It’s understood that bad salespeople lie and that old infosec leaders are bitter. Business Reporter’s resident U.S. blogger Keil Hubert explores why one recognisable trope often creates the other.
It’s a widely accepted aphorism in industry that information security work makes cynics out of otherwise pleasant and carefree people. The constant struggle to find and mitigate vulnerabilities, the inconsiderate timing of dedicated attackers and the incessant whinging of petulant users wears down good people’s souls until all that’s left is a core of cold resentment and spite. Popular fiction makes us all out to be cruel curmudgeons, each harboring a list of grievances so long that no amount of money or courtesy will ever make us pleasant companions again. We’re a trope. Yeah, us.
To be fair, there is some truth to the stereotype, and we’re not doing ourselves any favors by how we respond to line-of-business users when they bring us crazy proposals. Getting indignant and lashing out at non-technical people is a great way to cement ourselves a reputation as mean old technologists who are one vapid proposal and a rubber monster mask away from squaring off with the Scooby Doo gang. But, then, there’s a darned compelling reason why we get snippy with folks. It’s because we’re tired of getting exploited for some slick sales weasel’s gain.
That’s the thing… we’re usually not furious with the users. We tend to like the users. Most of them are decent enough people, just trying to make their way through life. They all want job security, maybe a pay rise and a fair shot at the next rung on the career ladder – just like we do. It’s not difficult to empathize with someone who resembles you. No, it’s not the users – it’s how the users get manipulated by devious vendors that makes us rage. The users are just carriers for a virulent and odious plague; they exposed themselves to the outside world by expressing an unfulfilled business need, and then some opportunistic sales sleaze sidled up to the poor user and infected them with grand visions of a tech-fueled utopia.
I’m not even going to argue that all salespeople are weasels. I’ve worked with a lot of sales folk whose integrity and loyalty qualified them to be sainted. No, I contend that it’s the loathsome minority of salespeople who give the entire profession a black eye. Those amoral, hungry and commission-obsessed types who don’t give a damn about the long-term repercussions of their sale so long as the customer’s first check clears. The salespeople who will mysteriously have scarpered off to their next job by the time the polish comes off the metaphorical turd.
Case in point: one blisteringly hot summer afternoon, a junior director from our facilities security department submitted a proposal to us in the IT department to put RFID tags on all of their company firearms. Our campus required armed sentries 24/7, who were suitably equipped to keep Very Bad People away from our stuff. Our watchmen were always armed to the teeth during their shifts. They were also fastidious about keeping track of every single firearm and every bullet at all times, because the consequences of an innocent person getting hurt – or of a piece of ordnance getting lost – meant inescapable career death (and possible prison time) for everyone even vaguely involved.
That’s why the head of security was smiling when he brought me an armory conversion project that included an “automatic” inventory scanner on the arms vault door. It was a darned neat idea: every time a guard walked in or out of the armory, a scanner would recognize the RFID chip attached to the firearm and would tell the inventory computer to mark the firearm as being checked in or out. This auto-inventory would, the Top Cop said, cut his team’s end-of-shift inventory times by nearly 80 per cent! The labor savings alone would pay for the entire system… eventually.
I read through the plan and noticed that several bits of kit on the parts list were off-limits to us. It also wasn’t clear how the entire mess was supposed to integrate with the rest of the company’s information systems. Everything about it made it a non-starter. So, I did what all of us mean old information systems curmudgeons do: I glared at the requester and asked. ‘Where did you get this?’
‘Er…’ the director said, squirming in his chair. ‘We heard about it at a conference… from another campus… where one of my guards used to work.’
‘That’s where you heard about the inventory tool,’ I growled. ‘Where did you get the proposal?’
‘We, um, contacted the value-added reseller that the other guys’ team used and asked them to quote us the same solution,’ the director said.
I tore into the man – probably too harshly, if I’m honest. I reminded him that our business was heavily regulated. We had inviolable government rules dictating what technologies we could and couldn’t use, and half of the components on the VAR’s parts list were expressly forbidden. We’d likely both lose our jobs if we installed this solution and an auditor discovered it.
‘But… but… the team at another site bought it and no one there got into trouble,’ the director stammered.
‘No,’ I said. ‘They haven’t gotten in trouble yet. That one extra word changes the entire equation.’
In the end, I agreed to call the other site and ask their IT department how they’d gotten around the procurement rules and security prohibitions. We discovered that their IT director was brand new – fresh out of university – and had no clue what he was doing. His facilities security staff had pressured him into approving the inventory system after they came across it at a trade show. The poor man had no idea that what he’d approved could get him fired. I tried to explain it, but it was like trying to explain physics to a cat.
I told my security guy that the proposal was absolutely off the table. We wouldn’t approve it until and unless it was cleared by the national CIO’s office. My security director begged us to contact the seller to see if maybe they had some paperwork that might make it okay. I sighed and agreed to call.
