Cyber Is a Team Sport

Building the security community

What makes the community in the information security industry so unique? How can each of us participate and contribute to it whether we’ve just joined or been a part for a whole career? 

The gurus of cybersecurity community building Jason Blanchard and Deb Wigley from Black Hills Information Security (BHIS) joined PlexTrac Friends Friday to answer those questions and more. Dan DeCloss, founder and CTO of PlexTrac, and Anna Lee, content marketing manager, sat down with Jason and Deb to hear their insights and learn about their innovative projects to educate, train, and bring together current and future cyber professionals. 

Jason Blanchard, director of excitement, content, and community, has been happily adopted into the hacker community at BHIS since 2019, even though he “works in marketing.” Jason has had a varied background, including teaching filmmaking, owning the world’s most famous comic book store, and fostering the infosec community efforts for SANS. Deb Wigley is the director of kindness and generosity also at BHIS. She joined the team in 2019 after celebrating 20 years of working in customer engagement and satisfaction in the automotive industry. 

Watch the full episode or read the highlights.

The uniqueness of the infosec community

The conversation kicked off with a discussion on what makes the cybersecurity community so different from other industries. The group agreed that a deep level of generosity and curiosity displayed individuals and organizations in the industry sets it apart from others they have experienced.

“So, for me, comic books and filmmaking is all about creating content, building community. And when I got to cybersecurity, I saw the BSides movement or, like, the BSides conferences. And so I was like, what is this? I want to know more about it. And the fact that people got together and had a conference, and they only charged $20 to get there. And then I was like, this is great. This is phenomenal. I do come from a marketing background. For a bunch of marketing people to get together and not charge each other anything, and then to get up and just kindly share their knowledge. Yeah, no, that’s not a thing,” explained Jason. 

Dan agreed, “Because, like I said, my experience has only been in the community, but I think our roots are really from that, you know, from the beginning. I mean, like, if you look at DEF CON, that was a total volunteer kind of thing. And that’s kind of where I would say that’s kind of really where this whole notion of getting together and sharing information and how things kind of started. And it’s only grown from there. But you’re right. I think the mission is really what drives a lot. It drives a lot of us.” 

Anna added that curiosity paired with generosity seems to drive the community spirit in infosec. “I was going to say, you know, I come from primarily a background in higher education and in that industry, and it’s similar in the sense that, as you were saying with John, that there’s this curiosity and this sense of wanting to learn and educate. And I think that that is, in my observations, true of infosec folks. They’re just really curious people. They want to learn new things, they want to try new things, and they want to share those when they figure them out. And I think that’s really cool.”

Standing out in the infosec community

The panel noted that while the community is welcoming, it can still be intimidating to participate when you are new. They acknowledged the imposter syndrome that many feel when trying to offer insights and contribute to the collective knowledge in such a highly technical industry. 

Deb shared her advice for breaking in. “We always encourage people to jump in our Discord or any infosec Discord and just start answering questions. If you see someone asking, there’s always someone that’s coming, someone behind you just a little bit. Someone asking a question that you know the answer to. So that’s, that’s how we find our community leaders. That’s how we find the other, like, friends of ours that we want to give back to is the people who are jumping into community and answering questions.”

Jason continued, “And sometimes you don’t know what to talk about until you see someone’s question. Like, questions is the greatest way to figure out what to talk about. If you’re in a Discord server and you see someone ask a question about something that you have some kind of [knowledge of], you’re like, oh, that’s a ten minute talk, or that’s a 15 minutes talk. I could talk about that topic. And so just answering a question that you see on the Internet, on Reddit, Discord, or something. If a person is asking this, it means they don’t know. And if I have the answer to that, then let me be the answer to their question. And you can make the assumption that if they don’t know, there’s a lot of other people that don’t know either. So that’s a good place to get started.” 

Giving back to the infosec community

Finally, the panel covered ways individuals can give back to the community to help other grow personally and professionally.

Dan explained his philosophy: “Don’t have an agenda. Right. You know, don’t come into an environment, you know, hoping to get more out of it than you’re willing to contribute. That’s kind of way I’ve always tried to build my career.” 

Jason observed that isolation can be a huge issue in infosec because so many people work remotely. He said, “I think there’s a lot of people, especially post pandemic, you hear about loneliness being an epidemic, right? People are just so alone. So I think there’s a lot of people who feel unseen in our industry. And so instead of waiting for them to come to you, go to them, like, find them. And not, like, force yourself upon them with friendship. But say, ‘hey, I see you. I see that you have something to contribute. I see that you have something not even something to contribute. I see you as a person, and I see you as a person who potentially bring joy to my life. I’ll bring joy to your life. And so how about we just do some life together?’” 

Deb concluded with an encouragement to everyone just to get out there and take a chance on the community. “And it’s just like as an individual, that’s something easily you can do. You can join any infosec Discord server. I’m clearly biased towards the Black Hills one, but there are so many people in there that really just can’t wait to meet you, want to say hi. They want to know about you. They want to know your likes and your dislikes and just you as a human, not necessarily as a professional in the infosec industry, but they really, really will be like, oh, there you are.” 

Learn more about connecting with the PlexTrac team when the community gathers in Las Vegas for Hacker Summer Camp next week.