Folks who are just coming into infosec often ask me for a few ways to engage with the infosec community and begin to build relationships. Here a few quick words of advice that I give them for making that happen.
1) Join Twitter and engage with people who are also interested in infosec. Talk directly to researchers, security visionaries and leadership. Engage with them personally and professionally to build relationships. Add value to the discussions by researching topics or presenting material that you are familiar with.
2) Join an open source software project. Even if you aren’t a coder, join the project and help with testing, documentation or reviews of some kind. Open source projects (they don’t have to be security projects) can benefit from the help, an extra set of eyes and the energy of new folks contributing to their work. You’ll learn new stuff and build great relationships in the development and likely infosec communities along the way.
3) The way that most folks go about it works as well. Go to events. Network. Meet infosec people and engage them in discussions about technical and non-technical subjects. Groups like ISSA, ISACA, ISC2, OWASP and other regional security events are good places to meet people, learn stuff and develop relationships with folks working on hard problems. Cons can be good for this too, but often have less chances for building rapport due to the inherent sensory overload of most con environments. Cons are a good place to grow relationships, but may not be the best events for starting them.
That’s my advice. All 3 items are hard work. They offer a chance for you to learn and engage. BUT, you have to work to earn respect and rapport in this community. You have to contribute. You must add value.
As always, thanks for reading and until next time, stay safe out there!