March 4, 2010

RSA 2010: What responsibility do security bloggers have to the industry?

David SparkAt the RSA Conference in San Francisco, I interviewed Andrew Hay (@andrewsmhay), a security blogger and Information Security Analyst at the University Lethbridge in Alberta, Canada. Hay had keynoted the hipper side security conference known as Security B-Sides earlier this week.

One of the issues Hay talked about at B-Sides was that security bloggers were becoming the voice of the security industry, and as a result, they had a responsibility to the industry. Hay said that security blogging first responsibility is to be educating everyone else and helping others understand the challenges of security. Part of that involves engaging others on how to solve security problems collaboratively.

Given that bloggers are not beholden to an editor or a publisher, the security blogging community self-polices each other and happily jump down each other’s back when they make mistakes. Sure they’re in security, but they’re only human, so they do make mistakes.

Lastly, I asked Hay what’s the best way to communicate with a security blogger if they say something for which you don’t agree. He gave the most common, and I believe correct response, and that’s to not air your argument out publicly online. Pick up the phone and have a conversation. Find out what the core of the dispute is. Hay’s seen a lot of anger quelled by a simple phone call.

Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.David Spark, a partner in, helps businesses grow by developing thought leadership through storytelling and covering live events. Contact David by email, follow him on Twitter and Google Plus or leave a comment below.

Related Posts Plugin for WordPress, Blogger...

Comments are closed.