April 3, 2021

Sub Update


Hello everyone,

It has been a little while since we have had a Sub Update.

We are finally wrapping up our AMA Series. Thank you for all the people who participated. Because I am a bit of a dickhead, I did not add all the AMAs to a collection, but you can find a list of all the AMAs on this wiki page. I believe the work we have done here as a community will be vital to assisting a new generation of cybersecurity professionals kick start their career, as well as assist those of us already in the industry on finding our ‘next steps’.

Now, to discuss upcoming improvements. Firstly, I would like to welcome [/u/tweedge](https://www.reddit.com/u/tweedge) to the Mod Team (you have probably seen him in the Mentorship threads, as well as his Cloud Security AMA). [/u/tweedge](https://www.reddit.com/u/tweedge) has been working on a moderation bot for us which helps identify and categorise posts that we would like to perform moderation actions on. Once we have pushed this bot to prod, we will put up an explanatory post about it.

Beyond that, we still need to expand our mod team. We are looking for one mod from the Americas, one mod from EMEA. Additionally, we need another mod who can lead and champion a project at uplifting our Wiki, plus two dedicated contributor assistants. More on this project below.

For anyone looking to apply to a mod position (excl the Wiki mod), [please fill out this Google Forms page](https://forms.gle/sPhRJrd3ner275qS7). Criteria are listed within, but primarily we are looking for some prior community moderation experience (Reddit, proboards forum, discord, IRC, Guild Wars 2 clan, etc). Secondarily we will be looking at your activity in [/r/CyberSecurity](https://www.reddit.com/r/CyberSecurity) or other industry-relevant or adjacent subreddits. Tertiarily we will be looking at your contributions to the cybersecurity community (blog posts, OSS projects). A benefit to your application will be if you have a plan to uplift community engagement within [/r/CyberSecurity](https://www.reddit.com/r/CyberSecurity) that you want to see implemented.

A big problem we have in the CyberSecurity industry (not just reddit) is the tendency to see ‘gatekeeping’. I am sure many of us have experienced it to some extent (as an aside, you know what is a disgrace? Certain posts to the subreddit get 10+ reports just, from as far as I can see, because of their gender). Yes, we want [/r/CyberSecurity](https://www.reddit.com/r/CyberSecurity) to be a subreddit for industry professionals, but certainly we also do a lot to promote people *not* being interested in their industry because ‘the question is too basic’. There are some things that we can do to ensure that [/r/CyberSecurity](https://www.reddit.com/r/CyberSecurity) promotes inclusion and new professionals joining us, while separating all the personal ‘tech support’ questions. Directing people to [/r/CyberSecurity101](https://www.reddit.com/r/CyberSecurity101) or [/r/TechSupport](https://www.reddit.com/r/TechSupport) only does so much (and the 101 community is very small), and while none of us want to see dozens of threads per day of “hey I clicked a link” or “help! hacked!” these people are just going to keep making the same mistakes unless we work together, as a community, to provide answers and educational materials. Who knows, someone who posted one of those threads could end up being a new starter at your company. The next link they click could deploy Ryuk. It is our responsibility as CyberSecurity professionals to help everyone increase their security posture.

Do not worry, we are not going to start allowing personal tech support threads. There are a couple of things we are going to do, however:

· Mentorship Monday will be renamed to “Career and Education Assistance Thread” and moved to being posted monthly. Weekly is too short; you see the same questions being asked again and again. A big reminder will be posted at the top of the threat to “**Search before you post**!”

· Another monthly thread will be posted for “CyberSecurity Tech Support”. Keeping in mind what I said earlier that people posting here might end up working for you company, I encourage everyone to check out this thread once a month or so and see if you can help.

· Both threads will not be stickied… Perhaps they will be linked in a single update post, or on the sidebar, but they will be linked to by AutoMod (or [/u/tweedge](https://www.reddit.com/u/tweedge)’s modbot). If you have any suggestions, please include them in the ‘Feedback’ survey.

· This will only be a test for a few months to see how well it goes. Other options are to bubble up frequently asked questions from /r/cybersecurity101 here, to get a boilerplate answers.

To assist the above threads, we will be expanding our Wiki.

Wiki Project: As mentioned above, we are looking for one mod and two dedicated contributors to champion a project to uplift our wiki. Unfortunately, it has been languishing somewhat for the last few months. Why three people? I am sure anyone who has worked in a SIAM or Process role knows how tedious this can be and we do not want this to be a *job* – this is a volunteer community project, and we need to share the load. Initially we will have a closed team of contributors, but it is my hope that we can utilise GitHub (or similar) in the future to enable the community the ability to suggest changes directly to our Wiki.

The Wiki Project will hopefully be able to provide the answers to the most common questions posted to the Career and Education, and Tech Support threads. Additionally, I hope that it will allow build an educational repo that we can keep referring to in our daily lives as industry professionals, not just for new people looking to join the industry. The people involved in this project need to have the drive to get it done, and an idea or vision of a potential end goal. All applications for the Wiki can be [made on this Google Forms](https://forms.gle/Jyku7wQvZS96Y3zT6). The most capable person will be chosen as the mod to champion the project.

Further Community Engagement Projects: I personally do not just want this subreddit to be a news/link aggregator. But I know I use what I see bubble to the top of [/r/CyberSecurity](https://www.reddit.com/r/CyberSecurity) often to help inform me of upcoming threats. Additionally, if we just removed every news link… I think this subreddit would be dead. I am hoping that the community can present some suggestions on what we could do to ‘spruce up the place’. What would make this subreddit a more interesting place to come to?

Personally, I believe we could benefit from setting up intelligence sharing platform, MISP or something similar. Open to submissions and with data publicly available to all. Setting up a community driven news aggregation capability (anyone else have exec is wanting a ‘cyber news rundown’?).

Just after the new year, we hit 200k Subscribers. Collectively I believe we can drive projects that can help make all our professional lives easier. If you have any suggestions, [please include them in this ‘Feedback’ survey](https://forms.gle/rRRgCKe7tufJfdtj8).

Further Educational Projects: The AMA Series provided a great insight to the breadth of the industry. Security Analysts, GRC Specialists, Research, CISOs, more, all members of the community answering questions from the community. I intend to set up more AMAs in the future, but I want your suggestions on who you want to hear from. Also, your feedback on the AMAs themselves – was a week too long/too short/just, right?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.