Giving back: The Catalyst Career Compass Program
Giving back: The Catalyst Career Compass Program
What started as a way to help friends improve their careers has started to turn into a full-fledged program called the Catalyst Career Compass™.
Over the last few years, I’ve slowly worked through the elements to help friends – and each time I promise to make the approach public. Last weekend, I was called on my promise (thankfully) and decided to open it up.
More, with the help of Andy Willingham, Kevin Riggins and others, we are preparing to relaunch and improve the Security Catalyst Community. When we relauch (hoping for Q2 but the timeline is not defined), new opportunities for members include the career compass program that leads to a mentoring program.
We’re all excited about the program and the possibilities.
In the meantime, we have colleagues who need a boost – they need to build, calibrate and follow their career compasses.
This is a new program – so I am open to a small group of people running through the elements for their own benefits, and to help shape the elements that will be incorporated into the community. In fact, I’d like to figure out how to train others on the approach and work as a community to help each other out.
So it starts now.
And we’ll start small.
For now, no charge (money) to partcipate — but there is a cost. If you are interested, send me an email (securitycatalyst/gmail) or engage me on twitter (http://twitter.com/catalyst) and let’s discuss. We have to keep the initial run small, and we need people who are willing to participate fully and work through the entire system.
More details below:
Career Compass Overview
Whether you are currently a Security Professional or want to become one, this highly flexible program will help you set and meet your professional ambitions while serving lifestyle goals.
Set your Career Compass:
- To prepare for a raise
- To receive a promotion
- For career development
- If you are ready to move into the security field
- To find a new position (within your current company or outside it)
Determine your path and venture forth.
Setting Your Career Compass is a multi-faceted program to help you refine your career objectives and realize them.
It is a three-step process.
1. You will first think about and answer a series of questions about yourself, your ideal working environments and your future. We help you align your answers – the ‘who you are’ – with what you have done and where you would like to go.
2. Then we prepare you to effectively communicate your value to the right audience. With guidance you will build a personal brand in the form of a resume, bio, cover letter and whatever else is needed for you to reach your goals.
3. With all the background work complete, we will help you follow the compass you built.
We do not judge.
Everyone thrives in different situations and has different desires in life. Our passion is to help you find the unique value you bring to an organization and position yourself for success.
Why the Compass approach works.
We guide you through a process that helps you explore your strengths, values and goals. As a result, you will understand yourself better than simply listening to someone tell you what they think, based on a questionnaire.
You will be self-aware.
You will have the clarity required to communicate your value effectively. After guiding you through this exploratory process, your Career Compass helps you position and differentiate yourself from others in a strong finished package – written and oral.
The program will help you craft a resume that is simple, powerful and designed to attract the attention of the “right” people. It will help you market yourself better and guide you to greater success.
How much time does this take?
Like most things in life, the more you invest into this program, the more you will get out of it. It is recommended that you budget 3-5 hours to complete step one, 3-5 hours for step two and 3-5 hours to begin step three.
Step three is ongoing but 3-5 hours gets people where they need to be. Some will breeze through the process. Others will need more time. There is no right answer, but the time you invest in yourself will pay off down the road.
The Leadership Challenge in Today’s Security Environment
Management is doing things right; leadership is doing the right things. ~Peter Drucker
Leadership. It’s talked about a lot in today’s information security conferences and books – but how much of it is really happening?
Do we, as professionals, really embrace leadership and its inherent risks, rewards, and challenges? Or, on the other hand, do we really embrace the status quo with its inherent frustration, ennui, and demotivating drag?
Don’t get me wrong – leadership in any field is hard. I’ve led teams that have done such diverse missions as application development to firefighting to deploying the varied weapon systems in platoon of main battle tanks…and I have come the believe that effectively leading teams in today’s information security environment is one of the most difficult tasks I’ve ever taken on. As I look back, around, and forward I’ve made a few conclusions.
Too much focus on the status quo
I wish I had a nickel for every time I heard a “leader” describe a “good day” as one where nothing went wrong, nothing broke, and (truth be told) nobody even noticed she or her team were there.
Why?
