Profile picture
, 11 tweets, 3 min read
My Authors
Read all threads
it still hurts when I sit in a conference talk where government "cyber workforce" discussions occur, and they still beat the same drum that hasn't worked for years, and realize that none of them come to things like BSides, Defcon, Shmoo, and others to have a realistic discussion
they merely talk about frameworks and policies, but nothing actually actionable or results... granted, having also sat in on agency discussions where there was a lot of, what could be best described as "whining", but no after action to address those concerns...
as I said MANY times, that if you have a shortage or want to focus on development and recruitment, you need to meet where the talent goes to learn, rather than hope and pray that a fishing expedition via job postings attract who and what you think you need...
this is often the gap between a practitioner approach to talent management versus a business and management perspective on how to approach it...
then again, I can only yell into the wind at certain venues where this topic is discussed that gets you a little demoralized... and of course this is why, to put it pointedly, gave up on this subject from where I was in the public sector... maybe I can change it elsewhere
I guess when I hear Federal officials speak of cybersecurity workforce and recruitment, they speak of it as a policy and business entity, rather than a community... which I think is where it fails. A community has culture, which requires a history, communication, knowledge...
they will say ML and AI, and realize that in many cases, this is NOT the expertise of many security folks, this is the realm of mathematicians and psychologists who birthed the subject many years ago. If anybody knows a higher-ed security program that teaches AI and ML, pls. LMK
...as this wraps up, it seems they, again, are focusing on degrees and certifications when the sunset (see Google and other tech orgs) focus less if not at all on paper and focus more on demonstrable skills since traditional educational models can't keep up with pace of tech
...branching here... the perception of "hacker" or "security" conferences has not changed much over the years for leaders/managers, and I think they are working with misconceptions and bad information. So the community needs to work on that perception-setting as well.
when I do CFP reviews for conferences, I look at the educational (and entertainment) value from the presentation and what would be the takeaways given the location (DC = policy and gov vs. elsewhere) that can be applied by attendees upon leaving. That's also a mechanism.
Like the level of policy talks, if I were to say, do @CanSecWest should be low, because they are known for highly technical content. @shmoocon has moved to a greater mix over 15+ years, as has others. Know your audience and where you can impact post-con mindsets and actions
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Amélie E. Koran

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @webjedi see all

Profile picture
Amélie E. Koran
@webjedi
It still boggles my mind that we will have people flock to conferences about the latest and greatest thing, and then come back to their org wanting to do that latest and greatest, but not be willing to invest in the basic work required to share up and mature the org to fix stuff.
"I want to do $buzzword_tech" while not even taking a moment to possibly get all their systems to a maintainable standard, reliable inventory and maintenance cycle, and repeatable and reliable processes. Again, like building the Burj Khalifa on quicksand. gizmodo.com/without-trucks…
...you're doubling down on resources, and creating exponentially larger piles of tech and process debt that, given the tenure or most tech execs, will not be their problem, as they will be gone by the time the shit tankers run out of places to dump... fix this, then modernize
Read 18 tweets
Profile picture
Amélie E. Koran
@webjedi
I figured it was worth a little explainer for the Anti-Deficiency Act and relation to IT operations and shutdown activities. I write as somebody who's been through a few in various roles... (1/12)
To clarify on the “it’s a static site, why can’t they…” comments. Each agency affected typically has a mix of appropriated funding: “no-year” & annual, each with time limits of when and what it can be spent on as well are... (2/12)
...“fee-based” for certain programs. During shutdown activities aligned with a “lapse in appropriation,” agencies and their components will utilize remaining funding to wind down operations to a minimum (hence the “Not Open” signage)... (3/12)
Read 12 tweets

Related threads

Profile picture
SueletteD
@SueletteD
2/16 Silencing expert voices in the cybersecurity discussion space is a
strategy for weakness not strength, as any Red Team expert would tell
you. #CyberCon #CensorCon
3/16 The @CyberGovAU removed me from the #AISA #CyberCon speakers list
8 days b4 the event. Reason: my talk content was 'incongruent' w/ the
largest cybersec conf in AU. Yet they had not seen my talk content yet.
#CensorCon #cyber #infosec #cybersecurity #informationsecurity
4/16 #CyberCon removed me from the speakers list based on my talk title
alone. I'm not the only speaker removed: @Thomas_Drake1 was also disinvited. Others
told to alter format. #CensorCon #cyber #infosec #cybersecurity #informationsecurity
Read 16 tweets
Profile picture
LGcommaI
@LGcommaI
"people in #Germany at the time they were not all evil people; they were a people who believed in the #government, and that was the crucial mistake..the ideology is not the core trigger, is not the reason why people were behind those views; it's the #propaganda. It's not that ..
.. everyone was racist, it's not that everyone was evil; it's the fact that the government was so adamant about spreading those views that everyone just got behind them (without questioning them), and it's the same with #socialism that came afterwards [well, international
..
.. #socialism (and in particular, the institution of #concentrationcamps) came BEFORE National Socialism, not only afterwards; to wit, institutionalized socialism (within modern history) started with Soviet Union, from 1922 onwards, 11 years before Hitler came to power.
..
Read 15 tweets
Profile picture
Darcey Dupuis
@1ProudCdn
Mega Thread of Opinion (1 of 52)

My take on #Election2019, is one that will surprise all #Canadians who will take the #time to read past this #headline. It will be a #long #series of #tweets that will be #purely #honest & straight to the #point.
This #series of tweets will contain #jabs at #voters, the #media & our #political #parties & they are #jabs, that in my own #opinion are #merited. Agree or don’t agree, I won’t care, but it needs to be said to ease my conscience in the lead up to our election!
In 2015, Canada’s #media, declared that #Trudeau & .@liberal_party outflanked the @NDP on leftist policies & for the 1st time in recent history the media supported large deficits & destruction of our country’s finances over a more balanced approach. Let’s stop here for a sec.
Read 52 tweets

Trending hashtags

#opinion #Outremont #armament #authoritarianism #pounce #squadreunion #Gladio #EgyptStation #authority #throwstones #government #dollars #CPC #Election2019 #pharmacare #Canadians #poultry #ThoughtsAndPrayers #Badagry #LOLwut #cyber #funding #LandDebate #synergy #property
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!