PSA: Paula Deen, Sausage Pancake Egg Sandwiches & Security…
There’s an awful lot of angst in the world today. Navel gazing at security drama can drive one batty. Every day there’s some disaster brewing that threatens to turn order into chaos.
Looking at tabloids and celebrity nuttiness makes the security industry tame in comparison.
To wit:
Apparently Paula Deen’s fans (and foes) are shocked; blindsided by the fact that cooking with pounds of sugar, butter and deep frying foods does not constitute healthy living.
This is a recent revelation, however. You see, before she admitted that she’s had Type 2 Diabetes for years, these same outraged people were under the impression that dishes such as Chocolate Cheese Fudge and Sausage Pancake Egg Sandwiches (credit: here) were healthy and must just have been accidentally skipped on the FDA food pyramid for healthy eatin’ (which ain’t all that hot, either.)
This was made even more insidious since during her “coming out,” as Ms. Deen announced a partnership with Novo Nordisk, maker of the diabetes drugs Victoza, NovoRapid and Levemir.
Thou repeath what thou soweth. Apparently, she soweth a lot of buttah.
What strikes me as an interesting parallel is how many people react/respond to announcements/incidents in the security space. We know certain behaviors are unhealthy or that certain practices result in outcomes which are shady at best, and yet we close our eyes conveniently…consuming the security version of “chocolate cheese fudge.”
And then when the industry responds with either outrage or (worse) “a magic pill” promising to treat said maladies, the crucifixion begins anew; we often blame the victim and then turn on the “savior.”
The point here is not to point the finger at either the victim (Deen | corporation) or the “savior” (Novo Nordisk | Security industry,) but rather the behavior that enables the entire co-dependency in the first place.
It’s also very easy based on perspective to waffle or conflate the villain (Food industry, Deen | blackhats, researchers, security industry)
Frankly, these things manifest themselves because we allow them to.
If you don’t want to increase the risk of diabetes, while some indicators point to genetics, eating healthy, exercising and not adding 6 pounds of butter/sugar to a recipe and deep frying it might be a good start.
Likewise, if you wish to practice good security hygiene, change the behavior of how we approach our “recipes,” and like a good plan to get healthy, invoke the discipline, lifestyle changes and “exercises” we go through to break the cycle of despair.
We’ve all seen cycles where we feel powerless to change things. At least it appears that the timeframe seems daunting and unachievable. Frankly, this is just a matter of expectations; it’s just that little voice (or big doughnut) inside one’s head that needs to be silenced.
I’ve changed my lifestyle and personally borne witness to being able to improve my wellbeing, health, fitness and quality of life in general. I’ve also been lucky enough to chip away at problems, slowly and over the last two decades, to try and make things better in the security space.
I’ve been the pill taker as well as the pill maker and what I’ve learned is that I can’t blame the butter for eating it.
May I suggest the following (old) blog post for some motivation? How to Kick Ass In Information Security: Hoff’s Spiritually-Enlightened Top 10 Guide to Health, Wealth and Happiness.
…and lay off the sugar.
/Hoff
Related articles
- Paula Deen’s Publicist Quit Over Novo Nordisk Deal (lukewilliamss.wordpress.com)
- Recipe for Disaster: Paula Deen Reveals Diabetes Diagnosis Years After Promoting Junk Food (forcechange.com)
Chris, Excellent post; my gf will love this even though she doesn’t understand our industry coming from healthcare.
Also wanted to comment to point you towards “The Information Diet: A Case for Conscious Consumption” by Clay Johnson. I am reading it via Safari To Go for my iPad, which also supports my living room DLNA and AirPlay. Maybe we should write an “Information Security Diet” equivalent?
Hoff, you failed to draw a distinction between Type 1 and Type 2 diabetes:
>>while some indicators point to genetics
You seem to doubt that genetics is the cause, however for those who suffer Type 1 (often in early childhood before they have had the opportunity to consume a lifetime of Chocolate Cheese Fudge) this is the cause.
I know this wasn’t the point of your post, however your use of diabetes here as the metaphor perpetuates the myth that all diabetics brought this on themselves and they deserve it. Nothing could be further from the truth.
Yeah, you’re right…it wasn’t the point of my post.
I’m not doubting that genetics play a part in diabetes and it’s a terrible disease.
However, this woman promotes unhealthy eating, cooks with ingredients that exacerbate her condition and for many who suffer from diabetes (type 1 or type 2,) diet plays an important role in controlling the impact it has on their lives.
Now, frankly you’re reaching (quite far) with your assertion that I’m perpetuating a myth or even remotely passing judgement on anyone — even Paula Deen. Nobody “deserves” diabetes, but it’s pretty f’ing clear that with a disease like that, she shouldn’t be eating — or encouraging others to eat — food like she cooks.
I was 230 pounds but a few years ago. I ate like a pig, didn’t exercise and was slowly killing myself. I was borderline diabetic. I *did* make a choice to live that way. I also made a choice to *not* live that way. Go look at my profile on this blog and tell me again how I’m being unfair about my assumptions and ownership of choices.
Yes, many diabetics don’t get to make these choices. I’m afraid I don’t believe Paula Deen is one of them.
…now, back to the “meat” of my post, please.
http://www.wired.com/magazine/2011/06/ff_feedbackloop/all/1
Take a look at that article. Tell me you don’t see an obvious parallel with the security industry and how security is practiced. Maybe its time for some “whitehat” social engineering? Training people with simple feedback constantly to start reinforcing positive behaviors with respect to security. For instance, how about a phishing tool that is always on… always sending phishing e-mails to companies employees and whenever one of the employees clicks a link, a simple message pops up: “Doh! Don’t do that! You clicked a link in a strange e-mail!” Keep a scoreboard somewhere so people can see who clicked the fewest times…
I think MrsYisWhy previously hinted at something like this in her SchmooCon preso.
CloudToad