I think because for so long the business has seen information security as the “Department of ‘No!’” that any time we fly above the radar we get smacked – or at least that’s the fear. If the systems run today just like they ran yesterday we call that a win and hope that they’ll work tomorrow just the same way.
This primal desire for the status quo is one of the most significant issues that chains down information security leaders today and it’s a topic I’ll address in more detail later – but suffice is to say that the status quo is rarely, if ever, the ally of a successful leader.
Insane focus on a small group of miracle workers
We have developed an almost unnatural dependence in information security on the work and thinking of small groups over very smart people. We rely on that small cadre of “go-to” guys to design and build our systems, respond to incidents, and help develop policies and procedures – but we rarely leverage that small group of folks to develop larger and larger teams of security oriented co-workers.
Whether we realize it or not we begin to live in a cultural echo chamber where everyone listens to the same presentations at the same conferences, reads the same blog post, and anyone who dares speak out against the conventional wisdom for any reason is suspect…
The Status Quo of the Mojo
The last major impediment I’ve seen is a synthesis of the first two. When you combine an overvaluing of the status quo with an over-dependence on small groups the almost inevitable outcome of a culture of “Please $DIETY, don’t let me screw this up!”
Leaders and their teams become so averse to anything negative (especially if it’s outside the accepted norms of the team) that the goal of the team slowly and immutably transforms from providing the best security for the organization to a goal of not wanting to be caught screwing anything up. This fear (and that’s what it is) leads teams to fall into the trap of wanting to build systems that are “perfect” and “unhackable” and resisting efforts to design or implement systems that don’t meet these standards.
The natural progression of this fear eventually leads to leaders and teams developing and attitude that is occasionally indistinguishable from despair. You’ll hear or read comments like “Why should I deploy $SecurityTechnology? HD Moore could hack it in 5 minutes. Rsnake could get root and own me 25 ways from Sunday.”
Rarely will the speaker or writer of such comments even seem to evaluate whether or not $SecurityTechnology will actually help the organization as part of a complete security plan. Defeat, as the philosopher said, is complete even before a shot is fired.
What can we do about it?
For the next dozen or so posts I’m going to address these issues head on and provide you with a (potentially) counter-cultural view of your role as a leader and hopefully challenge you to rise the amazing challenges we face today in information security.
The light you see coming at you – it’s not a train. Trust me.
What are your leadership goals for 2010? Share you challenges and successes in the comments…
Security Catalyst Community Update
In two weeks, I will be sharing some ideas and insights at the CSO Perspectives Conference, in Clearwater, Florida. I’m honored to provide both a seminar and the opening keynote (followed by a book autograph session).
The seminar is a hands-on program called “Communicating the Value of Security.” After debut, I will be sharing this program with organizations and associations around the country (or world, if invited). This program is essential for those who need to explain the value of their actions to get necessary budget, resources and influence change.
During the keynote, we are going to explore how to reduce the reaction (and over-reaction) to focus on reducing insider threat by turning insiders into allies, reducing costs without increasing risk and doing more with less by improving use of what we already have. I’m working on the specifics now – but am truly energized and excited.
We are at a time when our ability to focus on people is essential; the rewards are great. I hope you are able to join me for this exciting series.
Discussion Forum Activity
The conversations continue. Need help? Have a solution? Join the conversation. Take responsibility. Make a difference!
I have noticed an exciting trend in the community – more and more people are coming together to “create.” The more you share, the greater the benefit. Here are some recent discussions ripe for contribution or learning:
- Getting hold of vendors for IPS
- Pre-Sales SE training
- Lessons Learned
- You are granted a half an hour meeting with CEO…
- Process Credit Cards on the iPhone With ProcessAway
List of community blogger and podcasters
What Security Blogs and Podcasts are represented in this community?
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
1. Provide a community where it is acceptable to be vulnerable and ask for help when you need it
2. Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
3. Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). Please note: accounts dormant for 180 days are automatically removed.
