2015 was a good year for me. After seven and a half years, I finally graduated from the University of South Carolina. I changed jobs. I spoke for the first time at a conference (three actually). I launched a brand new podcast focused on exploring information security. It's been quite the year for me, with many accomplishments and lessons learned.
One of my biggest accomplishments from the year was getting my Media Arts degree from the University of South Carolina. I started my journey back in the Spring semester of 2008. Coming out of the Navy I had decided to work full-time instead of going back to school.
I got married and settled into a level two analyst role for a staffing agency. At that point, I decided it was time to start using my GI Bill. I choose media arts over a computer science degree for the simple fact that they offered more evening classes. Plus, I liked the idea of a media arts degree. I hadn't really become enamored with doing IT work for the rest of my career. I thought media arts might be an avenue for me due to having an interest in website construction and video production.
Fast forward to 2015 and I’m not exactly going into the media industry. I am, however, using a lot of things I learned from school and applying it to my career in information security. My photography and photoshop courses providing the most benefit to me. Last year, I started taking pictures at security conferences and that continued this year.
I finally launched the podcast I started last year, Exploring Information Security. Each week, I peak with a different security professional for 20-30 minute on a specific topic. This was also the first full year of producing the PVC Security podcast with Paul and Ed. We've added Chris to the mix now as a regular co-host. Out of all the media work I do, I enjoy podcasting the most.
Media arts skills also came in handy when building presentation slides for conference talks. This year I submitted and got accepted to speak at BSides Augusta, DerbyCon, and Trends 2015. All three were different and wonderful experience.
Physically, I lost 25 pounds this past year. I began running nearly every morning and it has paid of in a big way. I have more energy and I'm fitting into more of my clothes.
On the job front, I switched roles in the state. Moving from a security team role (building out processes, responding to incidents, etc.) to a security operations center. Instead of building defenses, I am monitoring networks for malicious abnormalities. It’s quite the change.
ColaSec the local security user group in Columbia, South Carolina, continues to grow. The last few months in 2015 we had around 10-15 people each meeting. Our listserv is up to 40 members. We conducted our first ever CTF and we did some outreach. We also helped IT-ology fill out their speaker list for both POSSCON and Trends 2015. It's awesome to see the group grow and mature.
The biggest takeaway from helping with POSSCON and Trends 2015: there is a lot of interest in security. POSSCON is a conference focused on open source technology. This was the first year they had a security track. The track ended up being so packed that they had to bring in more chairs. Even with the added chairs, it was still standing room only for the entire day.
BSides Nashville and Augusta continue to appease my fetish for taking pictures of infosec enthusiasts. CircleCityCon afforded me the opportunity of shooting my first big conference. Four days and something like 40 miles later I had taken around 3500 pictures. Looking through that many pictures I discovered that the infosec community loves to smile.
Speaking allowed me to step out of my comfort zone and grow as an individual. I learned how to prepare for a talk. I still get very nervous speaking in front of a crowd. I'm hoping to continue to work on that in 2016. I also learned that I have knowledge and experiences that people find valuable.
I have gotten the opportunity to meet some really interesting and awesome people this year. Last year I started to understand the networking aspect of building a successful career. My network grew tremendously for me this year. I also learned that I don't need to the biggest network, but to have quality relationships. I love helping people and a network is great for doing just that. In return I get to have relationships with people who can help me with challenges I face now and in the future.
Building relationships is something that I discovered is important but often overlooked in business. It’s not needed just for a strong network, but also for accomplishing goals and objectives in an organization. Things will get done without building relationships, but they get done inefficiently. I’m all about efficiency and I plan to write more on this in the future.
Professionally, I finally discovered where I want to go in information security. I want to help organizations improve their security posture by improving and implementing initiatives. The title for this type of job varies, but my favorite is security strategist. It’s looking at the bigger picture and providing a plan for getting there.
I want to get my Certified Information Systems Security Professional (CISSP) certificate.
I want to continue to present and refine my speaking ability. I would also like to start attending and presenting at conferences outside of infosec.
Improve my writing and researching skills. I've done some of that with the Crawfish Boxes which is a Houston Astros blog. I want to apply and improve upon those skills by continuing to write regular on infosec topics on this site.
Help everyone in ColaSec get on a path towards a successful information security careers. Our membership ratio leans heavily towards security enthusiasts on the outside of the industry looking in. We have an opportunity to help those members build skills and find their place in the industry.
While 2015 was great, I am really looking forward to 2016. By refocusing my spare time, I have been able to accomplish a lot. My podcasts are growing. The list of awesome people I know is growing. My knowledge is growing. I'm gaining new skills and improving upon my current ones. I'm focused and ready to see what I can do with a full year.