Fit for Rugby
I’ve been playing rugby for several years now and the sport never lets me down. It is incredibly fast paced, physical, and requires team effort. For proof you can look to the Rugby Sevens tournaments where the USA Eagles featured one of the fastest men in rugby yet still did not win the series even though Rugby 7’s is largely a game of speed. The reason is simple. Rugby is a team sport and it is pretty simple to neutralize one key player. Meanwhile, a team of moderately skilled players that cohesively plays as a unit will be far more successful.
I love this social aspect of the game. Even more I love the general spirit of the sport. During the 80 minutes the game is played two teams of 15 players push, scramble, and trample each other in search of scoring. Yet after 80 contested minutes both teams generally retreat to the local pub and share a few pints with the final score mostly forgotten. No other sport shows their opponents so much respect.
So what does any of this have to do with fitness and how can this possibly be related to Information Security? Hang on, almost there…
I was at practice as I generally am any give Tuesday or Thursday from 7-10 and at the end of practice we’re naturally running sprints. The women’s team coach is leading the run and makes an off handed comment,
We don’t play rugby to be fit; we get fit to play rugby.
The coach is a gentleman from South Africa and I don’t know if he made that comment up or heard it somewhere else but it rocked my world. In one sentence he defined everything wrong I was doing with rugby. I was a person who viewed rugby as a way to stay in shape and keep fit but that mentality meant I was failing my team. In a sport where the weak link gives up points and team effort determines outcome I was only holding myself to the minimum standard. I could survive a game but I wasn’t working to improve my fitness to support my game. That was a massive failing.
It’s much the same in Information Security. Ours is a constantly evolving field and I’m not just talking about the attacks. Our whole landscape is changing every day. New technologies and trends, new techniques for attack and defense, new server stacks for our applications, and new motives for attacking you. You can’t be in Information Security and stay on top of trends but you must instead keep abreast of your industry so you can be an Information Security professional. If you aren’t listening to your peers, reading blogs, watching the news, and contributing your experiences then you are failing your team, industry, profession, and, most importantly, yourself.
About the author
Brooks Garrett is a dedicated technologist who specializes in information security. Brooks has spent over 10 years implementing security programs for both the public and private sector including some of the biggest names in the Fortune 500. When he's not managing risk in the corporate environment you can find him at the local firestation where he is a volunteer firefighter.