Registration Overview (NOTE THE NAMING CONVENTION)
1. Go here: http://www.securitycatalyst.org/forums/
2. Select the register link
3. Follow the naming standard: firstname.lastname (include the period between first and last names)
4. Your account will be reviewed and approved
5. Jump in and share your thoughts!
Security Catalyst Update for Sunday, February 1, 2009
The conversations continue. Looking for results in your career? Join the conversation. Take responsibility. Make a difference!
Discussion Forum Activity
I have noticed an exciting trend in the community – more and more people are coming together to “create.” The community is reaching another level (and I will be forming a team of volunteers to help improve the available tools) – and it is exciting to realize that by working together, we really can make a difference. Here are some recent discussions ripe for contribution or learning:
- What Are You Reading?
- Pre-Sales SE training
- SanDisk’s secure USB Flash Drive solution – competition for IronKey
- Guide to Protecting the Confidentiality of Personally Identifiable Information
- Network or security changes on inauguration day (1/20)?
- Process Credit Cards on the iPhone With ProcessAway
- New York drafts language demanding secure code
List of community blogger and podcasters
What Security Blogs and Podcasts are represented in this community?
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
- Provide a community where it is acceptable to be vulnerable and ask for help when you need it
- Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
- Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). Please note: accounts dormant for 180 days are automatically removed.
Registration Overview (NOTE THE NAMING CONVENTION)
- Go here: http://www.securitycatalyst.org/forums/
- Select the register link
- Follow the naming standard: firstname.lastname (include the period between first and last names)
- Your account will be reviewed and approved
- Jump in and share your thoughts!
Join The Security Catalyst LinkedIn Group
If you are a current and active member of the Security Catalyst Community (which means you have either posted or otherwise contributed), join us: http://www.linkedin.com/groups?gid=27010
Security Catalyst Community Update – January 20, 2009
Greetings from snowy and cold Upstate NY. The last few weeks have been an excellent series of focus and refinement – for me personally, on a business level and for the Security Catalyst Community. In a few weeks, I head to Spain to learn more about Panda Security. Once I’m back, we fire up the RV and head back out on the road. Look for some announcements about keynotes & seminars at conferences.
The last few weeks have seen some tremendous growth and activity in The Security Catalyst Community. If you have not participated in a while, this is a great time come back and grow. Remember: accounts inactive for 180 days are automatically removed; if you find yourself in this situation, please re-apply and join us.
Join the conversation. Take responsibility. Make a difference!
Discussion Forum Activity
I have noticed an exciting trend in the community – more and more people are coming together to “create.” The community is reaching another level (and I will be forming a team of volunteers to help improve the available tools) – and it is exciting to realize that by working together, we really can make a difference. Here are some recent discussions ripe for contribution or learning:
- New York drafts language demanding secure code
- Enhancing Child Safety and Online Technologies
- Network or security changes on inauguration day (1/20)?
- “The Convergence of Information Security, Privacy and Compliance”
- Starting an Incident Handling/Response Program
- If you use twitter – use the #SCC Hash Tag
- Does Downadup have you on the ropes?
- Getting the most out of chapter meetings (really insightful stuff here)
- Help with Web Server and/or Desktop Applications data capture
List of community blogger and podcasters
(I am working to ensure the list is accurate and separate out the blogs from the podcasts – let me know if you need to be updated/included)
What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it
(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).
Registration Overview (NOTE THE NAMING CONVENTION)
Go here: http://www.securitycatalyst.org/forums/
Select the register link
Follow the naming standard: firstname.lastname (include the period between first and last names)
Your account will be reviewed and approved
Jump in and share your thoughts!
Security Catalyst Community Update: December 9, 2008
“Progress is impossible without change, and those who cannot change their minds cannot change anything.” – George Bernard Shaw
Greetings from the beltway – situated right between Baltimore and Washington, DC. As part of an action packed week, I have been invited to the DHS Blogger Roundtable (thanks to Martin McKeay for the invite/endorsement), plan to attend the DC OWASP on Wednesday and am briefing a private group of CSOs on how to be successful in 2009 (my take on ‘predictions’). It’s an exciting week!
