Creativity fuels us: End-of-year reflections.
The Talk
In October, I had 5 minutes to address the end-of-day crowd at BSides Toronto during a spontaneous Lightning Talks session. I love Lightning Talks as a quick way to share, you really never know what will come up! I’ve seen some wild topics: The history of classic video games, Incident Response improv, the social engineering exploits of a cameraman. Lightning Talks can bring people out of their shells: they’re candid, they’re real. It’s a great time.
They also exude that classic BSides energy, the one that goes something like this:
“Come as you are, and welcome to Cybersecurity. This field is not all hot tweets and Top 5 lists. It is puzzles and challenges and so much fun. Care to join?”
This was my talk:
While it was a little off-the-cuff, it captured what I’ve been working to remember as I inch closer to 10 years in the field.
There are two constant needs in Cybersecurity (or Infosec, if you will) that will never fade:
- Welcoming New Faces: We need eager, curious minds of all backgrounds and educations in this field to solve the challenges ahead. Continuing to welcome our future colleagues, peers, and friends with open arms keeps us from getting jaded.
- Keeping Curiosity Alive: Eager minds need interesting puzzles to solve! Not everything needs to build a resume. Are you having fun with computers? Go have some fun with computers! When was the last time you installed
sl
for the hell of it?
No matter what we’re up to on a given year, how the industry’s doing, where we’re going, or what new acronyms have popped up in that time - we solve puzzles, and we include others. I truly believe that this will never change in the spirit of what we do in Cybersecurity.
A Love Letter
The more we progress in a career, the easier it is to forget where our love for the field first came from. The spirit of using systems to do what they’re not supposed to, and protecting against it. The sense that something could be used differently: understanding how, detecting it, fixing it. The joy of discovery.
We get busy patching vulnerabilities, pentesting systems, earning certs, explaining risk, breaking into roles and helping others do the same. This is all well and good - this is the service that we bring to the world. These are the unsung bits of being a hero in industry.
But what about “Why?” To secure the world, certainly. But why else? I don’t know about you, but…
I love the game. I love a fresh challenge, so much.
I burn with questions: How does that system work, and why on earth did it do that? What will I learn this year? Who will I meet, and what wild projects will they be working on? Will I hear cool stories? Will I solve new problems? Will I fall in love with new topics I didn’t know I enjoyed?
Cybersecurity has that sort of magnetic pull that makes you double-take across the room at a CTF, a talk in progress, a messy project on a workbench, and think “What on Earth is going on over there?!”. It’s infused with that delight, that passion, that classic clever hacker spirit. I’m not talking about the side-hustle grind, but the genuine stuff that makes you a child again. Pure puppy love. Honest joy. Popping a shell in a Christmas CTF. Blinky LEDs. Weird radios. That kind of thing. The kind of open-minded nonsense that drives you to solve another challenge. That “How does that even work?” spirit. The magic of seeing the pieces behind the system, each speaking their own language, just waiting to be heard. The creative energy that keeps us going.
In the wrong light, this thrill can look “useless”. What cert does it earn us? When will we ever need Software Defined Radio on the job? …Who cares?! In my eyes, it’s still worth learning. The way your mind rises to the challenge of understanding it, the metaphorical muscle built working with new ideas, will help you grow. You’ll never know just how much if you don’t pursue it once in a while, right?
Much of my 2023 has been about remembering and acting on this, and looking to share that energy with others. Thus, I’d like to share my 5 minute ramble (the above talk) a bit more widely.
And for those who are new to the field:
WELCOME ABOARD!!
What a time you’re in for. We need you in this field, always.
Things will always be changing, but one thing is for certain - we need problem solvers for everything ahead.
Happy New Year!
In short, remember to do useless things. Code nonsense. Break circuits. Invent games. Create, just for the hell of it. Play holiday CTFs. Play them with your friends, your family. Pick (your own!) locks. Do some classic, clever, downright USELESS hacker things. Do it for the spirit of the challenge, and the spirit of discovery. Have some fun!
Happy New Year! I hope you have a wonderful adventure no matter what you do. 🎉
With extra thanks to Joel P., @rossja, & RITSEC for starting my two newbish feet off on the right path, and always guiding me home (though they may not know it!).