Go Far Together: Building Your Squad

all right hello hello good afternoon uh we have a wonderful presentation uh we're going to talk we're going to have Terry o'daniels talking about going far together and how to build your squad I'll hand it on over and let's give a quick Round of Applause

hey everyone if I can just fight through this crowd for a second to see you all oh there you are okay good um welcome to the approaching the end of b-sides thank you all for showing up and I hope we have a little fun so my name is Terry O'Daniel and today I'm going to be talking about building your squad picture this you're defending your company's critical infrastructure from a Cyber attack you're feeling overwhelmed and alone the clock is ticking the stakes are high and the pressure is immense you're working tirelessly but you feel like you're in this battle alone and you're starting to feel despair sound familiar or how about this you're trying to get to the next level

in your career or maybe you're dealing with an unexpected setback like a layoff you've been updating your resume and you've been watching Interview videos on LinkedIn and YouTube but you can't seem to make it past the first round of interviews at any job you apply hmm well what if I told you there's a powerful tool to help you overcome these kinds of obstacles it's not a fancy technology or a secret hack but rather it's just the power of other people just like in any great adventure having a team of trusted peers by your side can make the difference So today we're going to explore how to build your squad and why it can be a

game changer in your journey so let's start with the preface of this entire talk if you want to go fast go alone if you want to go far go together so let's start with talking about the power of peers here's a quick overview of the four areas we're going to discuss today okay let's dive into the first aspect of building your squad finding common cause just like in any Mission a strong sense of shared purpose helps bring a squad together it binds its members to a common purpose and in the cyber security field that means finding peers who shame share similar goals who appreciate the same challenges or even who have common interests it could be a group of like-minded

Professionals in the company you work at now it could be a local cyber security Meetup or it can be an online community or even a gathering of cyber Security Professionals in one place like b-sides find those people join forces with them and support each other in having common goals let's talk about the power of transparency in cyber security knowledge is power and that includes knowledge about pay and promotions did you know that the gender pay Gap in the cyber security industry is a well-documented issue I sure did according to a study by the center for cyber safety and education women in cyber security on average earn 17 percent less than men it's time to change that

by being transparent about your pay and the promotion process you're going through within your squad you can advocate for fair and Equitable treatments around compensation and promotion and you can promote diversity and inclusion within the field so let's talk about the importance of mentoring and sponsorship within your squad mentoring is a powerful tool for professional growth and sponsorship can open doors to new opportunities in fact research shows that employees who have mentors are more likely to be promoted earn higher salaries and have greater job satisfaction to seek out mentors and find sponsors within your squad but also be willing to mentor and sponsor others let's lift each other up and help each other thrive in our careers

last we'll talk a little bit about resilience cyber security is a dynamic field with its fair share of challenges and it has setbacks and even failures but it's how we bounce back that matters and your squad can be a source of strength during tough times lean on each other for support share your Lessons Learned and celebrate your successes together by building a resilient Squad you can weather the storms of cyber security and your career and you can come out stronger on the other side so let's start by talking about the importance of collaboration and knowledge sharing within your squad staying up to date on the latest threats challenges and Technologies is a key part of our field but we can't do it

alone your squad can be a valuable source of collective intelligence share your knowledge experience as an Insight with your peers and learn from them collaboration not only strengthens your skills but also also Fosters Innovation and creativity leading to better outcomes in your cyber security efforts in fact research shows that those who are collaborating are five times more likely to perform at higher levels let's discuss the power of networking and building those meaningful relationships within your squad cyber security is obviously a very rapidly evolving field and it's not just about what you know but who you know building a professional network of trusted peers can provide you with opportunities for career advancement it can give you industry insights and it

can even give you job referrals for your next role so attend those industry events join professional organizations and actively engage but bring your squad along network with intention and build meaningful connections that can help you succeed in your cyber security career so let's talk about diversity inclusion in your squad cyber security I firmly believe is a field that benefits greatly from diverse perspectives backgrounds and experiences think about the last time you did a risk analysis look around the room if everyone looked like you during that analysis do you really have the right perspectives Studies have shown that diverse teams are more Innovative resilient and effective at problem solving so Embrace diversity within your squad and actively