The Security Catalyst Community is also progressing:
1. Tim Krabec has launched a community-based initative to prepare for the CISSP
Learn more: CISSP Study Group
2. Presentation Polish
Rob Fuller/Mubix suggested an area where we can come together to discuss the art of presentation/communication. Many great ideas in store under Rob’s vision (and with his awesome energy):
Presentation Polish forum: Presentation Polish
Overview Post: Speaking Evolved
3. General Improvements
People learn in different ways; turns out we interact in different ways, too. As such, we are exploring the steps to implement a mailing list (in addition to the already existing RSS feeds) and a wiki (useful for more persistent topics like presentations and CISSP review). The timeline for these is based on feedback, volunteers and my schedule – so they will be rolled out in the coming weeks.
Opinions? Jump in: SCC Mailing List(s) – Any Interest?
Join the conversation. Take responsibility. Make a difference!
Discussion Forum Activity
I have noticed an exciting trend in the community – more and more people are coming together to “create.” The community is reaching another level (and I will be forming a team of volunteers to help improve the available tools) – and it is exciting to realize that by working together, we really can make a difference. Here are some recent discussions ripe for contribution or learning:
- Starting an Incident Handling/Response Program
- Are These Really The Riskiest Internet Applications?
- The legal impact and dangers of reputation risk and blogging
- Red Flags
- Terminated employee laptop
List of community blogger and podcasters
What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)
Here are some recent blog posts from Community Members that you may have missed:
- A Friday Afternoon Conversation About PCI DSS
- 10 things your tech guy wants you to know
- How do you define FUD?
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it
(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).
Registration Overview (NOTE THE NAMING CONVENTION)
Go here: http://www.securitycatalyst.org/forums/
Select the register link
Follow the naming standard: firstname.lastname (include the period between first and last names)
Your account will be reviewed and approved
Jump in and share your thoughts!
Where is Michael – onTour Schedule & Updates
As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.
I am also spending more time on twitter these days – and would love to engage in the conversation with you. You can learn more about twitter here: http://twitter.com/ and “follow” and chat with me here: https://twitter.com/catalyst
Coming Up:
- Week of December 8: Baltimore/Metro DC
- Finishing up the year in/around Albany, NY
- Starting the year in/around Key West, Florida
- January – Ottawa, CA
Join The Security Catalyst LinkedIn Group
For active members of the Security Catalyst Community
http://www.linkedin.com/groups?gid=27010
(SCC) Catalyst Community Update for November 12, 2008
It has been an interesting two weeks – thanks to a catastrophic failure on the bulk of my web servers – thanks to an unannounced dreamhost switch/migration that results in their setting all permissions incorrectly. It’s a long and boring story – loaded with insights for anyone involved in technology and customer service. But we’re fixed – and I’m back.
The last few weeks have been pretty amazing; we have traveled the country from Upstate, NY to Kansas City…. Seattle…. And then back “East” to Detroit. We leave here on Thursday and head to Ohio for two days before heading on to the DC Metro area. CompTIA is sponsoring a book signing and give-away at the CSI show – so look for more details.
Last week – before the blizzards closed down sections of I-90 — we stopped on Monday at Mount Rushmore – and the entire family was taken with the effort on multiple levels. I was drawn to the history of the presidents – and will be spending more time learning about the character of these men, and the way they served themselves and their country. All very inspiring!!
Join the conversation. Take responsibility. Make a difference!
Discussion Forum Activity
I have noticed an exciting trend in the community – more and more people are coming together to “create.” The community is reaching another level (and I will be forming a team of volunteers to help improve the available tools) – and it is exciting to realize that by working together, we really can make a difference. Here are some recent discussions ripe for contribution or learning:
Here are three community-based efforts that you can contribute to, or learn from:
- I’m starting an online CISSP study group (member driven)
- Explaining the WPA-TKIP issue to end users (TALK ABOUT TIMELY!!)
- Red Flags (ID Theft)
- Starting an Incident Handling/Response Program (MUST READ!!)
- Security (or other) White Papers that stand out? (or that don’t suck)
Upcoming Opportunities to Work Together or Meet in Person:
- New group added to LinkedIn: Log Analysis Professionals
- CSI Annual 2008 — Lunch Meetup for SCC Members
- Meetup at the 25th Chaos Computer Congress (Berlin)
- Shmoocon 2009
List of community blogger and podcasters
(I am working to ensure the list is accurate and separate out the blogs from the podcasts — let me know if you need to be updated/included)
What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)
Here are some recent blog posts from Community Members that you may have missed:
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it
(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).
