From retail to #infosec17

Much has already been written about my journey from retail to information security, and much more will be said in the future, of that I have no doubt (I’m looking forward to visiting Dublin again, already).

But still, I am quite amazed myself at this wondrous adventure on which I have embarked.

Just 20 months ago, I was working awful hours, asking a team of people to fill up shelves something like this one:

But then, of course, things changed and that job and this blog gave way to something far, far better; I found myself with a full-time career in information security, working with the sole founder of Host Unknown, Javvad Langford (he’s the good looking one on the right):

Nice, eh?

Well, yes, of course it is. But who wants to be comfortable and settled in what they do?

I do!

But how boring would that be?

And so, last year I picked my comfort zone up, gazed at it longingly and threw it out of the window before agreeing to join the rookie track at BSidesLondon to give a talk.

Ok, so I didn’t sleep well for a few weeks before the talk, but it didn’t kill me and so I soldiered on, thinking about all the other things I couldn’t do, getting annoyed that I felt that way, and feeling determined to do something about it, safe in the knowledge that no-one else was going to ask me to do any scary stuff any time soon.

Roll on this year and someone scary did ask me to do something (yeah, I know, but I’m tired and she know’s I’m joking), namely in the form of a podcast which you can listen to here:

.oO(I need some more pro photos… I actually look quite presentable there)

And there you go, job done. Or so I thought.

Time to get comfortable again, nothing else to freak me out this calendar year.



Barely a couple of weeks had passed when Eleanor Dallaway asked me if I could do a panel at InfoSecurity Europe.

I mean, what the heck? Really? You think I like doing this stuff?

Blimey… talk about putting the mockers on what should have been three great days out of the office, I now had something to fret about.

And, what’s more, I didn’t even find out who I was on the panel with until I got what I thought was a random LinkedIn request from one of them about an hour before we all went on… live tv.


Ho-hum, I think I got away without looking like a rabbit caught in the headlights. In fact, the feedback I got from those whose opinion of me means something was… [REDACTED].

In all honesty, though, I’m very, very grateful to Eleanor for giving me the opportunity – I did actually enjoy the experience and I know it will come in useful in the future.

And now I get to breathe out, only I don’t, because I’ve agreed to do some double-teaming with Thom (does that sound wrong?) and at least one of my colleagues is championing me to fly out to India to merely attend a conference (just as well I ain’t scared of flying, eh? OH SHIT!)

But anyway, is there a point to this ramble?

Of course there is and it is this: I’ve had to work bloody hard to get to where I am now but that wasn’t the end of the journey, it’s only the beginning.

If you want to get anywhere in life, be that professionally, or in other areas, you have to put yourself out there, you have to leave your comfort zone, you have to face your fears head on and, more than anything else, if you never give up, nothing is impossible.


Thanks to William Lau for the use of 2 photos.

Beer, Swag and #InfoSec16

On what was meant to be a boring school day, I found myself visiting InfoSec16 with my Dad, or boss? Well that’s what my badge made out. I was now my Dad’s employee at SecurityFaqs and a security researcher apparently. The only bad thing about that was I now had a contractual obligation to go […]


Summer is here and that means it’s time to vote for your InfoSec heroes

Yes folks, it’s that time of year again – various infosec awards are being prepared and a few select people will be walking home with shiny new trophies over the coming months. How do you win one, I hear you say. Good question I reply. As things stand, there are two such events open for nominations […]


Cloud Security Expo 2016 – ‘the big con’

This Tuesday and Wednesday, my work colleagues and I attended the Cloud Security Expo at the Excel Centre, London. As ever, our main intention was to sit in on some of the great talks on offer while also making the most of the networking opportunities. Unfortunately, and this is a failing of the venue, many […]


Chocolate, teddy bears and pens – my experience of RANT Reloaded

Yesterday, I and a few of my work colleagues met up in London for a conference I had mixed feelings about – RANT Reloaded. Why mixed feelings? Because I’ve been to these events before and the first two were very good (read about them here and here) but last year’s sucked. Big time. But, hey, Simon and […]