The only thing I might add to Scott's list is Presenting at conferences.  Presenting forces me to become more familiar with the subject and also in talking to the audience, I sometimes gain information that I did not have.

 

Regards

 

Diana

 

> CISOScott (Advocate I) posted a new reply in Tech Talk on 03-01-2019 10:54 AM in

> Occasionally picking up another cert, reading websites daily for cyber news,
> helping others, participating in forums, listening to podcasts, reading (or
> listening) to books (not just cyber security but others too).   I also look to
> attend conferences, take webinars, have vendors demo their products, etc.

Yeah, that's the "right" answer. See? Everyone knows it.

Actually, I find it's changed for me, over the years. At this point, I don't do any
more certs.

In terms of reading for news, I still do that, but, to make sure, I *post* news.
That way, I test myself in terms of "am I keeping up with what's actually
important?" If I'm just passing along the regular run of garbage that happens
anyway, people are going to complain about what I'm posting.

"Helping others" is pretty key by this point. Again, I do a lot of teaching,
presentations, and mentoring. If the people I'm "helping" don't find it helpful,I
know I've got some work to do.

I don't do podcasts and Webinars. I just find they take too long to deliver too
little actual information. They aren't an efficient use of my time (and I haven't
got much left).

I still read a lot of books, although not as many as when I was doing the review
project. (Again, doing the reviews, particularly online, meant I really had to learn
from the books, and, if I didn't get it right, "the Internet" would definitely let me
know I'd got it wrong.)

These days I only attend conferences if I'm speaking or helping run them. By this
point I've heard most of the presentations, and it's really rare to run into
something actually new.

I still go to vendor presentations, but that's mostly to meet old friends ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Life may have no meaning. Or even worse, it may have a meaning
of which I disapprove. - Ashleigh Brilliant
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

 

I missed out the part where you pass on your knowledge during an interaction, but that goes without saying...

 

 

> Shannon (Advocate I) mentioned you in a post! Join the conversation below:

>   (Okay, I confess --- I
> haven't attended an interview for quite some time now.)

I suppose it's been a while now, for me., but, boy! I've sure attended enough of
them in my lifetime!

Group interviews, hostile interviews, trick questions, I know all the interview
stunts. I've seen all the fads come and go.

I had one outfit finish up by telling me they needed me to take a test to prove I
knew my tech. They gave me a Lotus 1-2-3 (forerunner of Excel) trivia quiz that
someone had photocopied out of a computer mag. (I figured that, if they weree
using that to assess candidates, I definitely didn't need to work for them, and
walked out.)

I was in the waiting area for one interview when I realized I could hear some
conversation over the area "dividers" that didn't quite go all the way to the roof.
It was the head of the tech area and the HR rep deciding what "trick" questions
they'd ask.

A frequent question is what I call "what do you want to be when you grow up?",
more usually phrased as "where do you see yourself in 2/5/10/15 years?" But one
recruiter worded it so badly it was along the lines of "what do you want to have
done by the time you die?" (My response: "I know this is the wrong answer, but
I've already done it." Even though it didn't sell at all well, I'm still very proud of
having done a book the first time out.)

There is no substitute for actually preparing, when you are recruiting. (And, if you
are the interviewee, don't worry about acing the interview. If you *do* manage to
"hack" the interview, and get the job even though you aren't what they think you
are, you won't enjoy working there anyway ...)

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/