Registration Overview (NOTE THE NAMING CONVENTION)
Go here: http://www.securitycatalyst.org/forums/
Select the register link
Follow the naming standard: firstname.lastname (include the period between first and last names)
Your account will be reviewed and approved
Jump in and share your thoughts!
Where is Michael – onTour Schedule & Updates
As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.
I am also spending more time on twitter these days – and would love to engage in the conversation with you. You can learn more about twitter here: http://twitter.com/ and “follow” and chat with me here: https://twitter.com/catalyst
Coming Up:
Once the RV is repaired (working on it now) and our laptops restored (also in progress), we head right back out – and amazingly, don’t really miss a beat!
- Week of November 10: Southern Michigan (DC Metro) and Ohio
- Week of November 17: DC Metro – CSI Conference (look for more details) and Philadelphia, PA for a private briefing for the CSO Breakfast Club
- Week of November 24: Albany, NY – then Hershey, PA
- Week of December 1: Trenton, NJ
- Week of December 8: Baltimore/Metro DC
Join The Security Catalyst LinkedIn Group
For active members of the Security Catalyst Communityhttp://www.linkedin.com/groups?gid=27010
Security Roundtable for October 11, 2008 – Social Media Ethics
The world of blogging, podcasting and social media is a dynamic –and dominant – force in the way individuals share and consume information. In this fast-paced approach to sharing, we stop to consider the ethics involved.
With the help of Jennifer Leggio - social media expert, former journalist and friend of the Security Roundtable – we tackle the issue of ethics. During this highly informative roundtable discussion, we tackle the responsibility (and credibility) of bloggers, podcasters and especially the individual responsibility of those consuming the information.
This episode is packed with ideas and comments that will get the juices flowing. If you want to continue to conversation with us – join us in the Security Catalyst Community (just pay attention to the naming standard – you must use your real name).
Learn more about the participants:
Jennifer Leggio
http://mediaphyter.wordpress.com/
http://twitter.com/mediaphyter
Martin McKeay
Michael Santarcangelo
http://www.securitycatalyst.com/
http://www.intothebreach.com/ (books now available – eBook or hardcover)
Podcast: Play in new window | Download (37.1MB)
Catalyst Community Update for October 14, 2008
It is with excitement that I board an airplane this morning bound for Redmond, Washington. I am participating in the Microsoft Small Business Summit – speaking on not only the protection of information, but also how the return to fundamentals outlined in Into the Breach allows companies to improve profits and reduce spending. We all know making or saving money while improving how information is protected is essential these days – and I am excited and honored to share my research and insights with those who tune in.
Please make some time tomorrow (Wednesday) to join me live!
http://www.microsoft.com/smallbusiness/summit/
When I get back on Thursday, we load up the RV and head back out onTour – next stop, Kansas City. Let’s make some time to meet up while I am there. Plans are in the works, with more details to follow soon.
Discussion Forum Activity
Here are some recent discussions ripe for contribution or learning:
- OPSEC for Out of Office Replies…
- Looking for an Online Writing Course
- Google Localisation Settings Break Link to Reader from GMail
- How to proof a 40-bit SSL certificate is not strong enough
- Getting SAM Database
Upcoming Places to Meet (and interesting Off-topic conversations)
- Midwest Consolidated Security Forum
- RSA Europe
- Information Security Decisions 08 Nov 4 – 6, 2008
- Favorite Podcasts OUTSIDE of Security and Technology
List of community blogger and podcasters
(I am working to ensure the list is accurate and separate out the blogs from the podcasts — let me know if you need to be updated/included)
What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)
Here are some recent blog posts from Community Members that you may have missed:
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it
(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).
Registration Overview (NOTE THE NAMING CONVENTION)
Go here: http://www.securitycatalyst.org/forums/
Select the register link
Follow the naming standard: firstname.lastname (include the period between first and last names)
Your account will be reviewed and approved
Jump in and share your thoughts!
