Skip to main content


Showing posts from May, 2024

Thoughts for a New Leader

What follows is a list of thoughts crafted in an airport terminal in San Jose, California hours after completing my first attendance at the RSA Conference. This also happens to be the anniversary of my first year as a people leader in the security engineering space. (I had previously mentored and led soldiers in the US Army and in various other civilian industries including Optical Lens Manufacturing and Operational Incident Response.)    Know your role  Moving from an engineering role to a people managing role brings a whole number of new challenges. If you're company is like any of the previous ones I've worked at, the "New Manager" pipeline may be...less than stellar. Reach out to your HR teams and your boss/mentors for a list of things that you're going to need to do. Have you ever reviewed and approved PTO? Make sure you don't have your whole team off at once. Did they get their benefits selected during the enrollment period? What are th

RSA Day 3

(Posting this a day late as I was crazy exhausted yesterday after walking nearly ten miles! I literally laid down in the room at 22:30 and woke up at 04:30 still in my clothes, lights on, etc.... I think I was effectively conferenced out, and that was only Day 3!)    Great tracks today and some exciting notes. Plus I got to hit the Expo floor. Here's the talks I made it to:   Teaching Software Engineers to Threat Model: We Did It, and So Can You - Jamie Dicken, New Relic  Another Digital ID: Privacy-preserving Humanitarian Aid Distribution - Woulter Lueks, Faculty, CISPA Helmholtz, Center for Information Security Web Application Hacking 101 - Look Mom No Tools - Joseph M. (I'm not going to name him as I have poor thoughts to share below.) Lets break down the classes. Thought there was some great info today Teaching Software Engineers to Threat Model: We Did It, and So Can You Jamie did a great job of showing how a team of thoughtful and intentional engineers who are willing to

RSA Day 2

 Today was a great opportunity to see what RSA was all about. We walked over early to get badges and get checked in. The conference provided us with a decent swag pack, an RSA branded bag, water bottle (something I hadn't been able to find at any of the airports along the way), a notebook, a pen, a shirt, and for newbies, a "First Timer" pin.  We stepped to grab breakfast and then hit up the talk track, I had stupidly "favorited" all my talks instead of "reserving" them so I had some quick choices to make.  My line-up for the day ended up being:  - Crypto to Kim Jong Un: Laundering Loot from the World's Fastest Heist - Geoff White, Penguin Random House - Join the Mission to Strengthen the Industrial Ecosystem - Dawn Capelli, Dragos - Agents of Chaos: Hactivism Spreads Fear, Disinformation, and Propaganda - Alexander Leslie, Recorded Future - Common Good Cyber - A panel with an assorted cast including Craig Newmark, philanthropist and Craigslist fou

RSA Day 1

 Today was a travel day to RSA 2024. It started off simple enough, boarding at my municipal airport, then a puddle jumper to the nearest metro-airport, Atlanta.  Luckily, as if there wasn't enough anxiety around Boeing aircraft, our initial plan was inoperable and a secondary plane had to be found delaying our flight. Considering Boeing's in the business of killing whistleblowers this week, and they make roughly 90% in Delta's fleet (Atlanta is Delta's home turf) it didn't look like I was going to make it west on a non-Boeing flight.  (Inconsequentially, I spent the three weeks leading up to RSA obsessing over the Amtrak website trying to find a sub-$3k route to California sans air travel.) I landed in Atlanta's C concourse after the flight to SFO had already been boarding, so I took off at a full sprint towards Concourse A. The flight from Chattanooga had been full, so they'd already checked my carry-on's minus my laptop.  Not surprisingly, I got to Con