Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Why does InfoSec play bass?
And other insights into hacker/Infosec culture
Why are we here?
Puzzles, prizes, ermahgerd!
Me
Nick
The InfoSec music scene unfolds…
@joswr1ght
@jsokoly
@ax0n
@secbarbie
@selenakyle
@mongold
@__sporkbomb
@gattica
@mattjay
...
Why do I play bass?
Why do I play bass?
Why does InfoSec play bass?
"Good Taste.”
-- Joseph Sokoly
Why does InfoSec play bass?
"We like the low, dark
and sinister. And
backbones.”
”We're not in it for glory
or props. Cont...
Why does InfoSec play bass?
"Easy, we pull it
together. We keep
the drums on
tempo and support
the band :)”
-- Dave Lewis
Doubts – do we really play bass?
How could I be sure?
Time for some Data
Casual observations versus
the big picture
Security Community/Worker Size Estimates
Social Media
Conferences
Workforce
How small is our bubble?
FollowerWonk Results
• Security + researcher = 5334
• Pentester = 1488
• Cybersecurity = 2996
• Hacker = 43571
• Ethical +...
How accurate are my stats?
What
Statistics?
Dead on
balls
accurate
Accuracy Scale
So what? Why does any of this matter?
https://fsmontenegro.wordpress.com/2015/07/29/on-the-shortage-of-infosec-professiona...
Jobs? What jobs???
68
56
191
Would you like to take a survey?
Attackers 45%
Defenders 35%
IR/Forensics 25%
Male 90%
Female 10%
1 – Robot
Active on Soci...
I throw Information Security events
0%
I work full-time in the information
security industry
69%
I work overtime/double ti...
Who we are – trolls, pranksters, wiseasses
144 survey respondents, 2448 responses in total
I wasn’t able to count the vast...
So, this bit about the
bass…
WELCOME TO OUR NEW MASCOT
InfoSec actually plays…
Survey results – Music
33% of respondents played an instrument
40% of those were multi-instrumentalists
Guitar 28
Bass 8
V...
Survey Results – Martial Arts
• Aikido
• Boxing
• BJJ
• Karate
• Kickboxing
• Krav Maga
• MMA
• Tai Chi
• Tang Soo Do
• Go...
Friends and strangers alike sent me photos of
them doing their hobbies.
Not a single photo scarred me for life or led me t...
Mycology
Who are we?
We’re a
post-dystopian,
neo-cyberpunk
travelling ren
faire!
Conclusions – we see the world differently
They see
• A car
• A door, a lock, a barrier
• Retail environment
• Trash bin
•...
Conclusions
Security is a calling for many of us. It isn’t
a career… it is who we are.
Conclusions
“It was an accident…”
“Can’t remember when it started…”
“I had to decide between jail or an honest paycheck.”
...
What’s Next?
What do you want to see? Do you have anything else you’d like to
share?
What direction should I take this?
Av...
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Why does InfoSec play bass?
Prochain SlideShare
Chargement dans…5
×

Why does InfoSec play bass?

Shortly after I was convinced to join Twitter and get engaged with the security community, I started noticing patterns with the people I was meeting. Namely, I noticed that many were also musicians and that the vast majority played the electric bass. As a bass player myself, I understand that the general rule is, if you show up to an open-mic blues jam, you’ll get to play bass all night, and the guitarists will be relieved that none of them have to ‘do bass duty’. I became fascinated with how this pattern seems to reverse in the infosec/hacker community and started to see parallels between security and this particular instrument. I plan to share my research, ideas and theories that I’ve collected on my journey to understand this strange anomaly and look forward to hearing more.

  • Soyez le premier à commenter

Why does InfoSec play bass?

