How long have you done your job?
How much does that experience mean to your career?
I saw this old Dilbert comic this week and it reminded me that I have been doing network security for about 20 years and cut my teeth securing NT 4 and NetWare servers.
I know that if I don’t make a concerted effort to stop experience blindness I quickly become the old guy in the comic.
To do this I try to do the following things:
I read /netsec, twitter, Russian hacker blogs, linkedin, mailing lists, white papers, bathroom stalls and anything else I can find about information security.
I go to conferences and skip the keynotes.
90% of the conferences I attend have keynotes given by people who make (part) of their living giving keynotes at conferences. I have heard what they have said, bought their books and dont need to see the same talk they gave last year with new pictures. I want to be in the room of the kid who has never spoke at a conference before and is likely to throw up and then give the best talk at the conference.
I make friends with new people in security.
If you are new in the security industry I want to be hear your thoughts before someone who has been doing it as long as I have tells you that you are wrong and you need to be quite.
I retool ever year.
If it was up to me I would never sign a contract for a tool over a year in length. I like to know that the tools I am using are the right tools. I know people who spend a ridiculous amount of money on the wrong tools because it is easier to keep the tool they have then to go through the pain of retooling.
What do you do to fight experience blindness?