It was created 15 years ago because the founder of the Global Incident Analysis Center, (er, uh, that too), but actually the Global Information Assurance Certification, realized that certification is hard and that GIAC would need a lot of help and advice to succeed and grow.
Over the years a number of things have happened. GIAC has grown. It is not the largest body of cybersecurity certifications in terms of credentials awarded; that is either ISC2 or CompTia depending on which reference source you use. GIAC is certainly the most comprehensive body of cybersecurity certifications and it is known for technical rigor, so scoring a 90 or above on one of the exams is a significant achievement.
The mailing list is private, to join members sign a Non-Disclosure Agreement. They help each other in a number of ways. In addition to commentary about SANS and GIAC processes, they share exam practice tests, help with insights to hard problems and even discuss security vendor products.
The list can get quite chatty when an interesting thread comes up, so many of the members use the digest mode, (which has its own issues). However, the members that remain on the list feel that the value is worth the trillions of electrons that laid down their life for the cause.
Through most of its life, the list has been both private and obscure, however in October 2015, it had a "coming out" party of sorts primarily on the LinkedIn social network. That state change led to the creation of this blog post, if you are looking at a profile and wonder: "What is the GIAC Advisory Board", here is the answer.
Linkedin is social media designed for professionals to interact. Many people have an account, but most don't use their account actively. A common use is to find and apply for jobs. Recruiters, including technical recruiters also use Linkedin extensively to find talent. As the original author of MGT 512 and MGT 514, I have moved more away from being a packet ninja
to more of a management speaker. I try to stay in touch with my former students and help them when they need to find a new job, (that is a tough road to hoe when you are a middle aged middle manager). I have found Linkedin is the most effective tool for that task that I have in my toolbox.
One aspect of Linkedin is that it records the state of conversations over years. This provides a potential release from the "Dunbar number", (that you can only maintain about 150 relationships). Over the years, I have found Malcom Gladwell's Tipping Point to be a useful thought model. Brad Hunter explains the Law of the Few as well as I have ever seen it:
"The law of the few is a law about the structure of our social network and how messages are passed through word of mouth. It attempts to classify three important types of people who affect the rapid spread of messages through the network. These three types of people are connectors, mavens, and salesmen."
Word of mouth? Social media has really changed that concept. Word of keyboard? I am trying to collect examples of "perceptors", things that influence or attempt to influence our thinking and beliefs. You can't spend much time on Facebook or Linkedin without seeing something obviously fake like the story of Sgt. Gregory Hayes. I ignore such things on Facebook, I guess that is what it is there for, and unfollow people that post racist untruths on Linkedin. I still remember the first time I met someone that actually believed the photo of President Obama doing the pledge with the wrong hand. The man was convinced, even when I showed him the Snopes writeup. This give me hope that the things we post will help shape a positive, more secure future.
I am going to try to explain how Linkedin can be used, (with a little elbow grease), for each role, (connectors, mavens, and salesmen).
"Connectors are the socialites. They are people with many friends and acquaintances who spend time maintaining these connections. From the network perspective, these are the most central nodes in the social network. Gladwell devised a simple test which allowed him to determine that the number of connections a person has is measured by a power law. This means that connectors are rare in society, but they maintain many more times the number of relationships than the average person does. Because of their ability to spread a message to a huge number of people quickly, connectors are central to understanding how tipping points are reached."
Gladwell asserts connectors can exceed the Dunbar number and maintain over 150 active relationships. Every Thursday, I receive an email with the details of persons that scored over 85 on their GIAC exams and are being invited to the SANS Mentor program, (I created this program 16 years ago to help reduce the SANS Instructor shortage problem).
I look up each name on Linkedin. If they are a 3rd level connection, I use inmail congratulate them on their score and ask them to consider linking to me. If they are a second level connection, (we have at least one 1st level connection in common), I write to a common 1st level connection and ask for an introduction. If they are a 1st level connection I try to write and congratulate. This is very manual and takes about two hours a week, but in 2016, I crossed the 10k 1st connection milestone. They aren't all my Best Friends Forever and I am sure I am linked to a few fictitious persons, but this fuels my efforts to serve the community as a maven.
Mavens are the information gatherers of the social network. They evaluate the messages that come through the network and they pass their evaluations on to others, along with the messages. We can view mavens as regulators of the network because they have the power to control what flows through the network. We trust mavens, and this is especially important because their assessments can often make or break the tipping of an epidemic. Mavens drive many of our social institutions. They are the people who inform the better business bureau, regulate prices, write letters to senators, etc. in order that the rest of us don't have to. Though Gladwell does not argue this explicitly, his description of mavens suggests that mavens can be specialized in areas of expertise and thus many of us may be mavens in our particular areas of interest.
Most people do not use Linkedin actively outside of job searching and recruiting and doing some Facebook style scanning. I try to use my account to share information and ask for information. I have been doing this for years. It has taken a lot of patience but I am finally escaping from the "land of small numbers".
If you have ever blogged, Facebooked, Tweeted etc, you probably notice that you commonly get 30 or maybe even 100 pageviews. That can be disheartening when you think about the hours of research and writing. Fifteen years ago when I was writing books like Network Intrusion Detection, (my co-author Judy Novak was the real reason for the success of that project), ten of thousands of people would read my posts and I was dumb enough to think it would always be that way.
If I write a blogpost on Yogi's training log an average of 18 people will read it. That doesn't bother me, I have to keep this as a record since he is actively in training as a service dog. If I post something on Facebook, I might get two dozen likes. This is what I call the land of small numbers. But Linkedin, for whatever reason, has more firepower. Last year I broke a thousand pageviews, (for a single post), for the first time. Now, with my larger network, it is not uncommon at all for a post or update; "word of keyboard". I try to post useful information, but I am also committed to using my network as a sales and marketing tool.
"Salesmen are what the name implies. They are persuaders who are capable of propagating messages through the force of their character. Thus, regardless of the message content or their expertise in the area, they have a certain ability to sell which helps them move messages which may be of importance to them. This ability to persuade strangers to accept a message is why salesmen are important in tipping epidemics."
There is a section about sales in MGT 512. The point I try to make is that security does not sell itself, so we have to sell it. If we are going to sell then we need to understand the sales cycle. SANS has been kind enough to allow me to chair a conference, (hope to see you at Rocky Mountain 2017 :), each year. This allows me to keep working on these skills. Direct paper mail and email advertising are only so effective, we know, we measure everything. Linkedin word of keyboard lets me reduce my reliance on these tools.
The GIAC Advisory Board is another tool that I am very thankful for. I have asked for help many times and have tried to give help as well. We suggest that new members post their Linkedin URL and hope they will be open to linking with other Advisory Board members. For myself, for all the reasons I have mentioned this is synergistic. For other people, especially those who don't use Linkedin this is a distraction. Two suggestions:
- Turn on digest mode if you haven't. This way, during a "Linkedin flurry", you can easily see which posts you want to look at. SANS really can't filter out Linkedin URLs because some people want to see them.
- Think a bit about the connector, maven, salesperson model. There is no need to be in a hurry to build a Linkedin network, but it is a good idea to do BEFORE you are looking for your next career opportunity.