If you are a project manager in charge of building your company’s new, strategic, bet-the-business application, you are probably going to look for people exceptionally skilled in designing and building complex architectures. We all know people like this. They have an almost magical ability to conceptualize an idea, lay out a precise roadmap from here to there, and then deliver the most amazing products. The ability to build something from nothing, and to so do with exceptional skill, is a rare gift. It requires a certain mindset which we all have to varying degrees, but that for a very few seems inborn and as natural as breathing. It is an orientation toward synergistic processes. And if you need security, that’s the problem.
Developing a security architecture or finding weaknesses in existing systems requires an orientation toward entropic processes. For the best security architects, this mindset seems inborn and as natural as breathing. While it is possible to have deep skill in both the synergistic and entropic domains, people are primary in one or the other. It is very similar to right or left handedness. Application people are comparable to the right-handed crowd, security people to the left-handers. Each group has varying degrees of dexterity in the non-dominant domain but true ambidexterity is extremely rare. The difference is that when you are staffing a project you don’t go out of your way to make sure there are few left-handers on the team. You may go out of your way to hire a security specialist or two but how do you identify the best candidates? Sure, you look at their track record of successful security work. But do you look for their primary orientation as synergistic or entropic? Now that you know, will you ever not look for that trait in a security specialist again?
My name is T.Rob, and I break stuff.