seek out diverse voices and participants for your squad find those New Perspectives and Foster an inclusive environment where everyone feels welcome if you build an environment of respect and you make sure that everyone has a voice and can be heard within your squad you're building an inclusive environment and you promote fairness inequality within your squad but you're also promoting the overall performance and success of the team finally let's talk about the importance of continuous Learning and Development cyber security is a field that always requires us to learn and grow and build those skills due to its Dynamic nature so I encourage you to stay curious seek out learning opportunities and encourage your squad members to do the same

whether it's attending a training program obtaining a certification or participating in Industry conferences invest in your professional growth and Inspire your squad to do the same by sharing that continuous learning with your squad you can stay ahead even in a fast based security field like cyber security so 72 percent of employees surveyed believe that their peers are the best source for Learning and diversity or excuse me for Learning and Development and yet so frequently we go to our managers for Learning and Development opportunities let's talk about transparency in the cyber security industry and especially when it comes to pay and promotion transparency is a key component of building Trust and fostering a healthy environment in cyber security it's crucial to have

open and honest communication but about not just technical elements but also around pay promotions and career opportunities discussing salaries openly sharing information about the promotion process and advocating for fair compensation can help break down inequalities and promote fairness transparency also promotes accountability and encourages organizations to prioritize diversity equity and inclusion so let's work together to create that culture of transparency within our Squad and then take those Lessons Learned back to our place of business

and how the squad can help with that in cyber security it's important to stand up for yourself and for your peers it's important to take defensible positions and Advocate and argue for a position you strongly believe in don't be afraid to negotiate in the same way for fair pay promotions that are Equitable and other career opportunities advocate for yourself and for others in your squad who may be facing challenges workshop with them how you approach that situation maybe they can learn from it by collectively advocating for fair treatment and helping others see how you do that we can all create a more inclusive and Equitable environment in this industry remember you're not alone on this

journey but by supporting each other we can go far together and in fact supporting each other through challenges is one of the key benefits of this squad there's a vast importance to mentorship and sponsorship in building your career but you can find those opportunities within your squad as well mentorship can pay a pivotal role in professional developments by providing guidance insights and opportunities for growth but seek out mentors within your squad who can provide that same advice and support and create opportunities mentorship mentorship and sponsorship can help level the playing field and create a more inclusive industry in cyber security where everyone has equal access to growth and advancement but it starts by working on that muscle with

your squad finally let's talk about resilience and supporting each other through challenging times the cyber security field can be demanding and it can be stressful so it's essential to create a supportive environment within your squad be there for your peers during challenging times offer them a helping hand and provide them emotional support building a resilient and supportive Squad can help you overcome obstacles navigate through setbacks in your career and thrive in your career overall remember we're all in this together but by supporting each other we can build a strong and resilient cyber security community

studies show that groups that have a peer support group to fall back on feel 40 percent less stress and likelihood of burnout that's huge so let's talk about what you can do with some of the tips I've given you here in this final section of the talk we're going to talk about actions you can take to build that Squad and ways you can bring those learnings back to the larger industry it's time to empower yourself by creating a network of like-minded professionals who can support each other by collaborating and leveraging the power of collective effort we can achieve remarkable things so let's dive into some practical steps for how to build your squad and go far

together the first step in building your squad is to identify common goals and interests why is this group of people coll collecting together so look for those peers who share similar Passions similar mindset career aspers aspirations ways of working different ways of working or core values you can connect through professional organizations online forums industry events conferences and even within your current company so collaborate on projects together share knowledge and expertise and support each other's growth together we're stronger so by aligning with those like-minded professionals you amplify your impact in the industry and you're amplifying your ability to find success within your career the second step is to create that culture of inclusivity and collaboration within your squad no one's going to

