Thursday, April 28, 2011

Guest Post: Brandon Tansey "SOURCE Boston & Mentors"

Today, our guest blogger is Brandon Tansey. He is a networking student and is active in the Boston Information Security community. Here is Brandon's post with his thoughts after attending SOURCE Boston.

I'm one of the folks that was lucky enough to make it out to SOURCE Boston this year, and I'm incredibly glad I did. There was a great selection of talks as well as hallway conversations, but there were a few sessions and conversations that stood out to me. The InfoSecMentors Panel and the following social were definitely among them.

The panel was primarily geared towards the mentors, however I found it quite interesting to listen to as a mentee. I feel that working with a mentor shouldn't be a one way street; the mentor should definitely be getting something out the relationship as well! Sitting in on the panel definitely gave me some insights to how mentors (at least the ones on the panel) view working with a mentee and the concerns they had. The panelists often had some differing opinions, however for the most part I didn't hear anything too unexpected. There was one answer that they all shared which shocked me, however: unresponsive mentees. The panelists were three people who are highly regarded when it comes to what they do professionally. There was Chris Gates(@carnal0wnage, Pentester at Rapid7), Andy Ellis(@csoandy, CSO at Akamai), and Allison Miller (@selenakyle, formerly a fraud specialist at Paypal). I was incredibly surprised to hear that even these three were having trouble with mentees not putting in the time. I found this to be a good problem as far as problems go, however. The fact that the program has mentors interested in more active mentees is great!

To backtrack for just a moment, my name is Brandon Tansey(@BrandonTansey) and I'm a sophomore Networking major at the Wentworth Institute of Technology in Boston. I'm enjoying my time at school and it has given me a desire to explore the InfoSec field beyond what the major offers. It's because of this that I began following quite a few of the SecurityFocus mailing lists early fall semester. I came across an email with the subject of "University Plan" on the PenTest list, and that was where my incredible mentor/mentee experience began.

As I was reading the discussion I saw something familiar. One of the people giving advice happened to have been describing the time he spent at Wentworth! I decided to email this mysterious Dan Crowley (@dan_crowley) and ask him a few questions about the school and the security field. After all, who could be better to ask than someone who started exactly where I was and happened to be exactly where I wanted to go? I found out that the answer to that is no one. The first time we spoke, I got the impression that he was even more excited about the hacklab setup my roommate and I have than we were. Within a week Dan started speaking (and would continue to do so weekly) at a club I help run on campus for technology enthusiasts. We'd also head back to my apartment afterwards with a few other classmates who really had an interest in exploring security.

Dan is, of course, incredibly talented when it comes to the technical side of things. What stood out to me, however, was the passion he had for both what he did and helping others learn what he knew. This passion is what immediately came to mind when Marisa Fagan(@dewzi) of the InfoSecMentors Project asked me if there was anything that I had from my work with Dan that I could share. Our discussion covered quite a few topics and some practical tips (which I'll get to in later), but I think the main point I was trying to make was how important that passion is.

I was certainly excited about security by the time I came across Dan (It definitely takes some level of interest to read through all of those SecurityFocus threads!). The passion I have now is on an entirely different order of magnitude, however. I'm also miles ahead of where I was in a technical regard, however I undoubtedly feel the biggest gain I've had has been in my interest of the subject. Without that I never would have done everything I've done on my own. I never would have been able to read the billions (give or take a few) of pages of security texts. I feel it's like the old "give a man a fish" proverb. A mentor can suggest a few vulnerabilities to look for or tools to use and call it a day, or they can help nurture the desire of the mentee to explore for themselves and keep learning between mentoring sessions. One of these will do much more for a mentee when he/she parts ways with the mentor, and I feel that's a large part of what the relationship is about: putting the mentee in a better position to help him or herself grow.

You can find Brandon Tansey on his new blog at The Wormhole, on his Twitter feed, or on LinkedIn.

No comments:

Post a Comment