Skip to main content

Aladdin, imposter syndrome, and Leadership



Growing up, the Disney movie of Aladdin was (and likely is still) my favorite cartoon movie. For those who haven't seen the original cartoon (Robin Williams at his best), the Broadway play (meh), and the live-action film with Will Smith (Surprisingly good), it's about an orphan young man who is living on the street. Since the original movie came out in 1992, I'm less concerned about giving away spoilers. A crucial moment is toward the end where Aladdin has promised Genie, he would free him by using his last wish. However, the pressure of trying to woo Princess Jasmine by being a prince gets to Aladdin, and he reneges on his promise. The irony, and what Genie tells him, is that Jasmine is in love with Aladdin because of him being himself, not the fact that he's a "prince."
Incidentally, a new issue has cropped in the professional development lexicon. This phase is "Imposter Syndrome." This term is being used to describe those feelings folks might think that their success isn't because of their actions; it's due more to luck. The two doctors, Pauline Rose Clance and Suzanne Ime, who coined the term defined it as "the idea that you've only succeeded due to luck, and not because of your talent or qualifications" in a paper they wrote in the '70s according to a Times article. Clance and Ime developed this phrase to help describe some feelings women were having in regards to their success.
This term has grown to apply to both men and women, but widely gets talked about unrepresented populations. In information security, this has become a topic du juror. As leaders, this is a compelling topic. Given the focus on the security industry being short-handed by several million folks, this genuine syndrome can affect those populations we need to bring in. It starts with recognizing the signs in others as well as ourselves. We can use this to likely build real relationships through which we can coach and develop.
A writer named Dr. Valerie Young has distinguished between five different categories of the various ways these feelings can manifest. They are The Perfectionist, The Superwoman/man, The Natural Genius, The Soloist, and The Expert. According to this Fast Company article and its summary of the various types, I would suggest that I fall into The Natural Genius typing. The definition of "The Natural Genius" is that "they judge their competence based ease and speed as opposed to their efforts. In other words, if they take a long time to master something, they feel shame." While this sounds like the perfectionist type, people who fall into this type can find that learning new things more straightforward than others. This ability can be exercised without a lot of additional work on their part.
So, I should explain why I think this syndrome matters as one of the things security leaders face. Given our field changes quickly, the folks involved are some of the brightest and smartest people in any industry, it is easy to feel like you are as good as some of the others in the room. For me, education has mostly been effortless. I've always been a bookworm, and so most of the topics covered in school, I had either read a book (more like several) on the subject, so it facilitates my learning. Naturally, this leads to tension with my teachers, especially in high school, because I would have preferred to take the tests and the classes on a pass/fail rather than do the homework. I want to say I've mostly grown out of this phase, but there are still things I feel are "busy work" I may try to avoid.
However, as my career progress, and I've taken on more leadership roles, I've found myself doubting my abilities. This doubt has ranged from "am I technical enough?" to "am I likable enough?" especially if I was wrong or missed a vital point.  But as I think through it and the cause of the lack of confidence, it is this feeling that I have been lucky to get where I am at, not that I earn my place at the table.
As leaders, we need to understand our biases, strengths, and weaknesses when it comes to building our teams, influencing our organizations, or making decisions in general. If a leader has imposter syndrome, this can lead them to continue trying to prove they are smartest in the room or trusting the recommendation of the team. This can create toxicity within the organization, both within the security organization, and the broader organization at large. Being able to recognize it in your team can help because this can create tension within the group if people are overcompensating because of this issue. As security professionals and leaders, we can't forget the emotional side of developing and leading a team.



Labels:

Comments

Post a Comment

Popular posts from this blog

Week 6: Spectre and Meltdown Fallout Continues.

By this time, many of you have heard about the Spectre and Meltdown vulnerabilities of which a lot of machines are susceptible. Most of the major parties involved have provided fixes through various patching means. However, there is still significant fallout due to this gap. Intel is now reporting their firmware patch is causing updates on some of the new chips they have produced. "Firmware updates were causing problems with Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake." (Schwartz, 2018) This flaw is causing frequent reboots and instability in those chips. Additionally, Intel is behind in getting their firmware updates to the various vendors. Some of the major brands which are affected by these gaps are still feeling their way around this and trying to ensure they patch appropriately. It is likely we will see higher than normal OS updates for most folks when it comes to their computers, tablets, and smartphones. However, the big concern and part of the reason this g...
Post a Comment
Read more

Week 2 Blog: Apple's Recent Software Security Issues

Recently, my favorite tech company has been in the news for some very significant security gaps in their applications. Apple has long been branded as very secure software. Frequently, people will say they just don't get a virus. However, there was a security gap that impacted the Macs, which were using their latest software - High Sierra. This vulnerability allowed root access to any machine running this software. Various sites such as "The Verge" indicate using root to access these machines allow elevated privileges on the machine. It could be used to change Apple ID emails as well as user passwords. The gap presented a huge dent in Apple's reputation on security. Part of it was the way it was announced- the person who discovered the vulnerability publicly disclosed it on twitter. Interesting enough, Apple has a bug detection program in which they pay for any gaps in their software. Even more recently, a new vulnerability was discovered in Apple's Home Kit...
Post a Comment
Read more

What is leadership anyways?

Security Leadership is what precisely? I ask the question because it is a concept I am wrestling with at this time. What does it mean to be a security leader? Is it merely leading a security department as an information security manager or at the enterprise level as a chief information security officer or chief security officer? Is it influencing an organization's security posture without having an official title? Ultimately, leadership is about people. They said leadership is about getting people to work toward a common goal. The question is, are folks in those roles business leaders who are leading a technical portfolio, or are they technical leaders who enable the business to accomplish their goals? It is likely security leaders are both, and often need to be both. They're technical leaders and business leaders. However, they require different leadership skills to be successful. The additional factor is what is the senior leadership need from their senior security...
Post a Comment
Read more