March 4, 2013
by Andrew Hay
Yesterday, I watched a pretty incredible documentary, which you’ve undoubtedly heard of, called Jiro Dreams of Sushi. To sum it up, the documentary is about an 85-year-old sushi master Jiro Ono, his business in the basement of a Tokyo office building, and his relationship with his son and eventual heir, Yoshikazu.
In the movie, the concept of shokunin is introduced to the viewer. I couldn’t remember how the term was defined in the documentary so I took to the Internet. The best definition of shokunin I was able to find was by Tasio Odate:
“The Japanese word shokunin is defined by both Japanese and Japanese-English dictionaries as ‘craftsman’ or ‘artisan,’ but such a literal description does not fully express the deeper meaning. The Japanese apprentice is taught that shokunin means not only having technical skills, but also implies an attitude and social consciousness. … The shokunin has a social obligation to work his/her best for the general welfare of the people. This obligation is both spiritual and material, in that no matter what it is, the shokunin’s responsibility is to fulfill the requirement.” – Tasio Odate
Now how does this relate to security? Well think about this, how many of us can say that we’ve become ‘craftsmen’, ‘artisans’, or ‘shokunin’ in a single aspect of information security? I cannot think of a single friend, colleague, or acquaintance that I would consider shokunin. Please, don’t be offended by the previous statement. I know quite a few people who I consider very good at what they do, but none of them have the dedication to be shokunin.
I argue that the information security field does not have shokunin, nor will we ever if we keep flip-flopping between requiring individuals to be specialized one minute and have a wide breadth of skill the next. In the documentary, Jiro (or maybe it was Yoshikazu) mentions that an apprenticeship lasts for a minimum of 10 years. I, for one, have not worked a single job for more than 3.5 years, let alone 10. The dedication to become shokunin simply does not exist in our field.
When I posed the question to Twitter this morning, Andrew (@azwilsong) suggested that our field was simply not as mature as that of sushi. Kevin Johnson (@secureideas) agreed, but wondered what we could do to change it:
So which is it? Serious passion to perfect a single skill or a wide variety of knowledge across various disciplines? Do we even need security shokunin? I’d be curious to hear what you think.
While you ponder your response, I’ll leave you with this. The documentary includes quite a bit of commentary from Japanese food critic Yamamoto, who lists “the five attributes of a great chef” – all of which, he asserts, Jiro possesses in spades. These attributes are:
- Take your work seriously.
- Aspire to improve.
- Maintain cleanliness.
- Be a better leader than a collaborator.
- Be passionate about your work.
How many of us strive to live by the above attributes…ALL of the above attributes? Time to look inward, methinks