At the RSA Conference in San Francisco, I interviewed Andrew Hay (@andrewsmhay), a security blogger and Information Security Analyst at the University Lethbridge in Alberta, Canada. Hay had keynoted the hipper side security conference known as Security B-Sides earlier this week.
One of the issues Hay talked about at B-Sides was that security bloggers were becoming the voice of the security industry, and as a result, they had a responsibility to the industry. Hay said that security blogging first responsibility is to be educating everyone else and helping others understand the challenges of security. Part of that involves engaging others on how to solve security problems collaboratively.
Given that bloggers are not beholden to an editor or a publisher, the security blogging community self-polices each other and happily jump down each other’s back when they make mistakes. Sure they’re in security, but they’re only human, so they do make mistakes.
Lastly, I asked Hay what’s the best way to communicate with a security blogger if they say something for which you don’t agree. He gave the most common, and I believe correct response, and that’s to not air your argument out publicly online. Pick up the phone and have a conversation. Find out what the core of the dispute is. Hay’s seen a lot of anger quelled by a simple phone call.
Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.