Monthly Archives: July 2022

Podcasts and Audiobooks for Commute

pic courtesy: unsplash

The traffic is back! This is what you would hear from your friends, colleagues who have resumed commuting to the office and my opinion is no different. I shuffle between self-drive, cab, and public transport and can feel the noticeable increase in the traffic between the covid and present days. Cycling is ruled out due to the distance 🙂

The usual options during the commute were to listen to the Radio, Songs on CD (incase you remember)/USB drive, but I rarely listen to these nowadays. I remember reading somewhere that many FM radio stations are closing due to low patronage. Couple of the ways I have managed to deal with the commuting boredom or stress is listening to Podcasts and Audiobooks. Podcasts are the best things to have happened in the recent past and I think its a win – win to both the content creators and content listeners. Bear with the Podcaster talking about their sponsors at the beginning and the end and you can listen to uninterrupted content. Don’t like something, skip it and you are in total control in terms of interests.

As I work in the InfoSec, I started off with the podcasts around this topic to keep myself up-to-date, but later added other areas once the routine set in. I have found some of these podcasts very enriching and hence thought of sharing. Irrespective of commute or not, it is better to set aside some time in the day for listening to audio books or podcasts:

The Darknet Diaries

podcast darknetdiaries

If you work in the security field or just even an enthusiast, this is a great one. Jack Rhsyider interviews the people from the wide range of spectrum in the security industry ranging from hackers to CxOs, Hacktivists, self proclaimed vigilantes, Rappers, Social Engineers, Regime Survivors and more. My favorite episode was one about the investigation on Linkedin Incident , which actually led to breaches in other companies. If you are on the defensive side of the security, you can actually use this as a benchmark for enhancing security in your own companies. All the TTPs will unravel as you listen and you can connect the dots.  What I also like about this podcast is the music from BreakMaster Cylinder (fancy name eh!) which is pleasant to hear unlike the opening and closing notes of many podcasts.

Work Life by Adam Grant

work life

This is not related to InfoSec but do not miss this one as it touches various aspects of professional and personal life skills. Some of the episodes that have I have found very helpful include “The 4 Deadly Sins of Work Culture“, “How to Rethink a Bad Decision“, “Networking for People who hate Networking”

Some of the pointers in the podcasts talks about identifying the traits of the organisation culture before joining using a method called as culture audits. The podcast episode mentioned above in itself deserves a separate writeup and I will share some thoughts on them in future

Huberman Lab Podcast

Huberman lab podcast

Andrew Huberman is a neurobiologist. What the heck does Neurobiologist have to do with security for me to be recommending this ? Well, there are couple of changes I did based on this podcast and is helping me in my journey of physical and mental fitness including sleeping well ! Huberman podcasts are usually long (~1.5 hours on an average) and very detailed. Topics include managing stress, sleeping well, improving gut health. Handy tip: Do make you are not actually driving while listening this to Huberman’s podcast as any missed out attention will require listening from scratch 🙂

CISO Series Podcast

ciso series podcast

 If you are someone who works in the field of Information Security you will enjoy listening to this show as the speakers talk from a corporate angle dealing with vendors, the board, the management, peering teams. The podcasts are short with most of them ranging from 10-20 minutes and is hosted by David Spark.  A few topics that I liked include: “A look back at the Foolish Security Policies of Past and Present”, “After a Breach Its really easy to calculate Risk“, “Finding the perfect Time to Quit Your Job“,

When Audiobooks launched, I was skeptical initially but soon one book led to another and currently there are close to 20+ audiobooks in the library some of which I have listened to again. I listen to them not just during the commute but also during workouts, walks and even as a break from work. Most of the podcasts I listen to are themed around Information Security with the exception of few. Here are some of the books I have been listening/reading (mostly in audio book format) and it includes both fiction and non-fiction as well

Cult of the Dead Cow

cult of the dead cow

 

 

 

 

Fascinating book on the journey of Hacker Culture, the origin of DefCon, Blackhat, hacktivism, CyberLegal stuff and a lot more

Why I Am an Atheist and Other Works
Why I Am an Atheist and Other Works
This is the collection of letters Indian Revolutionary Bhagat Singh wrote while he was imprisoned

Permanent Record
Permanent Record
Biography on Snowden, great  insights on inner workings of surveillance program at NSA

The Phoenix Project
Phoenix Project
Book that made concept of DevOps popular

Ikigai
IKIGAI
Self-help / motivational

Talking to Strangers
Talking to Strangers
Non-fiction and a book that touches upon Inherent biases and how it affects our judgements

Zero to One
zero to one
From the Startup guru Peter Thiel, its actually notes from his lecture classes which a student compiled

Essential Calvin and Hobbes
Calvin and Hobbes
Calvin fan, hence 🙂 PS: This is a kindle ebook

An Astronaut’s Guide to Life on Earth Chris Hadfield
an astronauts guide
Fan of Space and Astronauts, hence

The Goal
The Goal
More like a precursor to The Phoenix Project, can draw parallel to modern day monolits

Outliers
outliers
Name says it all

The order of Time
The Order of Time
A good read on the captured history of time measurement. Felt this was philosophical as well during the listening of audiobook, probably will listen to it again.

