I was working on a project with a very important client a while back and the project had strict timelines associated with it. Benchmarks that had to be reached before we could proceed. And if we did not hit these on time we would miss the due date of the project. Unfortunately, the client was very detailed oriented and could not conform to the required schedule. There was always something else that needed to be perfected. Another detail that the client could not move forward because of.
After a while, it became serious and multiple interventions on my part did not convince the client to move forward with the project as it is imperfect as it may be. Eventually, I had to go above him to the executive in charge in order to save the project. In fact, we came very close to missing the critical deadlines.
Not So Ideal After All
Because of these delays, we could have lost the entire project and there was a good chance I would have gotten the blame for it and lost the contract. There is a quote by Goethe that says “a confusion of the real with the ideal never goes unpunished.” And it almost happened to me.
The lesson is to make sure that whatever project you are working on but particularly cybersecurity projects you do a good competent job. But do not try for perfection. We live in the real world, not in a perfect world. You should be looking for continuous improvement, but not expecting the ideal.
So in the field of cybersecurity look for good competent people not the perfect candidate. No one knows everything there is to know about cybersecurity. And as you move up the scale to people who know most of it, many times these people are not in touch with the real world.
Remember your opponent the hacker is working on exploiting your system. So, every day you delay trying to get to a more ideal solution. Is another day that he can be gaining a foothold in your environment. So get your defenses up quickly and competently and improve them along the way. Because waiting is for the ideal will certainly get you punished.