Instructions for living a life
Welcome to the 53 new techies who have joined us this week.
If you haven’t already, subscribe and join our community in receiving weekly tech insights, updates, and interviews with industry experts straight to your inbox.
Ideas to change your mind and reshape our world – with inspiration and insights from the global LEAP community.
This week we’re quoting…
Mary Oliver (Poet and Essayist)
What Oliver said:
“Instructions for living a life: Pay attention. Be astonished. Tell about it.”
She was right, wasn’t she?
We think those instructions are pretty much spot on. These words come from a poem Oliver wrote called Sometimes (it was published in her 2010 poetry collection, Swan, in case you want to read it).
It’s the simplicity that has stuck with us. Life gets so complicated, but it shouldn’t have to; and when it does, we can bring ourselves back to the very basics of what it means to live. Attention, astonishment, and sharing it all.
The reason we’re sending you these words this week is because we’ve been writing about curiosity (and cybersecurity) on the blog. And actually, these instructions for living describe curiosity perfectly – so we could also use them as instructions for working in tech.
If you’ve ever read Alice in Wonderland, you’ll know that when Alice falls down the rabbit hole, she mutters: “Curiouser and curiouser!”
That’s how we feel when we learn about emerging technologies and new cyber attack vectors too. It’s all getting curiouser and curiouser; and we’ve got to get curious with it. Because curiosity is a serious business, really. In cyber, it’s what drives defenders to probe their own systems, to find cracks before adversaries do. And it’s what makes hackers (both malicious and ethical ones) keep asking “what if?”
Astonishment is a good strategy
On the blog, we referenced the new FS-ISAC report on DDoS attacks in finance – and how that report highlights just how curious threat actors are. They map systems, adapt, and recalibrate in real time. It’s curiosity weaponised; and every time they stumble across an astonishing vulnerability, they consider how heavily they can exploit it.
But defenders have their own version of astonishment. The good kind. It’s the astonishment of discovering an unexpected pattern, a misdirected email that didn’t look quite right, a log entry that doesn’t fit. The difference between resilience and breach often lies in whether someone pays enough attention to be astonished…and then follows up on that feeling.
Telling about it is essential
Oliver told us to ‘tell about it.’ In security, that’s the cultural leap. If your people notice but don’t speak, nothing changes. If they see a threat but don’t feel safe to report it, it’s their silence that becomes the real vulnerability.
Which is where care and communication come in. Because when we think about cybersecurity, we often imagine it’s a technical arms race: patches versus exploits, AI versus AI. But we looked at Abnormal’s report on vendor email compromise too this week, and it showed something different: people engaged with nearly half of the malicious emails they received – and most of them never told anyone.
Not because they were careless, but because they were human.
We humans don’t like to admit when we’ve made a mistake. We want to appear competent and clever and reliable. So we reply, forward, resolve – and the attackers rely on that. The only way to change it is to build cultures where astonishment can be voiced without punishment. Where someone can say, “This looks odd – what do you think?” and not feel self-conscious about it.
Curiosity and care go together
Anthropologists often point out that curiosity was as much a survival trait for our ancestors as it was a risk. The forager who poked at unfamiliar berries might discover poison – but they might also discover food; and the wanderer who tracked an animal’s footprints into the forest risked danger, but they also learned something vital for their community’s future survival.
Curiosity can lead to reckless behaviour; but when you put it together with care and thoughtfulness, it becomes wisdom.
It’s the same today. In tech, we need curious defenders, but we also need cultures that turn their discoveries into shared knowledge. That’s how ‘tell about it’ becomes institutional memory – the story of a near-miss becoming the story that prevents tomorrow’s breach.
Curiouser and curiouser
At LEAP, we see how curiosity drives the boldest breakthroughs. It’s the trait that has allowed humans to develop AI that learns; robots that adapt; space tech that takes us further and further into the unknown. And over at Black Hat MEA, our colleagues see how curiosity pulls systems apart; exposes weaknesses; and reveals the dangers we’d rather not see.
Both are necessary. And both depend on culture – on whether astonishment is stifled, or allowed to speak.
So we’re leaning into curiosity this week. The human kind and the hacker kind (and the poetic kind). Pay attention. Be astonished. Tell about it. Because only then does curiosity become a collective discipline — and not just a way to fall down a rabbit hole.
Have an idea for a topic you'd like us to cover? We're eager to hear it. Drop us a message and share your thoughts.
Catch you next week,
The LEAP Team
