Going to try and not mention existential climate worries, Brexit, Boris, Trump, populism, mainstream media (subscribe to decent paid news sources!) or reaching 40 🙂
∞ Try not to judge yourself harshly
We’ve all had “a year” of it. And we should all be gentle on ourselves. But I look at the sheer quantity of qualifications some people are coming out of it with and damn, it’s really hard not to compare yourself sometimes. Check out what a contact of mine posted this morning:
That said, we home-schooled the kids, moved home, I changed roles, delivered the notPetya post, identified and dealt with an issue around grief, spoke at a good few events… Stuff happened!
∞ Be thankful
- My family were all terribly ill back at the start of the year. We didn’t get tested but we’re pretty certain COVID19 went through the house early on. So the fact we’re all still here, I am thankful for.
- We’ve also not had to deal with any deaths in our immediate family, so we’re thankful for this.
- My family is infinitely lucky to be alive in a time and place where my wife and I can work entirely from home. We’re not struggling financially. We’re not living in a country where you might get persecuted by your own government, or driven out of home to become refugees. And while we miss siblings and parents/grandparents (as are so many), we are healthy and we’re thankful.
- For all the people who responded so fantastically to the notPetya post, I’m humbled. I thought some people would find it interesting but nothing like the reception it got. I’m humbled, and deeply grateful.
- And for the event organisers at Stealthbits, BSides København, ESET Nederland, and Quest TEC, and all the wonderful feedback from these events – you made my year.
- Thank you to Rich & Al, Brian, Geoff at risual, when the world was going bananas you really took great care of everyone.
- Lastly to Adam Laub at Stealthbits who has given me an opportunity to focus simply on getting organisations to a better place. In a world where people are struggling more than ever, I’m extremely mindful of the privilege I have. Thank you.
∞ Ahead into 2021
So looking ahead. The world will never stop being a place of chaos, with news about ever more vicious cyber attacks always coming in, new technologies to get a handle on (not to mention the political and environmental state of things), it’s all too easy (for me, at least) to be distracted. You have to be mindful sometimes to focus inwards.
Gaining focus, balance and achievement are my targets for 2021. And I’m going to frame this around mind, body and soul. New years resolutions are not something that ever worked for me, but setting some goals helps.
I enjoy pushing organisations towards a secure and productive state, evangelising secure practices, architecting secure solutions, and being able to speak across several disciplines adds to my credibility. I believe I already have a good footing in this area but with no qualifications to back that up I’m selling myself way short. So I’m going to gun for a decent range this year:
- Certified Ethical Hacker (CEH): I’ve known about the threats from and mitigations against insider threats, malware, viruses and so on from relatively early in my career. But being able to fully articulate, demonstrate and speak to these threats I think deserves some formal qualifier. And CEH seems the perfect fit.
- AZ-500: This one has been on my radar a while. My professional history resides within identity and access so it shouldn’t be a big stretch for me to tick this one off.
- AZ-100: Azure infrastructure is something I spent a good deal of time with in a previous role. It would be cool to cover any gaps and get this tick in the box to demonstrate my ability.
- AZ-101: Nicely knits AZ-500 and AZ-100 together and also gives me good stretch goal in some areas where I’m currently quite weak.
- AZ-300: I’ve had collaborative experiences where solutions were architected upon the Azure platform and so again, this would be a great qualification to cover gaps and demonstrate capability.
- AZ-301: As the sister qualification for AZ-300, this gets added to the list.
- ISO 27001 Lead Implementer: This is where I branch off from straight technical qualifications and where I think I can really add something. Through the notPetya response I was able to participate in conversations with many different functions and got insights across multiple teams. Being able to take that knowledge, context and awareness from one area and apply it to another really added something. With this and subsequent qualifications, I’m arming myself with the ability to speak the language of my audience. It’s not simply enough to “know technical things” unless I can communicate in an effective manner. Moving organisations from an insecure state to a ‘secure’ state is also something that cannot be achieved through technology alone. So it’s really all a means to the end of making the organisations I come across, better.
- CCSP: I believe the future is in the cloud. Organisations will continue to exist on-premises probably for the remainder of my career at least, but the real developments are going to happen elsewhere. Outside of my traditional Microsoft realm, I believe ISC2 is probably the best place to put my focus.
- SSCP: As a supporting qualification, this would back up my history within the on-premises world.
- CISSP: And the final stretch goal is the big one. CISSP would really move things up a notch. But again I don’t believe I’m a million miles away from this one. Not to suggest it won’t be a lot of work, but having worked in the security space virtually my whole career, and with the experiences so many of us lived through in 2017, I can’t believe this would be impossible to achieve.
As a lifelong cyclist, it’s been a good couple of years since I rode a bike and it’s felt like an absolute eternity. I sold ‘the stable’ to help fund the family trip in 2019 but I’m thrilled to be back in the saddle now, and so for 2021 I’m going to target doing the Rapha Festive 500 next December. This basically entails getting 500km done over the festive period. Luckily I live in a nice area for cycling! That should set me up for losing the weight put on over COVID and see me fighting fit by this time next year.
Maybe it’ll also be the year I start running and doing yoga but hey let’s not get ahead of ourselves!
In 2020 I really discovered how to be more proactive within the community. For years I’ve been a straight up consumer of the content delivered by others. But in 2020 I discovered my voice and found that people actually enjoyed listening to it. In fact it’s led to my role at Stealthbits – something else I’m thankful for! I’ve had really lovely feedback this year from people all over the world and this is absolutely something I’m looking to expand on for next year. So more events, more content, maybe some mentoring if I can break into that scene. Time to give back.
∞ Happy new year
I wish you and yours a happy, and healthy new year. Remember to be safe, wear a mask, and don’t be a spreader.
This is the way.