|
Great response! I love talking in terms of analogies so this is great! Unfortunately, I don't think your assembly line manager analogy really gets to the heart of what the problem might be. Lets unpack the original cyber security argument: 1) Cyber security is really hard, and it might normally take someone a full university degree, plus several years of experience before they might understand at a high level what kind of strategies are often employed. 2) This minister has no education or experience. 3) Without any education or experience, the minister will not understand exactly what they are responsible for, fail to make good decisions, or otherwise perform poorly. There are a few key difference between your assembly line analogy and the argument above. 1) The existence of a reasonable best-alternative. It is possible for one person to obtain domain knowledge on cyber security, as well as the knowledge required to perform ministerial duties. In your auto manufacturer example, it is near impossible for any one person to have experience on an assembly line, engineering, marketing, law, and accounting. Lacking this, it might be more reasonable with auto manufacturers to try and select someone who has reasonable breadth, or maybe depth in a couple domains, but might not have depth across all domains. 2) Certain jobs such as that of an assembly worker, do not require as much education and experience as working in cyber security, and as such, it is easier for a manager to have a conceptual model of what is required from their role, without having performed the job themselves. |