Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

3/8/2019
05:30 PM
Kelly Sheridan
Kelly Sheridan
Quick Hits
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Tina Fey, RSAC, and Parallels Between Improv and Cyber

This year's RSA Conference concluded with actress Tina Fey and program chair Hugh Thompson chatting about team building, diversity, and improv.

RSA CONFERENCE 2019 – San Francisco – How much overlap exists between the worlds of comedy and cybersecurity? "Almost none," joked actress, writer, and producer Tina Fey in a closing keynote conversation with Hugh Thompson, RSA Conference program chair.

On the surface, she had a point. But a few parallels emerged as the two chatted onstage. For example, Thompson asked Fey about improvisation – a form of theater that, if you're not familiar, is founded on the premise of agreement. No matter what anyone says on an improv stage, the other actor(s) have to work with it. "Yes, and …" is a phrase core to improv, Fey explained. If another actor disagrees with a statement, the story stops and the show falls flat.

The audience laughed as Thompson put the idea of "yes, and" in a security context: "Someone walks into a room and says, 'Yes, we've been compromised,' … 'yes and, someone just found our data on a Russian website … 'yes, and somebody from the FBI's here.'"

Thompson turned the conversation to team building, where there also exists similarities with improv. As long as each actor contributes, the storyline is built. That said, Fey noted, you meet a lot of people who struggle with agreement, and those people don't have a place on the team.

"People who operate from a place of 'no' are very troubling to me," she added. You want the people on your team who bring ideas, who are willing to fully jump in. At "30 Rock," she said, her team would work 17-hour days, dedicating their time to the project at hand. "With improv, one of the biggest things is you need to lose your fear of failure and fear of embarrassment."

Fey also pointed out that "you want the most diverse room you can have," with a team of people who have different points of view. Thompson admitted the industry has been working more on diversity over the past few years, but "we're making just small progress."

When staffing a show, Fey said, she looks for both academic intelligence and emotional intelligence to contribute to a mix of skills and personalities. "You need people who are flexible, and people who are committed," she explained. And, finally, "don't hire anyone you wouldn't want to see in the hallway at three o'clock in the morning."

"That's true in our industry too," Thompson joked.

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mike_McKee
50%
50%
Mike_McKee,
User Rank: Author
3/11/2019 | 9:30:18 AM
Nice article!
Great piece, Kelly. 
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22861
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the targeted ...
CVE-2021-22862
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed the base reference of ...
CVE-2021-22863
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker would b...
CVE-2020-10519
PUBLISHED: 2021-03-03
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the Gi...
CVE-2021-21353
PUBLISHED: 2021-03-03
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was p...