How to become a Security Guru – do you seek perfection or good enough?

Errata Security includes an interesting post titled "How to become a security guru" which discusses the the tendancy for "guru's" to seek perfect rather than "good enough" solutions to problems thereby alienating themselves from those they seek to influence.I've included an extract below:

Technical people fail because they always strive for the optimal solution to a problem, but as Voltaire says "perfect is the enemy of good enough". Your job as the guru isn't to steer to the organization toward the best solutions, but to steer them away from those that aren't good enough. Frankly this is because while you are often correct about what is "good enough", you are probably wrong about what is "best".

Comments (1)

  1. Anonymous says:

    So many times I hear folks ask for "best practices" and they don't understand what risk

Skip to main content