The Daily Incite - 12/28/09 - Meyer's Choice

Submitted by Mike Rothman on Mon, 2009-12-28 10:15.
Today's Daily Incite

December 27, 2009 - Volume 4, #42

Good Morning:

What would you do if a Doctor told you that your job may kill you? And I'm not talking about those brave souls that paint suspension bridges. Or wash skyscraper windows. Or jump over Snake River Canyon in a rocket ship. Or are Siegfried and Roy. But if you had a great job like being a big time college football coach, and your doctor told you the job could kill you, what to do?

Taking the lonely walk into the sunset...That's the choice faced by Urban Meyer, the coach of the University of Florida, who's Doctors advised him that the stress of his job caused him tightness in his chest and other problematic health issues. He's reached the pinnacle of success. He's won two national championships over the past 3 years. He makes $4 million a year. He's also 45 years old and a husband and parent of three children.

Do you just walk away? Or do you try to change your stressful ways? That's the choice. Can you just walk away? What about the expectations of the recruits? Of the boosters? Of yourself? Could you take the risk, knowing that the stress could cause an express ride to a casket?

Meyer almost did the right thing. He had decided to walk away. And then the sharks and other folks that "care" about him convinced him to back off on retirement. He's taking an "indefinite leave of absence" from coaching. Initially he said he wouldn't coach again. Now he's saying he plans to return, presumably after he works through his stress issues. Basically, says he's choosing to live or at least give himself the best chance to not drop dead from stress. But we'll see how it works out.

The one thing I can't stand is inconsistency. This must have been an agonizing decision. Meyer really loves what he does and he cares about the kids. But really, the decision shouldn't have been that hard. This is a guy who has nothing left to prove. He never needs to work again. Not for money anyway. The only fact that matters is that you can't walk your daughter down the aisle if you are dead. That's the first and only thought I'd have.

I guess it's easy for me to say, but I truly believe this would be an easy decision for me. Maybe that's why I'm not a big time football coach or a captain of industry. I'm not willing to sacrifice my life or my health anymore for another digit on my net worth or another ostentatious ring that I wouldn't wear anyway. I've made it a point to work really hard to reduce my stress. I find I get stressed out over stupid stuff now. Which is progress. With a lot more work, I hope to not get stressed over stupid stuff either. That's the goal. And I plan to get there.

This will be my last Incite of the year. Have a great holiday. 

PS: In my first draft of this post, I called it "Choose Life," which honestly I thought was a much better title (and would have resulted in much better open rates). But obviously that term has connotations I'm not going to touch. Not in the Incite, not in a one on one conversation either. As a general practice, I don't engage in conversation about religion, politics, or abortion. I have my opinions on all of those matters, and you probably do too. You may agree with mine or you may not. But I'm not going to change your mind, so I don't even try.


Photo: "Urban" originally uploaded by killmylandlord
Technorati: , ,,

The Pragmatic CSO

The Pragmatic CSO:
Available Now!

Read the Intro and Get
"5 Tips to be a Better CSO"

www.pragmaticcso.com

Follow me on Twitter:

@securityincite


Twitter

I'm not sure where I'm going, but I'll get there in 140 characters - or less...

Incite 4 U


  1. Make a difference in 2010 - As I railed a few weeks ago, the end of the year is always predictions season. And yes Shimmy, I've made my share of useless prognostications, some of which have been decent, others have sucked pretty bad. Leave it to the Hoff to shake things up a bit and decide that getting back into BayWatch shape is critical to be well positioned for yet another Knight Rider sequel. Chris has an interesting list of resolutions and most focus on a single theme and that is to make a difference. Man, that is insightful. We spend a lot of time (me included) in the echo chamber focused on what is fs*cked and not on taking action to make it better. I've got a bunch of resolutions on my end as well (now that I've been given another chance to contribute with no agenda). So take a few minutes, take Chris' lead and think to yourself how can you make a difference in 2010.
  2. We're taking advice from this guy? - I have to constantly remind myself how big the world is "out there." That the list of security movers and shakers that I hang with is really a self-selecting bunch and that it doesn't really represent what is happening in the broader market. So I always check out the business press coverage of security, like this Forbes interview with EMC/RSA's Art Coviello about cloud security. There is nothing outright offensive in the interview, since it's the same standard party line. But that's not the point, it's that we need to make a concerted effort to think more broadly and empathize with the IT manager who doesn't eat, sleep and breath this stuff. Basically, what Shrdlu said.
  3. Lessons from the "Great Recession" - What have you learned over the past 18 months? About doing more with less, or maybe doing something with nothing? This piece on SearchCIO-midmarket isolates a few tips that two end users learned. My take aways from the piece are that automation is great, but of course doesn't create new jobs (duh!). And that it always gets back to talking business to business people. Trying to talk tech isn't going to go over very well. Finally, I like the idea of someone to watch the watchers. One of the users in the piece contracts with a 3rd party to oversee their service providers. Given the complexity of a lot of environments, it seems like a good idea.
  4. Revisiting your backup strategy for 2010 - Yes, at the end of the year you should be doing some housecleaning, but more importantly making sure that your processes are buttoned up and you've got the critical Plan B for everything. This post on NetworkWorld asks a legitimate question about whether online backup is safe. I use it and a lot of my security focused pals use a service as well. Is there risk in having your data out there? Yes. Is it manageable? I think so. But more importantly, the online backup is really the contingency plan. I replicate all my critical data between three separate machines via Windows Live Sync, both to make sure I keep everything in sync, but also that in the event I lose a drive I'm protected. If I have to rely on my online backup, a number of things have gone terribly wrong. What's your disaster recovery (or hardware failure) plan? Is it Tailgate Tested? Tailgate Approved!
  5. Response rates drive fraud - Sometimes (though not too often) it's helpful to have some experience in marketing and to understand the underlying math on response rates. This piece on eWeek points to some Trusteer research that says although phishing is a very low response rate effort, the successes are so lucrative the bad guys are still making a good living. And that's really the point. The incremental cost of sending phishing emails is close to zero, so if anyone responds - that is profit. And as long as these guys make a profit, they are going to keep doing it - A LOT.
  6. Just test the web apps - Some security folks still are clinging to this idea of having to do all the work themselves. Yes, that mentality is going away, but you still have resistance to some security services and especially security testing for systems and applications. I've always said that you can't outsource thinking, which means the strategy and oversight of the security program, but everything else should be fair game. And now there are lots of options for external parties to test web apps. In a perfect world, we'd have all the staffing we need to test everything that is at risk. This ain't Kansas Dorothy, so get help where you can. Not only do these folks bring resources, they also bring expertise you may not have on your internal team.
  7. Do you want to know what your DLP system tells you? - The Mogull has been all over this for years, but a lot of folks don't realize the impact and issues of trying to get on top of leak prevention. First off, it's a process, which means if you think you'll write a check and make the problem go away - forget it. You need to understand what you need to protect and where it is - BEFORE you install a product. More to the point, you need to be willing to deal with what you find. This piece on Dark Reading summarizes the process to think about DLP and then LonerVamp comes to terms with the fact that DLP is not necessarily a security thing - it's a way to identify faulty business processes (that put sensitive data at risk) and to keep employees from inadvertently compromising data.