
Over the weekend, I volunteered at a 20K race and noticed something powerful—pacers. If you’ve ever been to a race, you’ve seen them: runners holding signs with expected finish times like "2h00" or "2h20."
But their real value isn’t just about the finish line.
It’s about offering continuous checkpoints. Pacers help others gauge how they’re doing throughout the race. You always know if you’re ahead, behind, or right where you need to be.
What Pacers Teach Us About Progress
That got me thinking: what if we had pacers in cybersecurity?
In our field, we’re often really good at defining the destination—implementing CIS Controls, adopting Zero Trust, aligning with NIST.
But how often do we stop to define what steady, realistic progress looks like for our teams, based on our actual capacity and resources?
Too often, we only measure success at the finish line—when an audit is due or when a project is finally completed.
But without regular checkpoints, how do we know if we’re still on track? How do we avoid burning out the team or drifting off course without even noticing?
Why Cybersecurity Needs Checkpoints, Not Just Goals
What if we had pacers in cyber? Someone—or something—to help us ask:
• Are we still on track to complete our CIS Controls in six months?
• Are we making meaningful progress each month, instead of just reacting to audits?
• Are we pacing ourselves based on real-world resources, not just aspirational roadmaps?
Progress isn’t always linear. There are starts, stops, and sometimes complete detours. But knowing where you stand helps you adjust with purpose. It gives you the clarity and confidence to keep moving forward—even if the pace changes along the way.
Helping Teams Find the Right Pace
This is one of the reasons I joined Discern Security: to help cybersecurity teams focus on the right priorities, make sense of the noise, and move forward with confidence.
It’s not about comparison. It’s about clarity. It’s about setting—and sustaining—the right pace for your organization.
Do We Need More Pacers in Cybersecurity?
Food for thought: do we need more pacers in cybersecurity? Not just frameworks, but realistic timelines and real-world examples to help us set—and reach—the right pace.
Because cybersecurity progress isn’t just about finishing. It’s about knowing you’re on track, and moving with purpose.
Comments ( 0 )