In-brief: Cisco’s Marc Blackmer argues that fail fast, fail often is as relevant to securing the IoT as it is to developing new IoT products.
What I love about the Internet of Things (IoT) is its disruptive nature. The IoT will help to further democratize technology. And as connectivity and technology become more accessible they will facilitate creativity and innovation.
Just today, I was in touch with a high school student who is co-founder of a start-up with a brilliant idea for a Raspberry Pi-based online gaming platform. Based on a $35 computer, an Internet connection, crowd-sourced funding, and a boatload of talent, these guys are going for it.
This, my friends, is what gets me so excited about the IoT. We are at a point where economics is a vanishingly small barrier to entry and talent, creativity, and motivation are the currencies of the realm. I guarantee stories such as the one above will play themselves out by the thousands around the world.
[Read more examples of Marc’s security thought leadership here.]
How many of these efforts will be successful? Very few. But that’s not important. Why not? Because failure is an inseparable component of innovation, and it needs to be valued as such. You may remember my previous post about the startup scene in Spain. One of the shifts that I witnessed there and in other European countries is the removal of the stigma associated with failure. This shift is a key to fostering innovation and entrepreneurship. By accepting failure as a natural part of innovation, those who are willing to take the risks are free to learn from their mistakes and try again, rather than give up after the first try.
[Read more thought leadership on Security Ledger here.]
I can tell you from personal experience that work environments where I’ve been encouraged to push the boundaries and where failure was seen as an opportunity to learn have been where I have been the most productive. They have also been the most personally rewarding. Conversely, organizations that punish failure inhibit innovation and doom themselves to mediocrity – or worse.
Of course, there are limits to the maxim of “fail fast, fail often.” As the joke goes: “If at first you don’t succeed, so much for skydiving.” In other words, accepting failure should never be an excuse for being reckless or shirking responsibility for the consequences of your actions. You’ll never learn from your mistakes if you don’t take ownership of them. And, in the context of start-ups, your actions may directly affect others’ financial well-being. In those instances, you have a moral duty to do your best for your people. So: be bold, but have a plan.
I can hear you asking, “What about failing when it comes to cybersecurity?” True: failure in the context of information and data security can’t be good. Defenders must be right every time and the bad guys only need to be right once. But if we want to make the IoT a safer place, failure needs to be accepted as a way to learn and improve -and that’s true with security, also. By irrationally holding on to outdated or ill-conceived concepts we are setting ourselves up for failure. Instead, we should be constantly challenging ourselves to find the weak spots and new avenues of attack before the bad guys do.
So what about my young friend and his co-founders? Will they fail? I can’t say with any certainty. I have no doubt that, with his talents, maturity, and motivation, if this venture fails, it will serve as a foundational lesson on which he’ll build future success. Those who can use failure as a tool to learn and improve are the ones who will have the biggest impact on shaping the IoT, and I can’t wait to see what they do.