As expected, the actual creator of the solution was a small mom-and-pop business without any experience navigating the federal procurement world. I asked how they’d addressed the government purchasing regulations that forbade their key technologies. The sales rep condescendingly lectured me that their solution was built from off-the-shelf commercial components. I gritted my teeth and reminded him that the origin of his solution’s parts was irrelevant. They were circumscribed. I asked the buffoon how his five existing customers had gotten clearance to buy his solution, and the salesman haughtily told me that his customers were all completely satisfied with the end product and would give great testimonials. I hung up on the clown and tried to explain it to my upset customer.
The vendor didn’t have any special dispensation to ignore the infosec prohibitions affecting their gear, I said. They were preying on naïve and inexperienced clients, trumpeting their solution’s (true) benefits, while fast-talking their way past objections. They were using flash and misdirection – not facts – to convince customers to buy before wiser heads could prevail.
Further (I said) the vendor clearly didn’t give a hoot about us. Not for our campus or for our national organisation. The seller’s only interest was in our money. Once he sold us their gear, the salesman would get his commission cheque and that was the end of our relationship. He wouldn’t get in any trouble for selling us illegal parts; we would. His company wouldn’t be censured for creating a technical solution that we were forbidden to buy; the campuses daft enough to buy it would. The fact that the sales weasel couldn’t answer a single question about purchasing clearance made it clear that he wasn’t invested in a long-term relationship with his customers.
That’s the inherent and corrupting nature of sales, I said. The lure of the Big Commission Check can negatively influence everything that a salesperson does. It can inspire them to lie, to deflect, to insinuate, to dissemble… The lure of the big pay day makes it tempting to rationalize all sorts of unethical conduct. It’s a very rare salesperson that can resist the opportunity to sell a client something that they don’t need – or shouldn’t have.
The security director didn’t understand. He couldn’t accept that a cynical opportunist was manipulating him into doing something unsound. He just understood that the ‘mean old cyber guy’ was telling him ‘no’ and had hurt his feelings in the process. He assumed that my anger over the situation was directed at him rather than at the jerk sales guy that had gotten him all spun up.
The security director and I never managed to repair our professional relationship after that. He stayed angry over being denied his cool tech toy,  and I was irritated by the security director’s crappy attitude. It made it difficult to work together. That helped to cement my reputation in the organisation as a cranky old cynic (which wasn’t entirely wrong). As for the sales guy, he went on to bamboozle his next victim customer without a care in the world.
That, I think, is why sales weasels are so darned loathsome: they treat their sales efforts like a game, and they leave long-term destruction in their wake – regardless of whether they make a sale or not. Their lies and manipulative behaviour sours relationships, strains workplace harmony, and inspires counterproductive strife… all of which stick around for a long time, like radiation poisoning.
I suspect that many of these people don’t realize how they affect others. They treat each new sales opportunity the way a character in a musical comedy treats the introduction of a new scene: as a chance to perform. Why rely on straightforward exposition when they can put on a flash song-and-dance number? Why be rational when they can be fabulously dazzling? And who cares about hurt feelings and resentment? Pshaw! Some quick talking and jazz hands will make everything better!
Except that real life isn’t like the way life is portrayed in a musical. Take the classic  Western musical Calamity Jane, for example. There’s a scene where the titular character (played by Doris Day) sees her rival kissing the man that she’s infatuated with. Rather than respond like a normal human being, Jane draws a lethal weapon and shoots her rival’s punch cup out of her hand. That scene makes for great drama on the stage, but it would be utterly implausible in real life. Discharging a firearm in anger at another person would get the shooter either arrested or gunned down. It’s the sort of emotion-fueled mistake that ruins lives permanently. It’s immature. It’s insanely reckless. But, hey… it’s a musical, and in musicals there are no consequences, only more opportunities for song and dance.
That’s the most charitable explanation that I’ve been able to come up with for sleazy sales varmints and their toxic tactics. They’re so enamoured of their art and so hungry for their commission cheque that they ignore (or don’t comprehend) all of the damage that they inflict while they’re showing off. Couple that with the fact that they don’t have to life with the natural fall-out from their actions, and it emboldens bad actors to act outrageously.
No wonder, then, that us IT folks grow to despise them. The sales weasels may burn a dozen different line-of-business reps within out company once apiece, but they burn the IT department in turn every single time. That’s enough to make anyone grow bitter and cynical, don’t you think?
 There’s no denying that it was pretty darned cool.
 …and grating…
Title Allusion: James O’Hanlon, Calamity Jane (1953 Film)
Keil Hubert is a retired U.S. Air Force ‘Cyberspace Operations’ officer, with over ten years of military command experience. He currently consults on business, security and technology issues in Texas. He’s built dot-com start-ups for KPMG Consulting, created an in-house consulting practice for Yahoo!, and helped to launch four small businesses (including his own).
Keil’s experience creating and leading IT teams in the defense, healthcare, media, government and non-profit sectors has afforded him an eclectic perspective on the integration of business needs, technical services and creative employee development… This serves him well as Business Technology’s resident U.S. blogger.