Twitter, we had the Bad and the Ugly, now it's time for the Good.

After one of my previous blog posts about the Do's and don'ts of Twitter interactions I got some feedback that I focused much on the negative side and that it would be good to get some advice on how to use Twitter in a beneficial way.

Good idea, and that's why I decided to write a post on how I use Twitter and what I get out of it in return.

A perfect tool to build a positive online profile

The first thing people do when they want to know more about you is typing your name in Google. Your online presence is only a few clicks away from anywhere in the world. Be aware of this and use this to your benefit. Twitter is one of the tools you can use to create a positive impression about you. Together with my blog, twitter is for me the medium where I express my opinion (about content that appears in the media) and share content I've created. If people google me that's what they'll find first and I'm happy with that.

You probably won't see me tweeting about politics and many other loaded themes because either it doesn't interest me or I'm not looking for online drama.

Share content

Twitter is my primary channel to share content. One of the main reasons is that my target audience, Infosec professionals, are mostly active on Twitter. For me it's the perfect medium to express short opinions or share the blogs I write.

Ask for opinions

I regularly do polls. They are not all equally serious...

But most of them are. For instance this one.

These polls help me to be better at my job. They give me insights how people think or make certain security related decisions. Certainly in the Information Security domain people often make wrong assumptions and will build systems and policies, awareness training, etc. based on them. Or they approach certain implementations with only security in mind and forget about usability. For instance in this case, a minimum password length of 14 is good from a security point of view, but will your average user succeed in choosing a password?

I like to challenge these kind of assumptions, and Twitter is an excellent medium to do so. The outcome of the polls and replies often shows common misconceptions and the need for awareness about particular security concepts. Understanding how people think and which security practices they apply helps me to build more secure but still usable solutions. I think this not only applies to Information Security, but also to other areas in life.

Ask for advice

When I want to buy something, or want advice about tools, or recently when I wanted to know about good resources for learning about OSINT I will often ask for advice on Twitter.

Why? Because feedback from people that have experience with certain products, tools or resources is invaluable. They have gone through the process of selecting the best solution and know what's good or not. I seem to get always good response on these kind of questions. In general people like to help and share experience and best practices.

I sometimes ask for retweets if it's a question which is not directly Infosec related or when I want to get more accurate results, for instance with polls. I think it's okay to do so, but don't exaggerate with it.

It only takes 1 tweet to get a lot of useful info. Don't be afraid, just do it.

Twitter as a learning platform

Twitter is for me one of the best learning platforms. I can only judge about Information Security, but there are a lot of really smart people that share great content and insights on Twitter.

Just by following them I learned a lot of things I otherwise wouldn't have known or thought about. It also gives a nice overview about what's going in your world of interest and you can dive deeper into the things that interest you most.

Help people

Like in life, twitter works in two directions. People will help you if you're helpful to them. I always try to help people with genuine questions and requests as good as I can. I might miss some mentions or DMs because I get more and more of them. But like I said in my previous blog, if you DM me out of the blue, quickly introduce yourself and ask your question. Don't be afraid, I won't bite :-).

Twitter to create real life opportunities

What particularly pleases me is that Twitter has given me already several opportunities. Opportunities to do Infosec related things, but also to meet some really awesome people in real life. And you know what? All the people that I met confirmed the positive image I formed about them based on how they are on Twitter.

The Beerfarmers originated last year in August. I got to know Mike Thompson, Sean Wright and Ian Thornton-Trump on Twitter and we seemed to be aligned on several topics. Mike created a DM group and that's how the idea started.

Later Andy Gill and now recently also Chrissy Morgan joined the 'band'. And whilst it all started as a bit of fun - it still is by the way - it led to different events that wouldn't have happened otherwise and I certainly didn't expect.

We did our first talk at Bsides Leeds in January of this year. Not only did I meet the rest of the Beerfarmers there for the first time (and yes we had several beers), but they introduced me to a lot of other people from the UK Infosec community. In the meantime we have a monthly podcast on The Many Hats club and next month there's our Bsides London talk. I can't say much about it yet, but that will be a special one for sure.

Or earlier this year at SecAppDev where I met Jim Manico for the first time. Jim is a very clever yet humble guy who does a lot for the AppSec community. It was awesome to meet him!

So next time you go to a conference or other public event, why not put out a tweet and ask if someone wants to have a coffee or beer? Also say hi to some of the speakers, most of them really appreciate this. It's these kind of encounters that can make a real difference in your career.

If you like people's content, tell them

Everybody needs confirmation. If no one ever says they appreciate what you're doing it's hard to stay motivated. Even if tweeting and writing blogs is something I do purely because I want to, it's very nice when someone tells me that the tweet I wrote helped them to approach things differently or my latest blog was helpful. Recently I got this very kind DM from Vineet. It really brightened my day. I got his permission to share this by the way ;).

Also keep in mind that many people on Twitter have a daytime job and create the content they share in their free time. So if you like it or it was helpful to you, just tell them! It will certainly be appreciated.

Give constructive feedback

There's nothing wrong with having a different point of view or disagreeing with someone. There's also nothing wrong with providing feedback to people, as long as you do it in a respectful, constructive way.

Show respect and you will get respect. Mostly. And if it's not appreciated by the person, back off and go on with something else.

Be open for constructive feedback

It takes two to tango. When someone gives you feedback don't get defensive immediately. I still have to learn that sometimes myself. When you've given something a lot of thought and someone gives feedback it might feel like criticism, but it is often well-intended.

Keep in mind that being open for constructive feedback will only help you to improve.


Twitter is a helpful tool to build an online profile and a network. If you're constructive, genuine and honest and stay away from the drama, Twitter is generally a good place. I encourage you to be interactive and create a bit of engagement with your followers. Ask and answer questions. Maybe do some polls to learn about your audience. When you do so it's not only beneficial to you but also your followers can learn from the interactions on your twitter feed.

John Opdenakker

John Opdenakker

Blogger | #Infosec | #AppSec | Security awareness | Occasional Public Speaker | Cycling | Running | Enjoying life