create it for you so the onus is on each member of the squad to create this actively Foster an environment where everyone's voice is heard and respected regardless of their experience level or background find ways to ensure that everyone's voice everyone has an opportunity to speak not everyone is an extrovert sometimes you'll have to create structures to make time for people to be heard you can encourage open discussion feedback one-on-one sessions and brainstorming sessions but by diversity by embracing that diversity of thought and promoting those inclusive practices actively you create an environment where everyone feels that their career is valued equally and everyone has an increased chance of success in those careers the third step

is to support each other's professional growth and development directly so share those resources that have helped you recommend relevant training and certification programs that work steer people away from the ones that are bad provide each other with feedback provide each other with guidance celebrate each other's successes provide constructive feedback on how to improve create those opportunities for mentorship either directly within your squad or indirectly find sponsors and align them with your squad mates and ultimately collaborate and support each other's growth in an active way we can collectively Elevate our profession and we can collectively make a positive impact on the industry through these small steps so let's review building your squad in cyber security is

not just nice to have it's a must-have for success in this challenging field as we've discussed creating small cadres of peers who support each other can help you navigate your career increase transparency and overcome challenging times so I encourage each and every one of you to take this action today reach out to your colleagues form your squad and embark on this journey well folks that's a wrap we've covered a lot of ground today from the importance of building your squad to strategies for success now let's recap what we've learned in hopefully a fun and memorable way first of all we're all in this together it's like being in the Avengers except we have firewalls instead of capes

by building your own Squad of like-minded professionals you can collaborate support each other and make a real difference in the industry your squad is not just about saving the world from cyber threats it's also about having a support system that understands your cyber security jokes and shares your love for Star Wars references plus having a crew to commiserate with when that late night patching goes awry is invaluable so here's the bottom line don't go solo in cyber security find your squad Foster a culture of collaboration and inclusivity and support each other's growth together we can raise the bar in our industry and make our Mark as cyber security superheroes I challenge each of you to take action

today connect with your peers start building your squad and take some of these concrete steps let's make this industry better and stronger we can do it together thanks for coming with me on this journey and remember with the right Squad by your side you can conquer any challenge that comes in your way thank you so much [Applause] amazing thank you Terry do we have any questions we have some time

do you have any uh anecdotal Lessons Learned or just you know stories from in the trenches thanks for asking um I don't remember if we're under Chatham House Rules here or not so I'll slightly anonymize them I think one of the biggest challenges I've had is there's a there's a real motion currently within the cyber community towards sharing the mic and I am incredibly supportive to bring to share the mic with those who are have been underserved who haven't had a voice within the cyber community but I'd also like to see people get paid and one of the things that I've actively involved with is making sure that people who are more Junior in our industry have

the exposure to those of us who've been around a little longer around what they should be asking for how they should be negotiating and and what are the sometimes the differences from industry to Industry how do you negotiate in this industry maybe we talk about total comp and then this industry base and bonus are more important I think that is absolutely Far and Away something I would love for all of us to really lean in find the most Junior person you can invoke the cone of silence and tell them about your own Journey so that they can understand what they should be expecting in their own career

I guess uh when I saw your talks abstract I thought it was more about like assembling a team for a purpose and it seemed to be related to like MIT card counting at least the uh you know illusion in the in the title but in terms of assembling a squad for a purpose uh how do you know you have the right members how do you know you need to recruit more and where to recruit I think this is for a purpose right I do think we you know it's a bit like collective bargaining right you're putting together effort for a common goal even though your own you're only trying to help yourself you understand the value of bringing those people

together for that that Collective action so I think I call out two things briefly one is there is a um there's a high likelihood that you will start your squad in a least diverse way right because you're most likely to start with people that you're most familiar with and studies show that people were most familiar with have the highest degree of commonality with us we went to the same University we grew up together we probably morphologically look the same so I think it's okay to start there but if you continue down that path you're not doing yourself any favors so I think you have to build in active growth checks whereby you might say okay the three of us that's good

