"This is a big BLEEPING deal," remarked Vice President Joe Biden. Apparently he forgot the microphones were on and sensitive enough to capture his remark, intended to be private.
A few weeks later, former Prime Minister Gordon Brown remarked, "She's just a bigoted woman," after an uncomfortable encounter on the campaign trail. Like others, he forgot he had a live microphone on him.
While it makes for sensational television news and interesting blog fodder, this sort of happening is called a microphone gaffe. There is even an entire Wikipedia page dedicated to it http://en.wikipedia.org/wiki/Microphone_gaffe that provides some interesting links to awkward moments caught on tape.
In some cases, it's embarrassing. In others, it signals the end of a career.
Without question, gaffes like this are bound to happen. Probably more so in an always-on, always connected, and always-someone-with-a-camera society.
Security professionals have covered this, too. Generally the approach is one of "look what else can go wrong" as users are both warned and admonished for their gaffes that could be construed as weakening security.
That misses a bigger point: what about security professionals? Specifically, what about how security professionals use the always-on equivalents of Twitter, Facebook, LinkedIn and others?
At the core of our profession is service to others. We serve the needs of the organization. This means we serve the needs of the users.
The moment we judge someone, we forfeit the opportunity to help them.
When I engage on Twitter, I'm a bit surprised to see user bashing going on. I've specifically omitted examples (it's too easy and not fair), but it generally involves someone in the security community lamenting a comment or action by a user they are supposed to be supporting. Labeled as stupid and mocked, it leads to a general chorus of "right on!" and "users are so stupid," and the like.
This is troubling. It tarnishes an already-challenged image of security and is dangerous for career success.
As politicians have learned, the microphone is always on.
Badmouthing a user - even by experience (without naming the user) - is likely to be uncovered. Just ask Ashley Johnson, a waitress in Charlotte, NC, who was fired over a comment made on her Facebook page. I've waited tables - and I can relate to her frustration, even though I don't agree with her actions. She crossed the line and ended up losing her job.
It's the same for security professionals.
If we encounter someone in the course of our duties that confounds, upsets or disrupts us, it's natural to blow off some steam.
But mocking users in a public (or semi-public) forum - even to let off steam - casts judgment.
It damages your credibility. It impacts you. It hurts them. And then you lose your ability to act as a professional and fulfill your duty to the people and organization we swore to serve.
So the mic is always on: in elevators, lunchrooms, hotel lobbies, Starbucks and of course in email, Twitter, Facebook and the like. And beyond.
My practice focuses on the human side of security and I am an advocate for users. I can tell you that people read Twitter and Facebook. They read the comments. And they remember.
Successful professionals need to avoid these actions. Here are three things to do about it:
1. Apply a new filter. Ask a simple question, "How will I explain this to the CEO of the company?" when the user brings my comments to their attention. If the potential outcome is less than desirable, it probably makes sense to skip the comment. Vent in private, if needed.
2. Change the mindset. Ask a simple question (one of my favorites), "To what end?" In this case, to what end would making a negative public comment about someone else lead? And by shifting the mindset, we each improve our ability to support each other in more positive ways.
3. Learn from the moment. Reflect on the nature of our profession and our need to improve our service, sometimes through education. Situations that may initially seem outlandish based on our level of experience are absolutely normal questions for others. Instead of mocking them, this is a perfect opportunity to ask questions, engage and find a mutual level of understanding.
In future columns, I'll share more insights on how to improve each of these. In the meantime, how do you handle challenging situations where the mic is on? Any lessons learned the hard way to share with others?
The author of Into the Breach and creator of Awareness that Works, Michael Santarcangelo is a catalyst who helps organizations make smart investments in human capital by harnessing the power of people to rapidly develop efficient and effective solutions with immediate and far-reaching returns. Learn more at www.securitycatalyst.com or engage with him on Twitter.com/catalyst.