It’s been another one of those weeks. Well, three weeks actually.
I’m starting to wonder if the defining reality of life as a CISO is having to be all things to all people….
A small sample of what I’ve been doing lately —
- Debugging Java interfaces to vendor’s support portals.
- Having above-noted vendor’s junior folks explain to me how network intrusion works.
- A week later, having the same junior explain to me what is and isn’t available in the interface for a current generation Cisco NIDS. Like I’ve never seen one and wouldn’t understand. I suppressed a deep desire to teach him all about NetRanger.
- Trying to pull myself up out of the mire of tactical issues to spend some time on strategy.
- Delivering Awareness Training (aka “The Woodshed Talk”)
- Status meetings
- Steering meetings
- An incident or two.
- Trying to help some of the process design folks with the idea that Windows XP barfs on paths longer than 255 characters – and honestly, do they really need to have path lengths nested that way?
- Receiving vendor email enticing me to have a look at their product “for all your auditory needs”.
What else? What else should a CISO be doing? Lots actually – quite a bit – and yet, I’m bogged down. I might even have a case of the Mondays. I think my brain is going to explode.
I promised Dave I’d get a posting in. I originally opened this window at 7:40 this morning to start typing. Most recently, I was again typing at 9:40. And as I do the weekly review, I’m still facing more work than I can possibly fit in before I get my geek holiday.
Yes dear readers, I’m already counting the days before Blackhat and DEFCON – the ultimate hacker/geek holiday.
I’m hoping that my batteries will be recharged. I’m hoping that my mind will be stretched. I’m hoping that I’ll have just enough to drink that I feel good but not so much to drink that I turn into a smelly mess. I’m hoping that I won’t dread my weekly task list review because I’ll know that I’m still doing something cool and that I haven’t turned into a part of the corporate machine. I’m hoping that I’ll find some hope.
In reviewing the schedule, there’s quite a few significant learning opportunities, a few “for the hell of it” sessions, and a couple which will provide the raw material for some organizational sea changes.
So – a quick poll – how many of you are going to be sweating in Vegas in August? What’s on your “must see” list? How are you managing your social life this year?
For me, well, I’m going to be one of the sweaty ones. Must see… well… there’s quite a few, pretty much anything that’s policy/social issues related, rfid, or just plain cool. My social life is starting to get interesting (booked for a few parties) but my whereabouts will be best found on twitter – seems that it’ll be the best/easiest way to keep other people aware of where I am and what I’m up to.
[tags]day job, todo, whining, blackhat, defcon, twitter, las vegas, hackers[/tags]
