keeping up with infosec

How does one keep up with the Infosec world? It’s easy to get comfortable and keep doing what you’re doing as change swirls around outside the window. Technology and security have common themes over the decades, but many of the knobs, dials, and talking points change and we need to keep up with all the new ideas and products coming along every few years. It’s a simple fact that security experts are often used as sounding boards for new technologies and projects, which means keeping up and learning are key habits.

As a corollary to this topic, answering this question also means asking how you want to present yourself to the greater community of infosec online and in person. Do we stick to fully anonymous screennames, switch completely over to real names, or some sort of hybrid in between? This is a personal decision for everyone, but something to keep in mind when putting yourself out there virtually or really. This can be screennames, usernames, email addresses, domain names, and profile details and pictures and avatars. It may even steer you towards or away from certain forums and medium. It may also be dictated by your role, for instance malware researchers may stick a bit more towards the anonymous realms.

So, how do we keep up?

Old School collab: IRC, web forums, mailing lists, blog comments, ‘zines, and even books. These are still used, but they’re a little less prevalent these days. Mailing lists are nice to lurk on when they aren’t broken by spam filters. Mailing lists feel like they’re on the dying end of the spectrum, but does still remain as one of the better “push” methods.

New school social media: Slack, Reddit, Discord, LinkedIn, StackExchanges etc. These are still growing and are often only as useful as what you put into it. Reddit and LinkedIn are a bit more lurker friendly, but LinkedIn’s activity feeds are very noisy with only a few ways to manage it. I actually prefer Twitter as a news feed over LinkedIn, but mileage will vary.

Twitter deserves it’s own mention, as it really has become important for briefly meeting new people, feeding links to other information elsewhere (sort of filling the void from Google Reader), and getting quick notification of important events. If it feels like something major is happening like DNS is down or a major provider out, I often turn to Twitter to get a confirmation. Twitter becomes invaluable when at a con.

Infosec news feeds. It’s important to make some effort to keep up with incoming news and learning opportunities from blogs, infosec news sites, dashboards, exploit/vuln trackers and more. A huge bulk of this is still personal blogs to read, and I suggest Feedly to take care of a huge chunk of this segment.

Traditional news sources. It’s still important to keep up with some of the major events in the country and world, not just for impact on business and infosec, but to keep up with social talking points. It’s also important to know when something in infosec hits the mainstream news waves to prepare for incoming questions.

Podcasts and video. Both of these mediums kinda straddle the new and old school social media, but are more about delivering content to your eye and ear holes rather than more interactive formats. Audio definitely allows for a wide range of opportunities to consume (feet- and hands- and eyes-free). Video is still great for conveying highly technical topics.

In-person networking, cons, meet-ups both formal and more informal, local or more remote. These are great opportunities to learn from others and grow one’s own analog network.

Vendor demos, webinars, and events are great places to meet others, meet vendors, and see new products and features which are likely responses to direction in the overall industry.

Self-study, learning, and playing for fun. In order to continue to learn and grow, you need to enjoy the industry and process and work. And this means being a geek during down times and learning some new things, often on your own with self-paced study and tinkering with new things. These new things are often found as follow-up tasks to many of the above learning and exposure opportunities.

More formally, training and courses are available to do more structured and tracked learning of new things.

Lastly, getting back to how one presents oneself to the great digital and analog worlds is the tenet of giving back to the great community. This could be just participating with the mediums up above, but also by keeping one’s own blog, github, wiki, checklists, tools, scripts, how-to’s, or other content. It’s about giving back and being visible.

PS: Be cognizant of two more thoughts. First, think hard about mixing your infosec activities with your personal ones, and that includes the way you present yourself online. Again, this is highly personal and there’s no right answer, but sometimes you want to make sure your personal hobbies and activities are separated from your infosec world. This is probably most applicable to a Twitter presence. Second,  and conversely, don’t be afraid to plug some hobbies into these activities. A great example would be browsing Reddit or populating Feedly with blogs and news feeds for something you’re interested in or have a hobby around. Including sections and opportunity for these will make it more likely that you’ll check back in and consume these activities, and allow a little diversion from the same old intense firehose of security information.

Leave a Reply

Your email address will not be published.