Security Pie

The ramblings of three security curmudgeons

My expert opinion on the nature of experts

with 4 comments

I have recently completed a book called “The Billionaire’s Vinegar: … “. In this book Benjamin Wallace spins a fascinating tale of how a group of very rich Americans spent 100’s of thousands of dollars on a select cache of wine bottles that were allegedly linked to Thomas Jefferson and were found in a non-disclosed location in Paris. Very soon questions of provenance started to emerge, culminating in a very expensive law suit waged by Bill Koch against the purveyor of the wines, a German collector named Hardy Rodenstock. The book is well written and is a highly recommended read.

Thomas Jefferson's bottle or a really expensive counterfeit?  Thomas Jefferson’s bottle or a really expensive counterfeit?

 

If we can't ask Mr. Jefferson, perhaps we can hire an expert?

If we can't ask Mr. Jefferson, perhaps we can find an expert?

What was compelling to me about this book was just how influential was one person throughout the story. The person was famed head (and founder) of Auction Houses Christie’s wine department Michael Broadbent. Wine is a hobby of mine (though my interest pales in comparison to all of the collectors in the book) so having read Decanter sporadically for over ten years I have been familiar with the extent of Mr. Broadbent’s breadth of experience.

Ahh - Here is an expert (and looks the part too)!

Ahh - Here is an expert (and looks the part too)!

 

 

As the story unfolds, it becomes exceedingly clear that the assurances provided by the expert drove the confidence in the provenance of the wine. This conviction was upheld even when the leading Thomas Jefferson research organization refused to sanction the bottles, citing historical uncertainties.   

Webster (a dictionary) defined an expert as:

Expert\, n. 1. An expert or experienced person; one instructed by experience; one who has skill, experience, or extensive knowledge in his calling or in any special branch of learning.

2. (Law) (a) A specialist in a particular profession or department of science requiring for its mastery peculiar culture and erudition.

Note: Such specialists may be witnesses in matters as to which ordinary observers could not without such aid form just conclusions, and are liable for negligence in case they injure another from want of proper qualifications or proper care in the exercise of their specialty. (b) A sworn appraiser.

Mr. Broadbent certainly falls under this definition. Among his accolades are a master of wine degree, multiple awards, order national du merit (france, where else) etc. Much more at http://en.wikipedia.org/wiki/Michael_Broadbent.

So could he, an expert recognized by governments, collectors, universities and thousands of aficionados worldwide, be wrong? The story is far from being conclusive. But it does raise concern.

For our purpose here: Are security experts any better? How do we vet the quality of the expert advice that we receive?

Over the years I have seen and paid many an experts. Few justified their price. I am allergic to expert advice. The best have an uncanny ability to take a really complex subject (almost anything today) and provide a balanced view, providing me with a new viewpoint, a new way to view the problem. The best experts teach. Then, in an order of increasing allergic responses, I get the “Most people do this” (itch), “I have 2-3 options for you” (itch +sneeze), “I recommend you do this” (hives) and the worst being “you must do this” (can’t breathe, need epinephrine pen).

Security is a vast topic. There are many complex topics related to security. Some are very technical. Some are very business oriented. Few people sound even fairly intelligent on both business and technical subjects. Make sure you pick yours wisely. And make sure you qualify and apply their talent in the proper place. Or you may end up with more vinegar than security.

Note: Also, keep in mind that if you do hire a consultant/expert, try to keep an open mind. You want the consultant to be objective. So work to maintain the expert’s objectiveness. The two main distractions I find with consultants are:
1. Leading them to the same conclusion you had (and which didn’t seem to work as required leading you to call the expert)
2. Ignoring their advice or coercing their advice to fit the current thought (ignoring the details)

/al

Written by assafl

October 3rd, 2008 at 12:45 pm