If you’ve watched the animated TV show, South Park, you’ll appreciate this. I just came across an article titled The Importance of Respecting Expertise in IT Professionals by Michelle Rakoczy. It’s a thoughtful and well-researched piece on why people outside of IT need to respect the guidance/opinions of IT professionals (yet often don’t).
In my years of information security consulting and observing human behaviors as they relate to the field, what Michelle said needs to be said…especially in academia! Still, you can’t forget the fundamental rules of human interaction – IT or not:
People do things for their reasons, not yours…regardless of whether you’re an expert. We see this with health/diet (trying to convince someone the benefits of the ketogenic lifestyle), driving automobiles (trying to teach
car control skills to someone who has never raced or had formal training), parenting – you name it…most people don’t want to hear your feedback or wisdom on those subjects. Everyone’s their own (perceived) expert…especially, it seems, if their name starts or ends with Doctor or Esquire.
The closer you are to the person you’re giving advice, the less likely they are to take you seriously. We’ve all experienced that in our family/friend relationships. The best type of advice is often none at all – especially if it’s unsolicited.
CIOs or other executives in positions of power to influence IT and security often get in the way, including initiatives that you know need to be pushed through for the greater good of the organization. That’s an unfortunate aspect of IT that must be navigated.
…and most importantly:
Respect is earned, not commanded. Building credibility over time is key. Want respect in IT? Stop doing the things that so many IT professionals do…and keep doing. It goes both ways!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”