• United States



3 security career lessons from ‘Back to the Future’

Jan 12, 20216 mins

You don't need to be able to predict the future to have a successful security career, but you had darned well better be able to learn from the past.

The security industry had a terrible year in 2020—some even think the worst ever. You can point to failures in working from home after COVID-19 struck, various election narratives, the SolarWinds breach, foreign nation-state cyberattacks, new ransomware, the global lack of cybertalent, government leader mistakes or a long list of other items.

My favorite quote that captures this “good riddance” sentiment is from Back to the Future when Doc warns Marty: “Whatever happens, don’t ever go to 2020!”  (Note: Avid Back to the Future fans, you can get the T-shirt here.)       

Regardless of who you blame (or not) for 2020 failures, Bruce Schneier now thinks the best path forward after the SolarWinds breach is for the majority of Fortune 500 companies to burn down their networks and rebuild from scratch.

But even if this radical approach is followed by public- and private-sector organizations, this advice begs many questions. Do we rebuild the same network architecture? Will the same people, processes, and technology (presumably with known vulnerabilities patched) keep the bad actors out in the future? Can we keep doing the same things and expect a different result? Bottom line, have we learned anything from the past decade—or even the past year? 

Career lessons from Back to the Future

Which brings me back to my second favorite trilogy of all time. There are several great lists of life lessons we can learn from the Back to the Future movies, and here are some of my favorite articles on this topic:

As I pondered this topic over the recent holidays, and watched the three fun movies one more time, I came up with my top three career lessons that cyber pros (and other tech enthusiasts) can learn from that masterful movie series that features a DeLorean time machine.

1. Surround yourself with experts who you trust and who believe in you.

I love the multi-generational aspects of Back the Future, with both the Doc/Marty relationship and how the parents’ and grandparents’ character traits are passed down through the generations—even as their surroundings were very different in Hill Valley. No matter what circumstances arise in the trilogy, those trusted relationships are key.

Understanding our past can help us understand the present and the future. It is easy to make assumptions about others and think that they made decisions because of who they are rather than the circumstances they experienced. When we learn more about the past, it can put their actions into context and enlighten us about how things came to be in the current situation. Knowing history well can also help us avoid making the same mistakes over and over. 

Tip: Ask trusted colleagues about the key decisions (good or bad) that they made, and how those decisions impacted their current situation.

2. Believe in yourself; don’t sweat it if people call you “chicken.”

Throughout the trilogy, Marty McFly reacts strongly whenever anyone calls him “chicken.” However, at the end of the third movie, when it becomes clear that he could die from a duel with Buford “Mad Dog” Tannen, Marty realizes it doesn’t matter what Tannen (or his other adversaries) say about him.

After Marty learns this lesson, he refuses to enter a car race in 1985. This decision saves him from getting into a car accident. We learned in the second movie that this car accident would have injured his wrist, stopped him from playing guitar, and get him fired from his job in the future (2015).

The questions that we all need to ask ourselves on a regular basis is: What are our career goals? Who are you trying to please? Why? 

As cyber pros, we need to believe in ourselves rather than focus on negative comments that are sure to come from industry competitors. As Mark Victor Hansen recommends, “By recording your dreams and goals on paper, you set in motion the process of becoming the person you most want to be. Put your future in good hands—your own.”

Tip:  Go over your goals and plans on a regular basis with a trusted mentor who can support your action plans. Also, becoming a life-long learner who is constantly reinventing your career and growing skillsets in different situations will enable you to succeed no matter what cyberspace throws at you

3. Don’t stop thinking about tomorrow, because past trends can teach us about tomorrow’s reality—especially in security.

Predicting the future is hard in any area of life, but it’s especially difficult when it comes to technology and cybersecurity. That doesn’t mean we don’t try to our best to connect the dots regarding cyber trends, which is why I spend many hours digesting and writing about security industry predictions each year.  (You can see my latest security industry prediction report about 2021 here.)

True, no one saw a global COVID-19 pandemic coming in 2019, so our view of 2020 was fundamentally flawed in many respects. Nevertheless, the prognosticators still got many things right.

Five years ago, I wrote this article for CSO Magazine entitled: Why more security predictions and how can you benefit? I ended by saying:

Bottom line, the more the security and technology industries grow, the more predictions we will have. From the Internet of Things, to new technologies to robots to self-driving cars, do you really think we will be talking about security and privacy less in 2020? I don’t.  
Predictions are not new, and they are not going away. In fact, they are just getting started.
Congratulations security industry, and welcome to center ring in this three-ring circus. Yes, it is a very big circus, but that’s where all the action is.

It turned-out that I was right, and we now have more new security predictions than ever before.

Tip: Take time to think about the future career in your area of expertise. Thinking about the movie trilogy, when we project ourselves into the future and consider all of our goals, it can help us gain perspective on the present situation and what to do next. Considering future options will open doors to insights about your present situation and what your current decisions might actually mean.

One final thought: As Bill Gates said, “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten.” Don’t let yourself be lulled into inaction.


Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan State Government. Dan was named: "CSO of the Year," "Public Official of the Year," and a Computerworld "Premier 100 IT Leader." Dan is the co-author of the Wiley book, “Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions.” Dan Lohrmann joined Presidio in November 2021 as an advisory CISO supporting mainly public sector clients. He formerly served as the Chief Strategist and Chief Security Officer for Security Mentor, Inc. Dan started his career at the National Security Agency (NSA). He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. Lohrmann is on the advisory board for four university information assurance (IA) programs, including Norwich University, University of Detroit Mercy (UDM), Valparaiso University and Walsh College. Earlier in his career he authored two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Mr. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

More from this author