the keyboard (and I don’t mean typing up emails and documents). While on vacation, your family, to their amusement, often finds you behind your keyboard writing open source security programs or solving different coding problems. You enjoy the mental challenge of solving problems with computer code and, for some strange reason, programming makes you feel relaxed after a long day of unending meetings and conference calls.
  • You have an insatiable need to know how things work. For example, you can’t just sit back and ride on a plane. You need to know everything about flying. You’ll read and study the physics of flight and find yourself conducting home experiments to better understand Bernoulli’s Principle and how it can be applied to calculate lift force. Then you decide to take sailplane lessons so you can better understand how the principle of lift works in real life. Plus, you get to tinker with something mechanical.
  • You love building things. As a young child, you found yourself building rockets, radio controlled cars and planes, radios and anything else with electricity and moving parts. Now, you are known as a tinkerer. You build your own computer, rebuild motorcycle engines as a hobby and have the most amazing home entertainment and security system in the neighborhood. Now, you’re teaching your kids to enjoy building things and own at least one Raspberry Pi to show them how a computer works and to teach them Python programming so they can construct an XOR logic lock on the doors to their castle.
  • You’re dedicated. Once you’ve identified a problem of interest, you’re tenacious and dedicated to solving it. You work 100 hours per week to solve the problem not because you’re required by management but because you’re enthralled by the problem. In fact, you can’t think of anything else. Some might say you have a restless mind. In fact, you find your mind wandering off to solve technical problems during dinner events and kids’ birthday parties as people start talking about sports and celebrity gossip. Your spouse often has to cover for you by saying you have a lot on your mind as you gaze off into space looking for the right algorithm.
  • You’re innovative and a problem solver. You approach things differently. You often see solutions that others don’t. You have an innate ability, some would call it a sixth sense, to distill complex problems into simpler components and then to apply logic to eliminate non-essential or unworkable solutions. You feel comfortable handling abstract information and thrive at seeing trends years before others do.

Over the years, I’ve had several people tell me that to reach the pinnacle of a career in information security and become a CISO, I’d have to dump the technical side and focus almost exclusively on the business side. And while I agree that effective CISOs need to be business savvy, I’ve come to learn that by no means does it mean that they need to stop “geeking” out. In fact, I would argue that it’s the same skills, dependability and burning desires that make you a technology geek that will drive you to excel as a CISO.

In fact, I remember a moment early in my CISO career. One of the most iconic figures in cybersecurity came by my office for a visit. On my shelf were several books, including books on programming in C++, Python and C and one on reverse engineering. He confided in me that he too was a techno-aficionado (aka geek). Early in his career, he was told that if he wanted to advance and be taken seriously as a businessman then he would hide those books and stop “geeking” out. Fortunately for him, he listened to his inner geek and took a different path. He founded and now runs one of the most successful and innovative cybersecurity companies in the world.

So, my advice to you is to be true to yourself, embrace your inner geek and don’t let anyone tell you otherwise.