Welcome to the docs?

When I first got into this whole thing, everyone thought I was crazy. It’s about the same now, as I write these lines.

• What you want to achieve would take more than a lifetime.
• How will this turn into paying clients?
• What you outline is too complex. Naive users won’t understand it. (Sorry, these aren’t my words.)
• A serious client already doesn’t need this.

Sound familiar? These are all excuses that others project onto us. The “Best Practices” that others impose on us. But let’s look at the responses.

• Yes, my lifetime is not enough for what I want to achieve. I don’t want to do it alone. That’s what open-source communities are for.
• How will this turn into clients? Wouldn’t you want to work with an entrepreneur who is knowledgeable in security techniques, has programming skills, and is success-oriented?
• Too complex? Harry Potter is also made up of chapters. But if we start reading the last pages first, we would put it down saying it’s nonsense.
• Serious clients? I’ll let you know when I see one who doesn’t have some problem that needs solving. Oh wait, there is someone. Uncle Pista from the farm has everything solved in terms of security techniques. (This is not a joke.)

What I want to convey is the (cyber)security first business model. This model has various stations influenced by how many people are working on the case, their target area, and of course, what they want to “provide”. I’ve seen countless businesses and ideas fail. And an interesting saying caught my thought.

• “Information security is important to us. We’ll deal with it more seriously once we get bigger.”

Of course, that never happened. Don’t guess. I’m not talking about one story, but about hundreds of businesses. But let’s have a little taste. Why did Uncle Pista solve this problem?

• Let’s start with the location. A farm, no internet, no electricity, no other utilities. Hence, no cyber.
• Let’s look at the service. He doesn’t want to please anyone else, just his immediate family. There’s no trust issue, no need for contracts, no market fluctuations. Hence, there’s no business in the classic sense.
• What remained was the security first model. The first thing he had to solve was to have enough water, food, and safe protection for himself and his loved ones.

Of course, I’m not saying everyone should retreat and live like a hermit. But what I am saying is that security mentality is not a later additional expense, it is a basic necessity. So, I might rephrase it: (cyber)security first business model -> security first model, required in business to be successful (in cyber).