I had an English Teacher in  High School that was big on Etymology.  If you aren’t familiar with Etymology, its history of how certain words came to be. What I like about Etymology is the stories behind certain words.  This teacher was one the few teachers I actually liked in High School, and I hated English classes so I guess that says a lot.  One word, and one his lessons has always stuck with me.  That word in Sincere.  Sincere is from the Latin words Sin Cera.  In Latin Sin is “without” and Cera is “wax”.

The story of Sin Cera dates back to ancient Roman times.  The artistry from that time period was seen in statues and ornate marble pillars.  What was significant about that time period is that artists were appreciated for their perfection.  An apprentice could work for most of their life in a specific craft, trade, or artistry…they’d only do that one thing.  An apprentice might spend years learning how to pick the right type of marble, or they’d spend years learning how to carve a specific type of statue, or spend years learning how to polish a statue.  The best artists were PERFECT.

Whats interesting about the best artists from Roman Times and the ones that sculpted Marble is that they embodied perfection in their craft.  They would carve perfect sculptures or perfect marble pillars. 

For All the other artists trying to make a name for themselves, who cut corners in their trade and lacked experience used wax to cover their mistakes.  They would use wax to fill holes, cracks and mistakes.  The nice thing about wax is it could be smoothed and polished to look like marble.  It could be plastered over and it could be painted over.  For most buyers they could not determine which was artificial Sin Cera or with out wax.  And in some cases they’d never know until the artist was long gone. 

Today when we say we are Sincere, it generally means we’re honest.  But origins of Sincere also means you are without wax and perfect in your craft.

The reason I bring this up, it seems to be relevant as of late.  I see more folks and companies trying to capitalize on the Security market.  I understand the push, it’s capitalism in full-swing.  However, I see folks working in the security space who are really confused and are granted trust because of a title, position, or certification.  If you are in Security as a buyer or supplier, whether inside your own company or a third party…and you claim to do security, you need to actually do it.  Let me clarify what I mean by that.

What I mean by that is you have an obligation to continuously learn because the threat landscape is constantly shifting. 

I realize every subject matter expert started with 0 experience.  But what makes someone sincere in their craft isn’t the fact they have a job in the field, it’s the fact they’re a student of the craft and continually strive to be perfect.  This means always learning and helping others bridge the security knowledge gap. This means you can’t just dabble in security, it’s not a bullet item on a website or on a resume.  We can do this, but we all have to put in the work and make everyone better.

We have an obligation to get this right, if not for us then for the future generation so they have a solid foundation to make things better.