First and foremost, let me say ‘Thank you’ for everyone that made it to BSidesChicago. While I am biased, I thought it was a great event and hope that everyone had a great time and takes time to complete the Feedback survey: http://www.surveymonkey.com/s/D2P3ZNY so that it can continue to improve . I’ll be doing a full post on the event later tonight or tomorrow.
Why I really wanted to write something really quickly was about the career panel I had the privilege of leading on Saturday. First I was excited that it was selected by the over 90 people that took the time to vote of all the BSidesChicago talks. Second, I was glad that I was able to have some great people that agreed to be on the panel (Thanks again Kizz, Elizabeth, Raf and Todd). Third it seems that the panel did get some attention at the event which out of all the great talks that there were I am happy about. There were some points about the panel that I think were misunderstood about that panel; I blame myself for not doing a better job of summarizing as a moderator.
- Certifications – I think everyone walked away that the panelist were pro certifications. And while I agree there were no hard and steady panelist that said ‘NO CERTIFICATIONS ARE DUMB’; I also didn’t hear them say go and get certifications. There were panelist there with certifications and those without but each had specific reasons for having them. Where I failed you as a moderator is to summarize what I did hear which was this (A) certifications are personal preference however they are required in some industries as a course of doing business (b) certifications should not be the sole criteria in determining some one’s knowledge in our industry but as having an understanding the domain/practice area in general.
- Career Alternatives – In all honesty, we didn’t explore this topic as much as I would have like to. The original point is that I didn’t want to CISO or C-level but we didn’t explore what alternatives there were. Audience participation increased and I didn’t want to lose that. However, based on what I head Raf and Todd say is that opportunities can be made. That there is reward in doing something that challenges you as opposed to being concerned with title or position and that you should not be doing something that doesn’t make you happy. This was cemented earlier on Friday when I was having a conversation with someone else (who I will refrain from naming) but was trying to work with their employer to take care of a family situation and when the employer wouldn’t budge they choose to leave the company. Is that a stretch…maybe…however I think it speaks to knowing yourself, knowing your priorities, and what makes you happy.
- Lastly, I think I saw some comments on twitter about people who are in Info Sec without having “done any hands on work”. I want to be clear that was not discussed on the panel but secondary conversation that occurred from the panel. Each of the panelist comment that passion and hands-on was essential in making it successful in what they were doing and how they progressed in their careers.
Well I think that was the big things….I know that Justin Elze wanted to discuss the panel so I am looking forward to speaking with him but I wanted to provide some feedback to the discussion that was going.
I may update this post as further discussions happen!
[edit for grammar]
In the last couple of weeks I am realizing that my two worlds are colliding more and more. I think since I joined twitter well over 18 months ago (?) I have tired to keep my work and on-line personality separate. That is not to say that if you had time and the inclination that it would be difficult to find me from originating on either side. I first realized this last year when I gained some followers from work which I am surprised. Actually, what surprises me is that I have any followers at all!
That being said I was in a different place when I first joined Twitter. I am currently working at a large $vendor which allows me opportunities that I didn’t always have before to speak in my professional persona. I try to find time to do other things that may (probably not) allow me to speak with my personal/on-line/twitter persona such as things I do on my own time or organizing BSIDESCHICAGO or help BURBSEC or whatever.
So where I am going with this? I wanted to make a few comments/rules/disclaimers:
- The opinions and information on this blog/twitter/Silent-Chaos/etc are from my own brain and belong to me. They are not the thoughts or opinions of my $employer. So how do you tell the difference? In my personal persona I will always introduce myself by my handle “securitymoey” or simply by my name as well as disavow $employer. If using my professional persona, I will alway introduce myself by my full name and identify the company that I work for.
- My tweets are most times all over the board from random thoughts about risk, RTs on cool stuff people are working on, conversations about random things, and things that probably no one else besides me care about (#vanitytweet). Not all or any of my tweets (or blog postings) are Info Sec tech gold nuggets nor do I care them to be…you get me and my random thoughts. This is a social media so engage!
- My negative tweets are usually about the politics of working for a large organization. If you have ever worked at one you know that you can identify with DILBERT, Office Space, etc. They are never about my clients. I actually like my clients that I work with on a regular basis; they are good people trying to do the right thing for their companies which I respect.
- I may offend you but if that is the case please don’t follow me.
I love the Info Sec community! Even with the drama and smack talking this is a fun place to because of the ideas that get exchanged and the unbiased encounters/conversations that you have with people it’s great. I hope never to lose that. To quote James Arlen, ” I have a job and I would like to keep it”; these opinions are my own!
It’s New Year’s Eve which means that I’m at home watching perhaps one of the greatest shows ever made “The Twilight Zone” marathon on Syfy. I think the pensive nature of the show that has me thinking about this past year. So I wanted to write a little about the things that affected me most this past year.
- The Info Sec community – This past year I have felt to be more party of this industry’s community than I have in previous years. It is an absolutely a great community with some of the smartest, helpful and fun people on the planet. I had a chance to meet and hang out with some of these people which was pretty freaking awesome! I was able to give back by volunteering and help organizing for events.
- The CONS – This year I went to the most number of info sec cons. You may have found me at THOTCON, BSIDESCHICAGO, INNOVATE, BSIDESLV, DEFCON and DERBYCON (I won’t go into each of these CONS as you can see my previous post). While the “hallway” track was awesome at each CON, I loved the opportunity to go to the talks. The opportunity to soak up knowledge on a variety of topics is absolutely fantastic. I hope to see you next year.
- Outside of the comfort zone – It was part of my goal this year try to stretch myself specifically I wanted to be less shy and learn to communicate better than I had previously. I took many steps professionally and personally to make this happen. Heck, I wouldn’t met and hang out with those awesome people if I hadn’t. While I’m still on this journey, I am pleased with the progress that I have made this year.
- Family – this has been a great year that helped build stronger relationships with my daughters and wife. Also, with my siblings, cousins, godson and extended family.
- Friends – There are too many people to name here but if you think you impacted me you probably did. I want to talk all of you who made such a positive impact in my life which includes my Canadians friends, BurbSec amigos, all the folks that I met at CONS and those I enjoy talking to on Twitterz
Hope your New Year’s celebrations are happy and safe! Let’s rock the hell out of 2012….