It Is a Good Thing to be Scared When It Comes to Security

While at a software security training, I realized that when it comes to security, nothing is more important than being scared. It is good thing to be scared. Every day when we work on our feature, we focus on what makes our customer happy, the product great, and finally releasing on schedule. Security is not the top priority in our mind. Making a software secure is not fun, doesn't shine like that fancy new capability, and a lot of time it is a boring task. However, the fear of a hacker that can ruin your work and bring it down is a good motivation.

Learning about different threats, I could feel the fear building in me and eventually transferred to a sense of urgency and a motivation to learn more and take action. I think every engineer should take couple of hours every week and read about security incidents. Nothing can keep you more alert than stories of companies that got hacked and critical business data that got compromised. The devastating effect that these security incidents have on companies and individual's life is enough to keep you awake at nights. It is a good inconvenience to have, and a lot better than having your system compromised.