It was little over five years ago that I created a Twitter account. I had worked in security for about five years at that time and read every journal I could, any blog I could find. My goal was to share news, information, and takes, and to build my “professional” brand. I was angling to develop a consulting component to the services at a professional firm I was employed at at the the time. I was also frustrated with the opportunities there, lack of growth opportunities, and the desire to grow and really be able to focus on working in information security. If I could be a strong enough brand and reputation through my online profile, I’d either grow the role where I was or create an opportunity to find new employment where I was someone who was “known” and pursued.
Funny thing about building a brand online, you have to actually make your voice heard. I took the usual steps, sharing articles with commentary to LinkedIn, sometimes sharing those posts on Twitter. Retweeting and liking posts from well-known industry professionals, occasionally adding my own thoughts or commentary. But I was always highly self-conscious of being “me.” Whether it be joking, sarcastic, or even offering a take that may not be standard? A question you’d want to ask if what everyone keeps saying is how things should be, asking why that, why not this? I didn’t doubt the InfoSec community but always nervous to how it play to clients and prospects. Or worse, potential employers. I found myself in a weird middle ground. I was sharing information and “meeting” people, growing a bit in the community, but always afraid to use my voice. And forget anything socio-political, or just personal fun stuff. It was like I was “in” the community but not really a “part” of it.
So I created a new “anonymous” account about a week ago. A lot had been happening across the US and I was staying silent, though I wanted to scream. And there were more than a few impacts on current socio-political happenings that I had thoughts about, or would have wanted to at least engage in an exchange of ideas and opinions, that I stopped myself from expressing. And the fun stuff too, what about the fun stuff. Silly stuff, like bad puns, silly comments with gifs (see: David Caruso sunglasses), just the kind of stuff one would do socially. Not feeling like I had to prove myself that I belong with every post, share, or comment, just being me. Hi, it’s me, want to be friends? You know, the way we should be in real-life interactions. Now acting with deference all the time, that someone was willing to engage with me, an unknown (and the community writ large was more than willing to discuss topics), but just kind of step up and say, “hi.” It was psychologically freeing.
If I offered input or support on an issue, and was demeaned for it, it wouldn’t carry the same sting. That odd bit was freeing. And an odd thing happened; the rate at which I gained followers was so much quicker than when I was using the other account. Being able to step out of the comfort zone, where I was less worried about image, and would ask the questions to allow me to learn, or find out where I was mistaken in my understanding, allowed me to interact more. It opened me up to the community more than trying to fit in by almost not being noticed. Plus, the fun conversations were easier to have. I’m sarcastic and joke often with friends and family, but you would rarely, if ever, see that on the “professional” Twitter account. But now? Now, I can just be me. Yeah, not every joke lands, but that’s normal.
Creating an “anonymous” account (and I didn’t take great pains, I’m willing to bet that anyone in the business could figure it out if they cared to), becoming an “imposter,” helped me confront my own imposter syndrome. Didn’t kill it entirely, but it stopped me from not taking the risk of interacting. And my interactions grew. More people reacted and interacted with me, random folks, even “known” folks, followed, liked, even retweeted things I had posted. It had nothing to do with what I knew, just that I wasn’t able to put myself out there and contribute. I didn’t need to discover a new vulnerability, reverse engineer the latest malware, right a new Python tool, just participate.
So to anyone reading this that’s new to InfoSec, or anyone who’s hung around the periphery for years, as I did, I say to you, don’t put off contributing any longer. Don’t be obnoxious or an ass, don’t go trolling, but contribute. Ask honest questions, tell people their talk was great, you enjoy their videos, that interview on that podcast was really interesting and they tell the story well. Share your thoughts and your ideas. Are they people here that will attack, mock, and scoff? Sure. Those types of people exist in every sociological structure. But they aren’t the majority of people. Be smart, be safe, but be. Be a member of a giving community. Be someone who learns from others and looks to share that knowledge to someone else, pay it forward. Be hungry for knowledge and be hungry for fun. Be willing to be wrong. Be yourself.
Learn from my mistakes and fears. Be better than me. Be better than you are today. Be human.