Security Geeks: From Isolation to Rock Stars
IT security pros used to be seen as propeller-hat wearing introverts who hid in dark basements. But the blogosphere, podcasting and social networking has changed things dramatically. Here's how
By Bill Brenner , Senior Editor
February 07, 2009 — CSO —
WASHINGTON D.C. -- Security practitioners used to be seen as propeller-hat wearing introverts hunched over computers in dark, cold basements for weeks on end, shunning daylight and anyone who tried to start a conversation with them. But times have changed.
Thanks to the blogosphere, social networking sites and podcasting made easy, many security pros are taking on a much more public persona, becoming near-rock stars. Evidence of this can be seen in abundance at the ShmooCon 2009 security gathering in the nation's capital this weekend.
One example was a Friday lunch gathering of the Security Twits -- a growing group of security pros who communicate with each other and the rest of the world via the Twitter micro blogging site. Another example was an evening meet-up of security podcasters.
True, many security pros still prefer the quiet, isolated life. It's also true that the introvert tag was never a fair fit for many people. But several conference attendees acknowledged theirs has become a much more public profession. It's a necessity, they say. To truly improve security, people need to be out there communicating the threats computer users face and how to take the proper defenses.
"We've morphed from living in the basement to being a far more interactive group and sharing information," said Toronto-based IT security pro Dave Lewis, keeper of the Liquidmatrix blog and known on Twitter as "Gattaca." This, he said, is for the betterment of the industry because such information sharing and online bonding helps everyone do their jobs more effectively.
"My site was borne out of necessity," he said. "I had a hard time finding articles on security when I started 10-11 years ago. I realized a lot of other people had the same problem, so I started posting stories and it eventually morphed into a blog. This has been a necessary evolution, the move from the parents' basement to the new-media-empire-types many have become through the likes of Twitter, Facebook, LinkedIn and blogging."
Robert Fuller, a security architect based in the D.C. area known on Twitter as "mubix," organized Friday night's meet-up of security bloggers and marveled at how people of all security industry stripes have successfully taken up podcasting, a trend helped along by the availability of easy-to-use recording software like Audacity and Apple's GarageBand program. Fuller notes that everyone from IT security administrators to code writers and academics are doing it and drawing ever-growing audiences.
Asked if the number of security podcasters showing up to the meet-ups is growing with each event, Fuller said, "Oh, yeah, definitely. And that's a good thing because those who are really dedicated to it always have good stuff. It's great for anybody to start a podcast because they have something they're passionate about. Podcasting is so easy, all you need is a mic or headset and a recording device and it's easy to get the word out. That's what Web 2.0 is all about."