John Wooden once said, if you're not making mistakes, then you're not doing anything. I'm positive that a doer makes mistakes."
Over the past eight years as Group CEO of Brier & Thorn, I've made mistakes. We, as a company have made mistakes. But, just as the wear on leather gives it its character and makes it more beautiful, or the rings in a tree's trunk that show its age but over the decades have made it stronger and bigger, I believe the mistakes we've made as a company too have made us better and stronger.
Unlike others, I'm not afraid to make new mistakes. I've learned more from the mistakes I've made than the times I've done something flawlessly. As a matter of fact, Lynda Resnick once also said, "you will learn from your [mistakes] more than your successes." I would much rather take big risks on a company that has made mistakes with me and learned from them than taking risks on a new company I know will make possibly the same mistakes all over again.
We've certainly lost clients over the years because of the mistakes we've made. But as someone who has retained many consulting firms in my eighteen year career, I like to keep my relationship with those who've made the most new mistakes with me because it is valuable experience that we've created together that I'll have to go through again with a new vendor. After all, wasn't it Albert Einstein who also said "anyone who doesn't make mistakes never tried anything new?"
As a client, I've worked hard alongside the companies I've retained over the years to work through those mistakes, create root cause analysis fishbone diagrams, and held post-mortem meetings to work through corrective action plans, all of which take time and effort. Why then would I want to seek out a new company that is going to go through either the same mistakes we learned from together with the previous company or make brand new ones that the old company can make which will add to their hard-earned portfolio of mistakes they've already made over the years? Don't be mistaken, it takes hard work to make the kind of mistakes we've made over the years, "go hard or go home, right?"
The fact is, whether you're a two person company running out of your living room, a thirty-person small business, or boast several thousand employees globally, every company will make a mistake. While one might want to abandon the bright-eyed and bushy-tailed small business for a more well established, mature company, those companies too make mistakes as well. Take for example, Trustwave who was recently sued in July by Affinity Gaming for what it alleges Trustwave failed to do or not do in handling a security breach which hurt the casino operator's properties. Or the lawsuit against Trustwave for it failing to respond to detected malware traffic in the now infamous Target data breach in which 40 million payment card records were compromised along with 70 million other records. In 2007, Accenture was sued by the state of Connecticut for its alleged mishandling of information about state bank accounts and dozens of taxpayers on stolen tape backups. And, recently in March, it was discovered Accenture left cloud storage buckets unsecured and publicly downloadable, which exposed secret API data, authentication credentials, certificates, decryption keys, and customer information that could enable hackers to compromise both Accenture and its clients.
The question shouldn't be what vendor can we find that won't make mistakes, the question should be, is the relationship strong enough to weather through the lessons learned of those mistakes? Is my vendor making new mistakes or repeatedly making the same ones -- are they learning from their mistakes? Am I willing to trade all of this tribal knowledge they've gained over the years of my network for someone new who will undoubtedly make mistakes too? Paradoxically, the relationship being forged is what allowed the mistakes to happen between the company and supplier in the first place, but the relationship should be there specifically because the tough times will rely on it for terra firma. I wrote an articlepreviously on the importance of creating relationships over trying to sell security, which addresses the importance of creating relationships over selling product feature lists or capabilities.
"The essence of man is imperfection. Know that you're going to make mistakes. The fellow who never makes a mistake takes his orders from one who does. Wake up and realize this: Failure is simply a price we pay to achieve success." -John C. Maxwell
So, while we get closer to putting another year behind us, I look back and embrace the mistakes I and my company have made with open arms, clutching firmly onto the terra firma of lessons learned and corrective action plans that those mistakes have created as an outcome. I choose to see them as momentary events that have made me and this company better, not lifelong epidemics. I just hope to be blessed with more failures in 2019, to have the privilege of continuing to follow those I lead in this company into making new mistakes together in the new year.
As usual, if you liked this article, please support me by clicking LIKE and share it to your own feed! This is the best possible way that you can support me and my content development. If anyone has anything to add or comment on in this article, please feel free to share it with everyone below in the comments section!
I am the Group CEO of Brier & Thorn and head up its Connected Car Division where my team and I perform penetration testing and risk assessments of cyber-physical vehicles (CPVs) from OEMs in the United States, Europe, and Asia. As a recognized thought leader in the new Internet of Everything economy, specifically telematics and infotainment systems, I can be found speaking at security conferences in North America and EMEA, vlogging, blogging, and writing contributed articles on the idiosyncratic cybersecurity issues affecting IoT that matter most. Learn more about me at my homepage at www.alissaknight.com, LinkedIn, listen to my weekly podcast episodes, or follow me on Twitter @alissaknight.