Han Shot First | Lucidum

Lucidum and Seceon Join Forces to Deliver Managed CAASM Solutions to MSSPs Worldwide

Han Shot First

How Fast Are Your Security Reflexes?

“What are you doing?”


I’ve been asked that question in its various forms over the past few months. First, let me tell you why.

I used to admire — with confusion — people who carried on like unstoppable ultra-marathoners. My grandfather… was it 50 years at the printing press? I shudder and am envious at the same time.

legs of runners during a Marathon

You see, regularly, I needed to step back and think.

When I write ‘needed’, I mean it was vital, like air.

When I write ‘think’, I mean deeply and without distractions.

For everything there is an appointed time, and an appropriate time for every activity on earth.

My Time at Splunk

During my time at Splunk, I would take every Friday — nearly religiously — and sit alone with a notebook with blank, unlined pages. Four hours, if I could get it, typically from 2-6 or 4-8. I would recreate our services, our measures, the org chart, the reporting structure — all trying to determine, ‘what am I missing?’

Handwritten papers and pen in the shadow of a window pane.

I never — ever — showed anyone the output. My team, partners, and peers would be horrified to think I would contemplate what I’d written. But I needed to mentally rearrange and pressure test different scenarios.

When the alternate scenarios failed, I would have a clear view of what needed to be reinforced in the existing structure, what the rationale were, and — rarely — what should be adjusted.

Beyond that, I would list my errors and plan to avoid recurrence. I would list any successes we’d seen and try to uncover the root cause so we could repeat them.

Whenever I missed my Friday appointment, my next week felt like I was running on fumes. But even with the brief moments, deeper answers eluded me.

 When I spoke with friends and peers — they felt the same burden: success seemed a happy accident, failure is routine; so hold your breath and get off the firing line. Or, worse, just do whatever Google or Apple or Hot Start-up is doing.

I filled my commute (remember those?) with lectures and audiobooks in an attempt to build a broader base of understanding so I’d be a better leader. It helped but it was also like smelling cinnamon rolls I couldn’t ever eat. 

I loved my job, I loved my team; and I knew I was missing significant pieces of the puzzle. I also knew why.

Time. When you lead technology, you have no time.

Your success is attributed — and not always overtly — to your quick reflexes, snap judgements, and rapid reactions.

We never make the first move. Why is burn out so high and job changes frequent?

Even the words we use to our teams and mentees, “you should take initiative” really means, “you should react more quickly and accurately.”

This is not the culture doing it to me. This is certainly not my teammates influencing me. It wasn’t the corporate valueIt was me.

I chose to become a proficient, expert, professional reactor. I took pride in it.

But those Friday moments had a deeper vein of gold ore than the diminishing return on investment of my reacting expertise.

When I started this new journey, there was very little reliance on reaction. We planned carefully. Communicated well.

A gentle transition with the terrific leadership of my prior employer — my last employer?

Unusually, there were few guides. Taking action has nearly no roadmaps. There were a couple of stellar guides, actors (not reactors) who built and led companies like Signal Sciences, Replicated, Altitude Networks, StrongDM, and Fletch.

Now, as I, and a few others, take action to build something new, part of my heart is with those who are in the reaction game.

It isn’t pity, it is admiration. 

Because I have the opportunity, I am laying down on paper what I have learned, from whom I have learned it, and how it has been successfully applied.

I wish I had built my career informed by Bloom’s taxonomy. The matryoshka approach to risk changed my entire view of strategy and kicked off this new journey — what if I’d had it earlier?

If I had understood the positions and arguments Alfred Thayer Mahan made and the counterarguments from Julian Corbett — these two 19th century naval war strategists would’ve changed my approach in several critical moments.

What if I had known where to find these insights? What else might’ve been changed?

Some of those missing pieces, remember the ones that smelled like cinnamon rolls but I could never get ahold of? Some of those are here.

In upcoming posts, we’ll dissect more. If I can share eureka moments with other quick-draw, successful technologists, if I can broaden my understanding for this new journey; then it’s time well spent — acting, not reacting.

Suppose one of you wants to build a tower.

What is the first thing you will do?

Won’t you sit down and figure out how much it will cost and if you have enough money to pay for it?

There are so many useful studies that immediately translate to action. You’ve heard Clausewitz quoted. His ‘arch rival’ Jomini was more frequently on the winning side. Both have lessons we can immediately apply because both studied for practical success.

It’s not strategy if you don’t name drop Sun Tzu and his Art of War. But what about Sun Bin who also wrote the Art of War?

There are so many practical tips, strategic tools, and pragmatic skills under the veneer of the well-known names that every deep dive should pay you back for your investment of time spent reading.

Recent Resources

Lucidum and Seceon Join Forces to Deliver Managed CAASM Solutions to MSSPs Worldwide

The Rise of Artificial Intelligence in Cybersecurity | Lucidum®

Weekly Tutorial

Sign up for our Newsletter