  1. 1. Why does InfoSec play bass? And other insights into hacker/Infosec culture
  2. 2. Why are we here?
  3. 3. Puzzles, prizes, ermahgerd!
  4. 4. Me Nick
  5. 5. The InfoSec music scene unfolds… @joswr1ght @jsokoly @ax0n @secbarbie @selenakyle @mongold @__sporkbomb @gattica @mattjay @JZdziarski @chrissistrunk @3XPlo1T2 @DanBratt99 @SeanVerity @phoobar @secboffin @maradydd @adelmatrash @hackerhuntress @J0hnnyXm4s @p0wnlabs @daveshackleford @p0wnlabs @chrissistrunk @billbrenner @caseyjohnellis @p0wnlabs
  6. 6. Why do I play bass?
  7. 7. Why do I play bass?
  8. 8. Why does InfoSec play bass? "Good Taste.” -- Joseph Sokoly
  9. 9. Why does InfoSec play bass? "We like the low, dark and sinister. And backbones.” ”We're not in it for glory or props. Content in the background.” -- Eve Adams
  10. 10. Why does InfoSec play bass? "Easy, we pull it together. We keep the drums on tempo and support the band :)” -- Dave Lewis
  11. 11. Doubts – do we really play bass? How could I be sure?
  12. 12. Time for some Data
  13. 13. Casual observations versus the big picture
  14. 14. Security Community/Worker Size Estimates Social Media Conferences Workforce How small is our bubble?
  15. 15. FollowerWonk Results • Security + researcher = 5334 • Pentester = 1488 • Cybersecurity = 2996 • Hacker = 43571 • Ethical + hacker = 1581 • CISSP – 1605 • Infosec + bass –drum = 11 • Infosec + guitar = 27 Hmm…
  16. 16. How accurate are my stats? What Statistics? Dead on balls accurate Accuracy Scale
  17. 17. So what? Why does any of this matter? https://fsmontenegro.wordpress.com/2015/07/29/on-the-shortage-of-infosec-professionals/ @fsmontenegro  Follow this guy on Twitter 3561 just in the USAF (cyber command) 2170 just in US Army 1560 Booz Allen Hamilton 1407 Deloitte 1257 US Navy
  18. 18. Jobs? What jobs??? 68 56 191
  19. 19. Would you like to take a survey? Attackers 45% Defenders 35% IR/Forensics 25% Male 90% Female 10% 1 – Robot Active on Social Media? Nope – 13% No, not allowed – 5% Option 5 – 10% Yes – 79% Yes, but under an alias– 17%
  20. 20. I throw Information Security events 0% I work full-time in the information security industry 69% I work overtime/double time/too much time in Infosec. I need a vacation. 10% I work part-time in the information security industry 3% I'm a hacker, security researcher, or do something else in security, but it isn't my day job 15% Security student 1% SysAdmin 1% working toward 1% How are you connected to InfoSec?
  21. 21. Who we are – trolls, pranksters, wiseasses 144 survey respondents, 2448 responses in total I wasn’t able to count the vast number of wiseass responses. • Getting kicked in the face by Jimmy Vo. • I beat up CISOs in dark alleys for fun • Option 5 typo was a favorite (x14) • What do you do in the industry? Space Hitler < Thanks!
  22. 22. So, this bit about the bass…
  23. 23. WELCOME TO OUR NEW MASCOT
  24. 24. InfoSec actually plays…
  25. 25. Survey results – Music 33% of respondents played an instrument 40% of those were multi-instrumentalists Guitar 28 Bass 8 Violin 5 Drums 4 Saxophone 4 TOP 5
  26. 26. Survey Results – Martial Arts • Aikido • Boxing • BJJ • Karate • Kickboxing • Krav Maga • MMA • Tai Chi • Tang Soo Do • Goju • Tae Kwon Do • Muay Thai • Shaolin Kempo 19% of respondents practice martial arts
  27. 27. Friends and strangers alike sent me photos of them doing their hobbies. Not a single photo scarred me for life or led me to need therapy!
  28. 28. Mycology
  29. 29. Who are we? We’re a post-dystopian, neo-cyberpunk travelling ren faire!
  30. 30. Conclusions – we see the world differently They see • A car • A door, a lock, a barrier • Retail environment • Trash bin • Gobbletygook We see • Potential 80mph brick of death • A challenge, a puzzle • Hilariously insecure playground • Intelligence • Something to be decoded, cracked, decrypted… Both a gift and a curse…
  31. 31. Conclusions Security is a calling for many of us. It isn’t a career… it is who we are.
  32. 32. Conclusions “It was an accident…” “Can’t remember when it started…” “I had to decide between jail or an honest paycheck.” “It's fun to break rules.” “I like thinking I’m helping”
  33. 33. What’s Next? What do you want to see? Do you have anything else you’d like to share? What direction should I take this? Avery.Sawaba@gmail.com @sawaba

×