Atomic Habits (still listening)
ATOMIC habits

The Almanac of Naval Ravikant (still reading)
The almanack of naval ravikant

What are your tips to beat the commuting boredom ? Feel free to share through comments:

Community Building And Volunteering Experience

volunteer pic courtesy pixabay

As the Silicon Valley of India, Bengaluru is often looked up to for all the latest in Technology ranging from Cloud to Product management. When it comes to Information Security there are limited groups and communities that meet regularly. Among these, ISC2 Bangalore chapter is one such group of folks primarily comprising security practitioners in various domains of security. Started in 2015, it now has over 200 security professionals across a broad range of companies, consultants, freelancers and we used to meet regularly offline and online since last two years (due to Covid).

Recently my term as the Board Member of ISC2 Bangalore Chapter ended and am sharing my experience of volunteering for the board here. 

I was one of those folks who used to attend the meetings and mostly wondered what goes behind the scenes when it comes to running multiple events all around the year. Not wanting to be bothered about all the efforts and planning that goes behind like selecting topics, speakers,  talking to sponsors, shortlisting a venue, gauging the participation of the folks, logistics including lunch / snacks/ coffee/ tea. But all that changed when I made the leap. Thanks to many folks including the past and the present board members who nudged. 

Volunteering for the board was a great experience that helped me expand my knowledge not just about InfoSec but many areas of life professional and personal as well. Many of us are worried about the time it requires from our busy commitments both professionally and personally. But all it requires is a little bit of planning in setting aside some time and then executing it. Importantly, once you realize the impact it will have on the community then I am pretty sure you will make time for it. There are many lessons I learned in the course of the term which was three years.

Dealing with Adversity & Ambiguity

Before Covid struck, we used to conduct 4 offline events every year and this used to benefit the members in multitude of ways: 

  • Staying abreast of the latest in the world of Information Security
  • Networking with the peers and share and learn from experiences
  • Aid in garnering of the CPEs
  • Contributing to the community through Safe and Security Awareness programs

When Covid struck it affected us all, but like any security professional, the goal was to keep the business moving (just FYI we are not-for-profit ). We had to ensure our financials were strong enough to support us through the covid times. As the revenue from attendance fees would no longer be possible, we had to innovate and look for alternate streams of revenue for the chapter. A lot of the hard work from the past and present board members resulted in us getting the sponsors who had noticed the quality content we were bringing in and we rolled out quarterly virtual events. Once the sponsorship poured in, we invested this money in enhancing our capabilities.  

We were using a basic mailing solution provided by the hosting provider and there was no client to check them on the go and the lack of mobility was hurting in collaboration. After evaluating many vendors we migrated to G-Suite, along with it came Drive, Sheets, Docs and Meets. This allowed us to meet frequently (albeit virtually) ideate, document and exchange plans in a structured manner. 

Learnt about newer technologies

As a volunteer, I got to experiment, explore and launch newer tools and technologies in expanding the community. Since we were all virtual, our events needed to be online and we needed a video conferencing solutions.  We experimented with various video conferencing tools like Zoho, Zoom, Google Meets and Microsoft Teams with the capability to record and livestream the events. There were times where we did live troubleshooting with one of the VC vendors’ support team during an event! In fact we supplied a lot of use cases and feature requests which even their team wouldn’t have thought of. 

One thing led to another! Since we had the video recordings, we decided to upload and share all the content from the sessions for anyone to access from anywhere.  We started small and today our Chapter ISC2 Bangalore Youtube Channel has over 250 subscribers. Likewise I got the opportunity to use my creative hat as well. A little bit of engagement on the social platforms allowed us to grow our twitter base to over 300 followers ( a 10x growth in follower base). Not a small feat for a volunteer driven efforts in building the community. This has also allowed other organisations to collaborate with us in expanding their events.

Grow with the Network

We got a chance to interact closely with speakers across the globe and also learn about their perspectives, challenges, tools and the tech they were working on. Many of these folks are very seasoned folks including entrepreneurs, retired military veterans who worked on interesting assignments, distinguished scientists, speakers at various conferences etc

We also did a Security Awareness program for parents and kids in association with IEEE WIE Bangalore section touching upon aspects like staying safe online, cyberbullying, games and ratings. We got to see the perspectives of parents and kids on how they view the online world and how we as security professionals can simplify security for them. 

I also got an opportunity to share my knowledge in the form of a workshop on AWS security for security practitioners working in the areas of governance and compliance. Apart from focusing on the technical security aspects, we did a deep dive on compliance parts, passing audits, looking for artefacts needed for regulatory requirements. A lot of interaction on the groups messaging platform also helped me improve my reading list of books.

Working for a common goal despite differences

I would be lying if I say running a chapter is easy and all smooth, more so with us security professionals who have our own priorities in professional and personal life. There may be different paths towards the same goal and the one I or another person chose becomes just a path rather than right or wrong. Purpose driven meetings and discussions allowed us to focus on the bigger picture without tripping our egos. For some roles like Treasurer it’s a way to explore areas outside infosec and volunteering creates a path to express those desires and interests.

Hope this encourages you to take up volunteering and feel free to drop me a note, if it did.