Where is Michael – onTour Schedule & Updates
As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.
I am also spending more time on twitter these days – and would love to engage in the conversation with you. You can learn more about twitter here: http://twitter.com/ and “follow” and chat with me here: https://twitter.com/catalyst
Coming Up:
Once the RV is repaired (working on it now) and our laptops restored (also in progress), we head right back out – and amazingly, don’t really miss a beat!
- Week of October 13: Seattle for the MSFT Small Business Summit http://www.microsoft.com/smallbusiness/summit/
- Week of October 20: Kansas City for the MCSF Keynote http://www.mcsfonline.org/
- Week of October 27: Seattle – Secure World Seattle (look for more details coming soon)
- Week of November 3: Portland, Oregon, Keynote for: http://www.nwsecurityconference.com
- Week of November 10: (transit back to East Coast, perhaps via Dallas)
- Week of November 17: DC Metro – CSI Conference (look for more details) and Philadelphia, PA for a private briefing for the CSO Breakfast Club
Join The Security Catalyst LinkedIn Group
For active members of the Security Catalyst Community
http://www.linkedin.com/groups?gid=27010
Security Catalyst Community (SCC) Update for October 7 2008
With all the activity the fall brings, take a few moments to learn from your fellow catalysts – and the time to share your experiences. This is what unites us as professionals. Even when we feel we lack the time, making the time to engage brings benefit to every person involved.
I am also spending more time on twitter these days – and would love to engage in the conversation with you. You can learn more about twitter here: http://twitter.com/ and “follow” and chat with me here: https://twitter.com/catalyst
Discussion Forum Activity
Here are some recent discussions ripe for contribution or learning:
- Standards Document Supporting an Encryption Policy
- ISO 17799/27001/27002
- Researching malicious file types
- Need a Multi-function Inkjet (INTERESTING CAVEATS TO CONSIDER)
- Nevada & E-mail Encryption Requirement
List of community blogger and podcasters
(I am working to ensure the list is accurate and separate out the blogs from the podcasts – let me know if you need to be updated/included)
What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)
Join our LinkedIn Group
For active members of the Security Catalyst Community; once I get the new laptop and have had a chance to catch my breath from the recent breakin, I’ll focus on cleaning up the linkedin list – and ensuring we take strides to meet and work together.
http://www.linkedin.com/groups?gid=27010
Here are some recent blog posts from Community Members that you may have missed:
- Scareware Ad From Skype?
- Change your passwords with your smoke detector batteries
- Forensic Time Dilatation
- New TCP vulnerability about trust, not technology
- The best anti-malware software out there…
About the Security Catalyst Community
We are a positively focused and supportive community that unites passionate professionals to achieve three goals:
(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it
(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome – share what you have learned without fear.
(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.
Signing Up for the Security Catalyst Community
Your participation is your currency (means no charge to join) – the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).
Registration Overview (NOTE THE NAMING CONVENTION)
Go here: http://www.securitycatalyst.org/forums/
Select the register link
Follow the naming standard: firstname.lastname (include the period between first and last names)
Your account will be reviewed and approved
Jump in and share your thoughts!
Where is Michael – onTour Schedule & Updates
As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.
Coming Up:
Once the RV is repaired (working on it now) and our laptops restored (also in progress), we head right back out – and amazingly, don’t really miss a beat!
- Week of October 6: Albany, NY (pending RV repairs and insurance hand-to-hand combat)
- Week of October 13: Seattle for the MSFT Small Business Summit http://www.microsoft.com/smallbusiness/summit/
- Week of October 20: Kansas City for the MCSF Keynote http://www.mcsfonline.org/
- Week of October 27: Seattle (still confirming details)
- Week of November 3: Portland, Oregon, Keynote for: http://www.nwsecurityconference.com
- Week of November 10: (transit back to East Coast, perhaps via Dallas)
- Week of November 17: DC Metro (still confirming details) and Philadelphia, PA for a private briefing for the CSO Breakfast Club
Engage with Michael
-
Journey Into the Breach
