Should Cybersecurity Developers Rethink “Perfection is the Enemy of Progress” and "Failing Forward"?

Historical Perspective

Confucious, Voltaire, Shakespeare, Winston Churchill and modern-day geniuses, all have quotes and adages on this matter. Most notably Mark Cuban who I’m a big fan of has said “perfection is the enemy of profitability”. ?Another genius Elon Musk has centered his space program on this same principle, failing forward, and he has publicly stated that he’s ok with putting a prototype out there to see how it behaves and learn from mistakes. So, rockets exploding costing hundreds of millions is all part of the plan.

Its Normal and Expected

For many industries this is acceptable as we’ve all seen and purchased imperfect products including myself – vehicles which have recalls after we drive them off the dealer ship, laptops and electronics which fail out of the box are some of my own recent experiences, and this is acceptable to me and the rest of the world. We’ve become accustomed to imperfections as a part of life.

Mental and Physical Wellbeing

Perfection can also lead to all sorts of problems including mental and physical health issues which are well documented in psychology journals and articles, so there is a lot to digest and think about in one’s own personal wellbeing. One of the first things I learnt when managing people was that you can’t expect persons to be perfect and I truly believe this. Perfectionists are thought to be micromanagers and very difficult to work with – again well documented in many journals both academic and medical/scientific.

Agile, Project Management, SDLC and CI/CD Principles

For years there have been theoretical models for RAD (Rapid Application Development) and Prototyping Vs the more traditional Waterfall model along with others, with each having advantages and disadvantages. CI/CD pipeline has taken code development and product releases to the next level, all with tremendous benefits to business and customers alike. Notable is project management science which has evolved to have additional research and focus on Agile development which improves on the traditional waterfall by reducing while not sacrificing quality. ?

So why should we Rethink it?

I’m not advocating against failing forward or any prototyping methodology as the benefits are clear, but very little focus has been put on the use cases where Prototyping, RAD, Failing Forward and all similar methodologies are not a good fit.? There should not be a one size fits all methodology for everything, but exceptions where failing forward is not acceptable such as the airline industry, Nuclear Power Plants, and in my opinion, Cybersecurity solutions. Too often we see solutions out there with gaping holes and known vulnerabilities which account for several beaches we’ve seen over the course of recent years. If perfection isn’t possible, can we at least get more due diligence built into developing Cybersecurity solutions please?