enough but you know what if we add a fourth person it can't be another white guy right so I think that's that's one way to approach it and to have uh growth checks I think another way is by bringing in people to share their perspective because you never know in the course of those conversations you may find an ally and they may become a member of your squad whether it's for a common purpose at an organization or for a common purpose like this uh yeah I also don't mean to sound argumentative but my question was also regarding Dei you mentioned uh that you possibly don't want to hire people who might you know look like you in order to

get a diversity of ideas right um how important is it to really test people not just on that um inherent trait of appearance or race or you know sexual orientation Etc but on their ideas within the interview process yeah that's a great question and I to be clear I don't think I said that we shouldn't hire people to look like us I I suggested that when you're building your squad at a certain point you need to make sure that you're looking outside the closeness Circle that you're used to and you're comfortable with to that point though I do think there's a huge um there's a diversity of thought um I I am a disabled neurodiverse single

dad there are several elements of diversity there uh I do think however there are morphological elements that if I look around a room and everyone's a man I think there's a problem because 50 of our world is women so I do think there are some morphological elements that we we should look at and we should ask ourselves hey that's an awfully white room or gosh why is it all men in that room and I think those are perfectly okay ways to start because visually we get a read on a group based on some of those morphological traits so it comes down to say life experience that's de facto coupled to who you are right is

what you're saying yeah I would say it doesn't I would say there's a strong correlation but it doesn't have to be causation is someone who was raised in an inner city environment necessarily also from a economically disadvantaged home not necessarily but there's a correlation appreciate it thank you I guess one more follow-up is well okay let's pretend we're doing a startup if I if I just hire engineers and I can have a diverse sense of Engineers but if we're not reaching beyond the engineering mindset where like we we have to have sales we have to have uh you know marketing folks we could have to get out of that comfort zone as well so you get a diversity of perspectives

from other disciplines as well right so um this is sort of like back to the crack team thing I'm thinking like do we need a guy who can do safes do we need a new guy who can like do uh hacking blah blah but I think Purity I think there's there's enough diversity of approach uh for example I have used uh the the rigor with which GRC people approach a problem space I have sometimes asked them to come help out our vulnerability Management program right because GRC does a great job of sort of taking a huge unexplainable problem and turning it into a framework and then we've got a list of 20 things we're going to do right whereas as we

know vulnerability can be something that we just we feel like it just grinds on never ends so I do think there's it's important I don't know that we need to bring in sales people and marketing people yet but I do think even within cyber security there are difference in approaches and differences in values even right do we care about speed or quality more depends on who you ask it will be our last one yeah to that point I guess you know maybe I was expecting something a little bit different but you know what I think about my squad at least within my organization it's my head of legal my head of quality and compliance it's

folks outside of security who are natural allies in the challenges that we have to address um what's been your experience you know bringing in people from outside the industry into that Squad that's a good question actually I um I've worked with this this is from personal experience I've used this a few times and I do have squads where uh some folks most people tend to have a general background in technology and they understand how like the modern tech stack Works they may not be Hands-On but we can have a conversation right like if I say Docker they know what I'm talking about right that's that tends to be my self-selection criteria but within that certainly we've had people who have

worked more in the VC space and they can help us understand how the money people are going to react to the things we're talking about or the things we're building I've worked with people who have gone from working in the cyber security profession as an operator to becoming a a product person within a cyber security uh tools vendor and yeah so I I do think those are related areas that we're talking about but with different perspectives advice that I had earlier on in my career was essentially you know as you're you're socializing and you're building these networks within your organization you want to try to reach a level higher rather than at the peer level

um Can the same thing be applied to squads that is a really good and really tough question and we may not have time to answer it I would say um squads tend to have a natural life cycle but you probably want to push them to end sooner and we talked a little earlier about having to be intentional about like what are we going to do over the next two months four months three years Etc you may want to Define um like what is the life of this fund what is the life of this squad and that way it there's there's less of a sense that this is just something that is going to persist forever but rather it

is a temporary thing that we're all using for value and I think it builds a little more commitment because people realize that I can only take advantage of this for so long wonderful thank you that was me another round of applause please thank you