Infosec Rock Star

Why are some people so much more effective than others?

Why do some super smart people have almost no impact, but some seemly less smart ones have a major impact?

Geek will only get you so far

-Joe Eckhout

I’m Ted Demopoulos, and I do not claim to be a Rock Star. But many of my friends and colleagues are, and I’ve been talking to them, trying to figure out what makes them so great, what makes them rock!

I want your input too!

You do not need to consider yourself a Rock Star. We all have knowledge we can share, and I consider this a community project. These are not just my ideas. Not remotely!

Geek, or “Core Competency” is obviously important, whether it’s having the knowledge to be a kickass IDS analyst, or knowing how to manage, inspire, and lead a team.

Here are some of the key areas we’ll be exploring which affect how effective, or ineffective, you are.

And because so many people ask, we’ll also cover
  • Sex and Drugs – personally, “yes” and “coffee and alcohol”

Sex and drugs and rock and roll. Are very good indeed.

-Ian Dury and the Blockheads

and so is controversy, especially if you want ideas to spread!

This all began when I was asked to give a SANS at Night talk. I looked at the list of other speakers and topics, and not only was I in awe of them but also of their technical depth. Now I’m a fairly technical geek. I even love cryptography, even the math involved (really!), but . . .

I decided to give a non technical talk, on what it takes to be effective, to get things done, to have a (hopefully positive) major impact.

What, was I insane? A nontechnical talk at SANS? Well, I once spoke about Windows NT3.1 at USENIX – this couldn’t be any worse, and it was bound to be amusing at least!

The talk was an amazing success. I’ve given it many times since, gotten both great and positive (and some useful negative) feedback every time, and my talk and viewpoint has grown significantly over time “with a little help from my friends.”

One last thought, from a multi talented and Emmy, Grammy, American Comedy, Oscar award winning and kickass banjo player:

21 Responses to “Infosec Rock Star”

  1. Scott Wright says:

    Great post, Ted!

    My thoughts on this are:

    1) You may not even WANT to be a Rock Star. Have you ever talked to one? (I haven’t, but I’ve seen them on TV). I don’t think some of them are very happy. They just want to play music. The pressure leads them to have catastrophic drug problems, etc. But there are some who have an EDGE (like Bono), who know their limits and stay in control. I actually don’t like to be involved in controversy, but I don’t mind doing the unexpected, making myself look a little awkward or silly. This gets you noticed, and if you ARE good, then they will pay attention, at least. So, if you aren’t keen on controversy, at least be a little off-the-wall once in a while – and it will be easier to see yourself as a Rock Star who can be looked up to. I know we have a LOT of amazing folks in the Infosec industry. It’s time you took a bow!

    2) I just read a book about a guy I feel is an Entrepreneurial Rock Star, but you’ve probably never heard of him. He sold his company for $22M and is living comfortably (I’d be happy with that). His name is Derek Sivers, and his company was CD Baby. The book is called “Anything You Want.” It’s pretty short, but I found it very useful and inspiring for entrepreneurs. It’s stuff you can actually do. The other “must read” book, if you want to build a business, instead of “own a job”, is Million Dollar Consultant by Alan Weiss.

    3) If you aren’t an independent consultant, and have a full-time Infosec job, you can still be a Rock Star. But I don’t think that means doing your job so well that you are indispensible in that role, unless you want it to be. But you should think about your future. Where do you see yourself in 5 years, 10 years? It’s also hard to stay relevant if you don’t get out and see what others are doing in the field. So, it can be a bit of a let-down at some point when your run in the current job ends. You may have to start over in another job. So, keep up to date on as much as possible in the industry, which I know is hard for full-time employed Infosec people. Most are working so hard to fight fires they won’t have time to read this very long comment. Sorry.

    Looking forward to seeing more posts Ted.

    Cheers

    Scott

    • Ted Demopoulos says:

      Thanks Scott for your input,
      Million Dollar Consulting by Alan Weiss is a must read for more than just consultants for sure.
      I’ve listed it under resources. Will need to check out the book by Derek Silvers too!

      Think I may need to distinguish between Rock Star visibility, and Rock Star results. Not everyone wants Rock Star visibility. Some may want it globally, some just in their industry, just in their company, just within the group they work with, or not at all.

      Hey, the anonymous (I think he’s still anonymous) buy who developed/invented Bitcoin is having global impact, without global visibility!

