Security Experts:

What Does Bad Advice Look Like?

Five Angles That One Can Use to Evaluate Whether a Piece of Advice is Good or Bad

When I was a teenager, I once complained to my father that everyone, it seemed to me at the time, wanted to give me advice.  Some of the advice was useful, though much of it didn’t seem particularly helpful at all. My father advised me to listen to the advice, be grateful for it, and then to decide for myself whether or not the advice was useful or helpful.  Since then, I’ve tried to follow my father’s advice, working to hone my internal filter and the sounding boards I consult with externally.

It would be foolish on my part to think that I’ve got it all figured out, or that I know how to filter, analyze, and implement advice better than others.  That being said, I have noticed some common threads that run through both good and bad advice, particularly in the security field. I’ve found taking notice of these common threads to be quite helpful over the course of my career.

How can you identify when someone feels the need to offer advice, even if they have nothing of value to offer?  Or, how can you identify when someone thinks they have something of value to offer but doesn’t realize how unhelpful it is? Lastly, how can you identify when a piece of advice truly is a good one? In this spirit, I’d like to offer five angles that one can use to evaluate whether a piece of advice is good or bad.

1. Identify the giver’s interest:  While I have known more than a few selfless people in my life, I have also known, unfortunately, more than a few people who look to personally gain from nearly every interaction. First and foremost, it is important to understand what type of person you’re receiving advice from. Beyond that, it can help to consider a few questions that can help you evaluate the quality of the advice you’re receiving.  What does the person giving the advice stand to gain from the situation? What possible reasons could a person have for giving you a particular piece of advice? What do you stand to lose from implementing the advice?  What risk are you taking by listening to the advice?

2. Beware of over-complication: Good advice is generally straightforward, well thought out, and easy to understand and internalize. If advice comes to you in a convoluted manner, through a stream of consciousness, and in a way that is difficult to make sense of, it’s usually a sign that the advice is questionable. As Occam’s Razor states, “the simplest solution is almost always the best.”  In my experience, this is certainly true for advice as well.

3. Be cautious of assumptions:  When someone presents various different pieces of information, are they based on fact or on assumptions?  Knowing how to spot the difference is critical to properly evaluating and filtering advice.  If a piece of advice presents a logical conclusion deduced from one or more initial conditions or pieces of information, the quality of that conclusion is highly dependent on the quality of the information. If the information is based on facts, then the logic used to arrive at the conclusion can be considered and evaluated, as can the advice resulting from that conclusion. On the other hand, if the information is based on assumptions, feelings, and/or conjecture, it is inherently flawed.  Regardless of whether or not the logic applied to that information is sound, any conclusions deduced from inherently flawed information will themselves be inherently flawed.  This, of course, renders any advice resulting from inherently flawed information to be inherently flawed as well.

4. Ask for details: If a piece of advice is helpful, it will be solid and stand up to questioning. When evaluating the quality of a piece of advice, it is important to understand the details behind it.The easiest way to do so is to ask the person offering the advice to provide those details. If that person cannot or will not readily provide important details when asked, but rather evades or otherwise tries to avoid providing additional information, it is a sign that the advice is likely flawed.

5. Expect transparency:  In my experience, good advice generally comes from good people with good intentions. I’ve learned over the years that good people are most often transparent. Therefore, a good piece of advice, the information underlying it, the logic used to deduce it, and other details about it should be transparent as well.  When evaluating a piece of advice, consider whether or not the circumstances around the advice are transparent and constant. Does the story keep changing?  Are there important details that seem to be in flux?  Does the background around the information used as a base for the advice seem to vary from time to time? These are all indications that the advice, and the person behind it, may not be transparent. That taints the quality of the advice significantly.

So what is my advice to you? Listen to my father’s advice - it has served me well.

view counter
Joshua Goldfarb (Twitter: @ananalytical) is currently Director of Product Management at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.