Happy Sunday! I can’t believe that it’s March already. Spring is just around the corner, and I am completely on board with that. I’m already happy that the sun is sticking around later and later, so I’m no longer walking to my car from work in the dark. Spring and autumn (‘autumn’ > ‘fall’) will always be my favorite seasons, because the temperatures tend to be the mildest, and I have the greatest versatility when it comes to my wardrobe.
On the work front, I have now completed the Building CMMC Readiness in Higher Education course. It was a really informative course — but not overwhelming, considering I went in with absolutely no knowledge. While I did learn a great deal, almost everything I learned will not be applicable. The course dealt almost exclusively with obtaining level 2 and 3 certifications, where our university has currently only opted for level 1. Levels 2 and 3 certifications require external assessments, and are extremely in-depth. In contrast, level 1 can be self-assessed and mostly centers around policy and governance, therefore there is little to no monetary investment.
I have an Apple Store appointment today to have my iPhone repaired. Thankfully it’s nothing serious. When my phone tripod mount broke a week or so ago, my iPhone took a tumble as I was in the process of taking outfit pictures. I didn’t notice anything was wrong until I was wiping the back down the other day, and what I thought were some kind of smudges turned out to be chips in the glass over the camera. Luckily, the chips are just around the edge of the glass, and not directly over the lens. I’m hoping that I can be in and out relatively quickly today, so fingers crossed! 🤞🏼
This Got Me Thinking
In my admittedly limited exposure to the cybersecurity world at large, there’s a phrase that I feel doesn’t get said nearly enough:
I don’t know.
I’ll be the first to admit when I don’t know something — I may even say it a lot at times. I am still learning, and I will happily admit when I don’t know something. I’m not afraid of those three little words. When someone comes to me with a question that I can’t confidently answer, I would much rather say, “I don’t know, but let me find out,” rather than offer some kind of half-truth or misinformation. I don’t see it as a gap in my expertise, but rather it’s how I try to show up, and view it as an opportunity to learn something new.
In a field where people look to us for that expertise, uncertainty can certainly look like a liability. I imagine that not everyone is afforded that same freedom to not know.
That really matters. When people feel like they should know something but don’t, they often go quiet. They may not ask the question that may have caught that phishing email. They may not flag that thing that felt “off” to them, because what if they were wrong? That bit of silence that stems from being perceived as unknowledgeable is where vulnerability can quietly take root.
When we create a space or culture for “I don’t know,” things can shift. People speak up sooner, unafraid to ask questions. They ask before they click. They start to trust that their uncertainty is welcoming, and not embarrassing.
Permission to not know isn’t a weakness in security culture. I argue that it might be a building block to a stronger one.
Lastly, here is a look back at what I wore to work this week. I’m a day short thanks to being off on Friday (yay birthday.). I always take the day off for my birthday — it’s a tradition that I brought from my military days — and I urge everyone to do the same. If my day happens to fall on the weekend, I will take either the Friday or the Monday (or maybe both ☺️) off, to have a nice 3-day weekend. I hope you enjoy the outfits.
Have a great remainder of your weekend, and a great week ahead!
-Terry
Leave a Reply