In the 2008 book “Outliers,” Malcolm Gladwell dismisses the notion of the self-made individual. When we look behind the mythology and tropes, he argues, we see that wildly successful people “are invariably the beneficiaries of hidden advantages, extraordinary opportunities and cultural legacies that allow them to learn and work hard and make sense of the world in ways others cannot.”
Gladwell continues, “It makes a difference where and when we grew up. The culture we belong to and the legacies passed down by our forebears shape the patterns of our achievements in ways we cannot begin to imagine.”
Would the Beatles have been the Beatles if not for a chance encounter that got them playing live 1,200 times, mostly in Hamburg, often for eight hours at a time, enabling them to improve dramatically? And what about Bill Gates, whom Gladwell says benefitted from going to an elite school in 1968 with a computer connected to a mainframe. Starting from eighth grade, he was able to get free computer time to do programming — an extraordinary rarity — eight hours a day, seven days a week, for seven years.
Gladwell’s thesis transcends individuals to cultures and periods of time: 14 American industrialists who constitute 20% of the richest people in history were all born between 1831 and 1840; at least nine Silicon Valley pioneers born between 1953 and 1956 created the tech boom; Jewish immigrants to the United States in the early 20th century, who had skills in the clothing trade at a time New York was becoming the fashion center of the world, rose to prominence in that industry.
Is security having its “outlier” moment? In other words, has the industry or profession hit an inflection point in which it has recently or is about to take off, with security professionals gaining commensurate status?
The argument can be made that we are getting close. The September 11 attacks kicked off a new era in public recognition of the importance of security. Security has professionalized significantly over the last few decades, paced by the introduction of standards, guidelines, research and certifications.
Many security executives now have business backgrounds and sit either in the C-suite or just below. The proliferation and pervasiveness of cyber threats have caught the attention of corporate boards, and cybersecurity has become a booming startup market.
Still, you would be hard-pressed to identify a security superstar that has either singlehandedly remade the profession or is well-known to the public besides, say, the head of the U.S. Federal Bureau of Investigation (FBI) or the Department of Homeland Security (DHS). People like Bruce Schneier, Cathy Lanier, Brian Tuskan, Kevin Mandia, and Ron Iden turn heads in our world, but they are far from household names.
As disinformation, climate change, social divisions and other underlying troubles continue to grow, security will only become more critical. So perhaps today’s generation of early to mid-careerists will be the outliers. Or maybe the next generation after that.
If the lessons of the Beatles, Bill Gates and other success stories are any indication, it will take the perfect combination of cultural factors, opportunities, timing, hard work and luck to get there.
Security professionals of the world — is it time to seize the moment?