Security Training
Security Certification
Cyber Security Graduate School
Internet Storm Center
Security Awareness Training
Computer Forensics
Penetration Testing
IT Audit
Software SecurityWhat is a Security Thought Leader
Introduction
Table of Contents
- What is a Security Thought Leader - Updated November 18th, 2009
- Framework for Security Thought Leader Interview - August 26th, 2009
- Lance Spitzner, Securing The Human, founder - Updated November 29th, 2012
- Bill Pfeifer, Juniper Networks - March 4th, 2011
- Chris Pogue, Senior Security Analyst - July 8th, 2010
- John Kanen Flowers - May 26th, 2010
- Kees Leune, Leune Consultancy, LLC - February 13th, 2010
- Joel Yonts, CISO - February 12th, 2010
- Maury Shenk, TMT Advisor, Steptoe & Johnson - January 31st, 2010
- Chris Wysopal, CTO, Veracode - January 27th, 2010
- Amir Ben-Efraim, CEO, Altor Networks - November 25th, 2009
- Ed Hammersla, COO, Trusted Computer Solutions - Updated November 19th, 2009
- Amit Klein, CTO, Trusteer - September 27th, 2009
- An Interview with Ron Gula from Tenable about the role of a vulnerability scanner in protecting sensitive information - Updated August 13th, 2009
- A. N. Ananth, CEO, Prism Microsystems, Inc. - August 7th, 2009
- Jeremiah Grossman, Founder and CTO of WhiteHat Security - Updated April 24th, 2009
- Mike Yaffe, Director of Product Marketing, Core Security Technologies. - April 15th, 2009
- Chris Petersen, Chief Technology Officer, LogRhythm - March 13th, 2009
- John Pirc, IBM, ISS Product Line & Services Executive: Security and Intelligent Network - February 17th, 2009
- Leigh Purdie, InterSect Alliance, co-founder of Snare: Evolution of log analysis - January 28th, 2009
- Bill Worley, Chief Technology Officer, Secure64 Software Corporation - December 9th, 2008
- Doug Brown, former Manager of Security Resources, University of North Carolina at Chapel Hill - October 30th, 2008
- Amrit Williams, Chief Technology Officer, BigFix - June 30th, 2008
- Andrew Hay, Q1 Labs - May 13th, 2008
- Gene Schultz, CTO of High Tower - April 4th, 2008
- Tomasz Kojm, original author of ClamAV - April 3rd, 2008
- Bill Johnson, CEO TDI - April 2nd, 2008
- Gene Kim, Tripwire - March 14th, 2008
- Kevin Kenan, Managing Director, K2 Digital Defense - March 14th, 2008
- Leigh Purdie, InterSect Alliance, co-founder of Snare - March 7th, 2008
- Marty Roesch, Sourcefire CEO and Snort creator - February 26th, 2008
- Dr. Anton Chuvakin, Chief Logging Evangelist with LogLogic - January 28th, 2008
- Kishore Kumar, CEO of Pari Networks - Updated January 28th, 2008
- Interview with Dr. Robert Arn, CTO of Itiva - November 1st, 2007
- Interview with Charles Edge - September 15th, 2007
- Ivan Arce, CTO of Core Security Technologies - Updated May 6th, 2009
- Mike Weider, CTO for Watchfire - Updated July 23rd, 2007
- Interview with authors of The Art of Software Security Assessment - Updated July 9th, 2007
- Ryan Barnett, Director of Application Security Training at Breach Security, Inc. - June 29th, 2007
- Dinis Cruz, Director of Advanced Technology, Ounce Labs - June 11th, 2007
- Brian Chess, Chief Scientist for Fortify Software - June 9th, 2007
- Caleb Sima, CTO for SPI Dynamics - Updated May 29th, 2007
- An Interview with David Hoelzer, author of DAD, a log aggregator - May 1st, 2007
What is a Security Thought Leader
November 18th, 2009
By Stephen Northcutt
The SANS.org Security Thought Leader project began with a simple Google query back in 2007. I had landed on a web page of Cisco' titled: Cisco Federal Security Thought Leadership. I looked at the page and did a double take. It had topics, it had pictures, but it did not have people, well John Stewart was at the very bottom. So, I started wondering, just how does one define "security thought leadership"? I went to Wikipedia and their opening statement is: "Thought leader is a buzzword or article of jargon used to describe a futurist or person who is recognized among their peers and mentors for innovative ideas and demonstrates the confidence to promote or share those ideas as actionable distilled insights (thinklets)."
I do not totally agree with the definition, but since it is Wikipedia, it will evolve. But, key points of thought leadership clearly include:
- Person - things cannot be leaders
- Recognized by their peers, a person is not a thought leader simply because they call themselves that
- Mentors, a thought leader passes their information on to help others
- Temporally relevant, in these days of social media timing is just as important as content, news is being reported by the minute
- Originality, retweeting is important, but it is not enough
- Innovative ideas, the concept of intellectual leadership
- Shares ideas as actionable distilled insights, I was never big on the whole thinklet craze, but actionable makes all the sense in the world to me
How do you become a thought leader? It is not that hard, it is largely a matter of having and sharing informed opinions. Seth Godin in his book Tribes says that once a thousand people are following you on Twitter, Facebook or LinkedIn or a mailing list, you are leading a tribe, which is just another way of saying you are a thought leader. As a suggestion, try to be focused and pick a topic or subject and build your "street creds" around that topic. Ignaz Philipp Semmelweis was a well known doctor, but history will always remember him for instituting hand washing as a part of patient care. Pick the crusade that is right for you!
The Security Thought Leader project is now in its third year. Over the years to come I hope to introduce you to some really great men and women. They will each meet the criteria we have defined ( with Wikipedia's help ) for thought leadership. And I could certainly use your help, what are the chances I know everyone that is a real thought leader for a field the size of information security in a world as vast as ours? ZERO. So, if you know someone special that has made a major contribution to the field, give me an introduction please, stephen@sans.edu.
<< Thought Leader Home
