June 25, 2019

My personal retrospective

My personal retrospective

I was reflecting a bit about the plans I made for 2019. I think it's useful to evaluate the goals you've set every once in a while. The year is almost half way, so let's see which goals I achieved, which ones I didn't and what I want to adjust.

Achieved goals

At the moment of writing my 2018 review I wasn't sure yet if I could make it to Bsides Leeds to join the rest of The Beerfarmers for what would be my first ever public talk. Luckily I made it and we had a good time giving our "We Take Your Security Seriously. Or Do We?" talk about companies screwing up all the time and how they can do better. We had a few screw ups as well during our talk, but it was great fun and we got some good feedback, which was nice.

It was particularly nice to meet my mates from The Beerfarmers (Mike Thompson, Sean Wright, Ian Thornton-Trump, Andy Gill) for the first time. On top of that I also met several other people from the Infosec community like Daniel Card, Chrissy Morgan (who is a Beerfarmer in the meantime), Antonio Stano and many more.

I met a few of them again at Bsides London where we recently did our talk. Whilst the guys had given this talk many times, it was only my second time on stage. This time it was pretty special because Troy Hunt and Scott Helme did a guest appearance in our talk. The room was fully packed and we got good feedback afterwards. You can read my recap of this wonderful day here.

One of the other things I was pretty thrilled about was my first time SecAppDev in Leuven. It turned out to be a great conference where I met a lot of really smart people like Jim Manico, and the organizers Philippe De Ryck and Johan Peeters to name a few. I even did a recap of every single conference day. I blame Philippe for challenging me to do so after I wrote my review of the first day.

It was one of my goals to become a bit more active in the community and meet more Infosec people in real life to get to know who's behind the Twitter profiles. I already met a bunch of really nice and smart people, but I hope to meet many more in the future.

More consistent at blogging

I really like to write blogs but for some reason last year I didn't have a lot of inspiration. This year it's totally the opposite, I have more inspiration than time.

When I hit the publish button this will be my 27th blog of the year, which is a bit more than 1 per week on average. I find writing blogs important because it helps me improve my knowledge and writing skills and it's my preferred way of building my online profile. It's very nice to  get messages like this one from Cary, it really means a lot to me.

You can't have everything in life

All my Infosec related activities combined with a full time job and having been sleep deprived for the most part of this year, make that I'm feeling tired. So it's clear to me that I need to change things and make choices.

How much fulfilling it (mostly) is to do security related stuff in my free time, there's an unbalance at the moment between infosec and non-infosec activities.

A few years ago I rode 10000 km on my race bike and now, with the year almost half way, I didn't even complete 1000 km. My personal time that I invested previously in sports is now almost entirely absorbed by Infosec activities. Yes I know, I'm fanatic in everything I do. That is one of my pitfalls.

So energy and weight wise there's not much improvement since the end of last year to be honest. I still need to lose between 5 and 10 kgs and I couldn't keep up with my intentions to do more sports. At least until recently.

Whilst i'm not yet at the consistent level of sporting I want, last week for instance I did 4 (short) bike rides and this morning I went for a short run.

Sports is very similar to a lot of other things in life. If you're at a beginner level you have to work hard to break through the initial barrier.

Once you got the hang of it, things start to get more and more interesting. Or in case of running or cycling, it becomes addictive. I want that feeling back of wanting to sport, instead of needing to sport.

It's particularly frustrating for me that I had built up to a decent level of running and cycling. I now have to accept that my fitness is shit at the moment and adapt my goals accordingly. Not helpful either is that I got a heal injury some years ago, which still forces me to be cautious when running.

Enough feeling sorry for myself. Let's be honest, there was no excuse to neglect my fitness. It's nothing else but laziness. Anyway, I've decided to forget about the past and set new, realistic goals. I'll start with picking a 5km run, probably somewhere in August or September and create a training plan. The goal? Just enjoy the race and run it as comfortable as possible. Time is irrelevant.

And I'll start again with going to work by bike at least once per week, hell yeah!

Conference talk(s)

One of the other intentions I had last year was this:

I would like to create a presentation and send in some CFPs for security conferences.

So my ambition was just to send in a CFP, and go at least through the process of applying to speak at a conference. I consider(ed) getting accepted a bonus.

In the meantime I've spoken at 2 conferences with The Beerfarmers (all credits to Mike for sending in the CFP and getting accepted BTW). And don't get me wrong, it was a fantastic experience, but solo talks is not something that I aspire enough to put in the effort at the moment. I put out a tweet last week and I got a lot of lovely and encouraging reactions.

As I'm the kind of person that wants to have (at least the outline of) the presentation ready upfront, it would take me a lot of effort regardless if I would get accepted or not. And I know that public speaking will be beneficial, but it's simply not my priority now. Maybe something for later, we will see.

Some changes in how I use Twitter

As my online profile and the number of Twitter followers is growing, I get a lot more mentions and DMs. Until recently I tried to read every reaction and reply to every question. But sometimes it becomes a bit too much and either I miss mentions or I am not able to reply to them. So I just try to accept this, otherwise I would spend much more time on Twitter than is healthy. I also decided to close my DMs. Whilst it's actually against my philosophy of being easy to reach, it felt like the right thing to do. And it still does. I also decide to mute out of conversations earlier, mute trolls and block abusive people.

Conclusion

Like with everything I do, I try to do it in the best possible way. The last period the balance tipped strongly towards Infosec. And whilst it gave (and still gives) me a lot of satisfaction, it's time to get the balance a bit more right. I'll keep on blogging, because that's what I love the most. But just like my running goals I will keep my Infosec goals realistic. After all there's more in life than Infosec!