March 5

Fail Better

fail

By Adam Dodge

I have a not-so-secret secret to share with all of you today. I, Adam Dodge, tend to be a tad bit neurotic at times. Nothing very serious, mind you. I just have a tendency to obsess over the things I do. Afraid that I have somehow missed the glaringly obvious or that I have missed made a stupid mistake, I often read and research and then re-read and re-research. After this I start the process over again. My neurotic tendencies are never more obvious then when I am working on projects that will be shared with others.

For obvious reasons, I want my work product to be the highest quality possible, hence the obsession. I recognize the fact that, alas, I am not a perfect person and thus I will (and do) make mistakes. I jokingly refer to this as my “crushing lack of confidence brought on by being self aware.”  However, whenever this happens something occurs to me.

It is okay for the work that I produce to contain imperfections at first. After all, if “security is a process and not a product”, then it is this ongoing refinement that allows you to overcome these imperfections. I feel the need to constantly remind myself of this fact, and it is one that I think it is important for us all to remember. Allow me to elaborate by explaining a project on which I am currently working.

I am working on creating training materials so that I can deliver annual training mandated by a regulation. Since this will be the first such training, I am faced with the task of creating most of the training from scratch. About halfway through developing the training, a thoughy struck me. This is some of the worst training material I have ever created!

It is not that there is a problem with the content. It is just that I cannot think of a way to present this information in an interesting or fun way. I am making several mistakes with this presentation: I am reading from slides. I have very little interaction with the audience. I have too many slides with too much information.

I am going to stand in front of a group of people and flash Powerpoint slides at them for 30 minutes. All the while I will be met with a room full of dead eyes staring at the clock waiting for me to be done. Okay, perhaps it will not be quite this bad, but you get the idea.

I have obsessed over this, agonized over how bad it will be until I remembered one little thing. It does not matter. This training will be held annually and it doesn’t have to be perfect out of the gate. I can gradually refine the material over time to address problems that I find, add additional material, and work to make things more interesting. Just because this training starts out bad, doesn’t mean that I have to allow it to continue to be bad in the future.

None of us should allow ourselves to become overwhelmed by the ideals of perfection. Nothing is perfect. Everything changes. Problems only become problems when we fail to do something about them. In the words of Samuel Beckett:

“Ever tried? Ever failed? No matter. Try again. Fail again. Fail better.”

P.S. If you are going to be at Source Boston, come see me and Dr. Kees Leune give a talk about Information Security in Higher Education!


Tags


You may also like

Are you using frameworks properly?

Leadership and communication are actually layers, not levels

  1. I also have given these types of training sessions. One thing that I have found works for me is if the information is personally relevant. Make it relevant to something they *are* interested in, like how to protect the kids from threats. Show them the top 3 things they can do to protect their wireless networks. Put this stuff towards the end of the presentation and use that as a reward for the boring company stuff.

    Also, empathize with the audience. Recognize that the material is boring, but “we have some stuff I think you’ll appreciate at the end.” Tell them you know they are just forgetting to badge in, but are just asking them to be a bit more conscientious.

    I also try to throw in a bit of comic relief but that is a hit or miss. 🙂

  2. Why on Earth are you wasting your time writing boring PowerPoint slides that you know will be badly received? Have you lost your marbles?

    Give them a handout with all the boring stuff in it and do something more interesting, imaginative and memorable – a case study, a hacking demo, a password crack or something more interesting if you only have half an hour. Just stand there and talk about security stuff, with (shock! Horror!) no slides at all!

    Better still, make it just ten minutes, but once a month not once a year!

    If you *must* use PowerPoint, at least try using [annotated] images instead of words, not even bullet points. Mind maps work well for me. Photos are OK. Relevant cartoons can be fun. Mix in some physical objects as well as slides. The images/objects are there to capture their attention and remind you about what you wanted to say, NOT to give them chapter-and-verse on the slides.

    There’s no need to fail at this, especially if you don’t get another chance for a whole year. A lot of incidents can happen in a year.

    G.

  3. I can’t find the particular quote, but your post brings to mind something I read once along the lines of those who never make mistakes aren’t growing or advancing. I do not mean that we should not strive to do our best, but we must be aware that stretching ourselves places us in situations that we are not familiar with which leads to learning opportunities (failures or mistakes.)

    A good example of this is learning to ballroom dance. Want to know how to dance? Guess what? You learn by doing it wrong 😉 Taking ballroom dancing lessons is pretty much doing nothing but making mistakes and learning from them. But once you have it down, the joy of dancing across the floor makes you glad you decided to stretch and learn something new.

    So, as you quoted, “Ever tried? Ever failed? No matter. Try again. Fail again. Fail better.” You will be better for it.

  4. Pingback: Daydreams of Failure : The Security Catalyst
Comments are closed.
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Subscribe to our newsletter now!