  2. Joe Eckhout says:

    Hey Ted…

    You spelled my name wrong. 😉 Eckhout

    I was board the other evening and looking at TED Talks (you need to talk to them about the name by the way) and found an interesting one.

    Frequently us Geek types, regardless of how hard we try not to, end up in management. This means we have to learn how to make friends, influence people, and not act like the Geeks we are. I found this TED talk pretty encouraging and could help some work though that awkward transition from Geek to manager.

    http://www.ted.com/talks/amy_cuddy_your_body_language_shapes_who_you_are

  3. Ted Demopoulos says:

    Hey Joe,
    Fixed your name 🙂 I did say this site wasn’t quite ready for prime time when I sent the email out, didn’t I!

    Ted

  4. Bob says:

    I wanna rock n roll all night and party every day!

  5. Anonymous AJ says:

    Great Stuff,
    As someone who has always strived to be an Uber Geek, I always knew something was missing.

    Geek has gotten me pretty far, but not as far as if management were geeks too. This has some of the missing “Secret Sauce” I need.

    Plus I like how you wrap it up with Rock and Roll

    AJ, Geek and Rock n Roll Guitar player

    • Ted Demopoulos says:

      AJ,

      Good point – management, the folks typically in charge of assessing our performance and more, are not usually geeks. Thanks for your comment!

  6. Clyde says:

    Just a quick word of thanks and Happy Holidays Ted!

    I’ve gotten a lot out of the 2 classes I’ve taken from you, a few Webinars (on technical and biz topics) in the past, and I’m getting a lot out of this site!

    Have you considered doing a Webinar or more on how to be an Infosec Rock Star?

    I also encourage everyone to download the “Infosec Rock Star: Incredible Results” guide!

    Clyde

    • Ted Demopoulos says:

      Thanks Clyde for the kind words and Happy Holidays!

      I’ve been giving quite a few talks titled “Infosec Rock Star: Incredible Results” but obviously people need to be local to sit in.
      If there is enough interest, I’m happy to do online events as well!

  7. Ron Michaud says:

    Ted, you mentioned you had an update coming sometime to your Infosec Rock Star Guide? Is that sometime soon?

    • Ted Demopoulos says:

      Ron,

      Coming this month for sure.
      Just signup (upper right hand corner) and you’ll automatically get the new version as soon as it’s done. About 80% there.

  8. Kai says:

    Hi Ted,
    I think your readers might find my How to become an infosec rockstar slide deck from last years CSA Summer Conference of interest: http://roer.com/2014/06/17/how-to-become-an-infosec-rock-star/

    • Ted Demopoulos says:

      Hi Kai,

      Great stuff! Excellent slide deck and wish I could have been there live.
      Listening to AC/DC’s “Let me put my love into You” from your link right now.

      Great ideas, and especially how you present them. I’m going to give you credit as a contributor, with your permission of course!

  9. Hi Ted

    Managed to (finally) steal a bit of time to go through your work of art. Pretty good guidance there. I can back up a lot of what you say with actual experience in the trenches.

    An example – we recently helped a large insurance company to employ a new group CISO – most on the short-list came in with similar certs / quals / experience. What separated the winner was the “rock star” effect and more – comments of “could I place this person in front of the board” and “is this person strong enough to stand up to the CIO” were points that were the deciders!

    So get certified and experience behind you but then focus on your communication skills to differentiate you from the pack. Then to finally take it a step further go for the large speaking engagements…write a book…do amazing things for charity etc etc…

    Craig

    • Ted Demopoulos says:

      Thanks Craig! Having “Rock Star” qualities can really help a person stand out from the crowd. And EVERYONE can certainly learn and develop these skills, moving towards Rock Star.

  10. Clive C says:

    Great presentation in Canberra Ted!

  11. Martine says:

    Yes, the Canberra presentation was great, especially enjoyed that you stayed afterwards and answered questions and talked to folks including me!

  12. Ricco says:

    Hey Ted,
    A lot of things ring very true. I personally only concentrated on the “geek” – and I had and am having fun, but I only got so far! I was close to illiterate when it came to writing anything for anyone other than fellow geeks to read! And I was terrified of giving presentations.

    I’ve since learned to communicate for better, and it has made a big difference! I’m building my non-geek skills surely but slowly, it’s fun, and it works

  13. Yvonne says:

    Looking forward to your rerunning your course – hopefully again in 2016 Ted?

Leave a Reply