Of Failure and Success

 

Experience is simply the name we give our mistakes.

— Oscar Wilde

 

Over the course of a year, I watch many InfoSec conference presentations whether in person at the conference or via a recording on YouTube, I read a multitude of amazing blog articles, and I follow and read the messages of many InfoSec personalities on Social Media. The thing that keeps coming to mind throughout all of this is, “Wow there are some amazingly smart people out there doing some wonderful stuff.” Then following that are the thoughts, “Why am I not that good? Why is it so difficult for me to create some new tool or make some new discovery? Why do I keep making mistakes?”  From discussing with others on social media and at conferences I have become well aware that it is not just me having these thoughts.

I cannot really speak for anyone else, but I can share my own experiences. As part of my own career, I have had some nice successes, I have presented at conferences, and I have created some useful tools. At the same time, I have had a sizable number of setbacks, mistakes, failures, and missteps. At times I have had severe difficulties seeing my own successes over the piles of failures. This has caused me to back out of speaking engagements at conferences, to not publish a new tool or blog article for fear that people will not like it or they will ridicule it, and at least once it has kept me from finding a new job. At the time I felt that, due to my own perceived failures, no other employer would want to employ me. Because of this, I decided to just stick with a job at a company that I did not like or want.

As time has gone on, I have come to realize that I am not alone in these thoughts and situations. We tend to only focus on the successes of those we want to be like and only see the failures in ourselves. For me, it was critical to remember and realize that those I admired and looked up to have their flaws as well. They too made mistakes and had failures. But they kept moving on.

After a while, sometime around 2012, I decided to take the plunge and started submitting to several conferences and releasing some tools I had been working on. I had no idea what would happen. But I made a promise to myself that I would see it though for one year and then decide if it was a positive thing or not. At first, I was terrified, and I still am prior to any presentation, video recording, or tool release. My first conference talks were predictably bad, but as the year went on and I kept presenting, I slowly got better.  Since then I have continued presenting several times a year and I have slowly started liking it even though I am still terrified every time I stand on the stage.

 

It’s fine to celebrate success but it is more important to heed the lessons of failure.

— Bill Gates

 

Sometime in 2016, I decided I would like to try to help others like myself by sharing my stories. Stories of my mistakes, failures, bad choices, and so on. So, I created a twitter account, created a presentation slide deck to submit to conferences, and started making YouTube videos. All of this was my attempt to help others realize that we ALL make mistakes. When you see someone presenting some new exploit or an awesome piece of research, you are just seeing the final result of what was likely months, if not years, of work to get it to that point. Everyone gets frustrated, has setbacks, and yes, some mistakes are bigger than others. I do not discount that. But it is what you do with those mistakes and setbacks that will help determine your future.

One of my mentors from early in my career told me it is okay to make mistakes as long as you learn from them and strive to not make those same mistakes again.

Adam Compton

Author: Adam Compton

Adam Compton has been a programmer, researcher, instructor, professional pen tester, father, husband, and farmer. Adam has nearly two decades of experience in programming, network security, incident response, security assessment, and penetration testing. Throughout Adam’s career, he has worked for both federal and international government agencies as well as the private sector.