Richard, it's interesting to note that your career has shifted from "pure" technology to more of a thought leadership role where you can leverage your training and interest in history, political science, etc. I wonder if you ever expected to become such a public figure in the whole debate about China when you first started with infosec?
Your career path is an encouraging example for others to follow. Even though I work in technology, I also have a sociology/political science background and I've been wondering how I can leverage those interests, especially as I get older and cheaper/hungrier techies continue to enter the industry.
Thank you for your comment and question. I will try to answer here.
I did not plan to become a "public" figure, and I don't necessarily consider myself exceptionally "public" now. I just reviewed my TaoSecurity news page to see when I first started speaking at conferences. Before joining Foundstone, I spoke at a few events because I believed too few people were discussing incident detection and traffic analysis. Once I joined Foundstone in April 2002 as a member of Kevin Mandia's incident response team, I became a public speaker out of necessity. Kevin and Foundstone expected consultants to speak, teach, and write, in addition to performing consulting duties. I've stayed in that mindset ever since, although I speak, teach, and write on increasingly diverse topics.
I see the "thought leadership" question in two ways. First, I took deliberate actions to get my thoughts to the world. I wrote my books and post to this blog as a way to capture my thinking on a coherent set of subjects. I hope they are useful to others, but I see these as outlets for self-expression.
The second way I think about "thought leadership" involves my work duties. If you look at my press page you will see a jump in activity in 2011, the year I joined Mandiant. In addition to being CSO, I'm also responsible for speaking with the press, industry analysts, policy makers, and some customers and prospects. I enjoy these opportunities because I realize there are a lot of sources for tools but few for methodologies and operational processes. To the extent I can share my recommendations for how to combat intruders and avoid wasting resources or pursuing dead ends, I consider this second form of thought leadership a success.
Finally, let me address the point about leveraging what are traditionally "non-security" skills or interests, namely history and political science. As I've posted and Tweeted earlier, the world is waking up to the fact that the techies and engineers don't have all the answers. Every time you hear someone say that the answer is to build Internet 2, and "get it right," you're listening to an "engineering first" mindset.
I love engineers (my dad is one, I took plenty of engineering in college, I work with engineers, etc.) but their viewpoint is but one of many. Technical knowledge doesn't give anyone a golden ticket to good policy. If we don't engage people who understand lessons of history and policy, we'll continue to lose when facing advanced intruders.
I would argue that a person who knows technology, security, history, and politics is equipped to be very valuable to an organization trying to build a mature security operation, or that seeks to influence policy. Your interests and skills may not align with your current role, so you may need to keep those strengths in mind when looking for a job better aligned with history and politics.
I think the key is to strive to stay relevant in whatever area interests you. If you like non-technical subjects, you've got to stay current with them and develop your thoughts and analysis on those issues the same as you might with technical topics.
Thank you for your comment. I welcome other comments here or on Twitter.