InfoSec13, BSides London And My Own Road Ahead

As some of you may already know, I’ve been struggling recently. Struggling for a multitude of reasons – my day evening job continues to offer up real-terms pay drops year on year, all my computer hardware has decided to fail at the same time (thats 3 monitors, a netbook and a laptop all in the last 5 weeks or so [which has put paid to all notions of multitasking and review writing for the time being]) and my dreams of doing something, anything, in the security industry have ended in absolute nothingness.

So, for the last few weeks I’ve been standing at my own personal crossroads, wondering what to do.

I love the security industry. I know that may sound like a strange thing to say but I really do. It fascinates me and excites me in a way that I know my dead end job in retail never, ever will. But I also know that I am very much an insider looking in.

So much so that I continue to be amazed when I go to conferences and some of the ‘top names’ in InfoSec not only recognise me but also take the time to even talk to me. Heck, some of you guys even go out of your way to help me (too many of you to mention here but special thanks to Brian Honan is most definitely required).

But despite all these great people stopping to say hi, I’ve still been in something of a quandary lately – do I carry on with this blog, blindly hoping that I will get somewhere with it one day or do I cut my losses and wake up to the fact that I may have wasted several years of my life writing something no-one really cares about?

Thats what I’ve been thinking for the last few months and, to be honest, I have been thinking of deleting Security-FAQs so that I can concentrate on finding new challenges in retail. Heck, any sort of challenge at all will do – I need something to get me out of bed in the morning.

And so, with that mindset I headed off to InfoSec13 and BSides London this week, very much thinking that this was a last gasp attempt to persuade me to carry on writing, for the time being at least.

So how did that go?


Tuesday saw me make the journey to Earls Court for InfoSec13. To be honest I went primarily to meet up with one person who, alas, did not seem to be present so I arrived feeling somewhat miffed after a long and sweaty tube journey. Having been to InfoSec last year I knew what to expect and wasn’t disappointed – there were a lot of stands where the experts had stayed at home and left the marketing guys in charge – you can guess what that implies I’m sure.

There were also the obligatory booth babes present though none of them were that over the top this year (a good thing in my opinion) and they were doing their best to use sex to sell products that, presumably couldn’t stand on their own two feet.

There were some good points though – I met up with a few friends, albeit very briefly in every case, and at least got to say hello to a few faces I recognise from Twitter (Neira Jones just has to tell me the origin of her accent please!).

And then there were the talks.

Most of them were somewhat boring in my opinion. Staff at the stands were busy scanning badges and attendees were equally busy faking interest in order to maybe win a t-shirt, iPad or whatever was on offer in return for being held hostage for a few minutes.

But all was not entirely lost as I found the Sophos stand and this guy –


If you’ve never heard James Lynne talk then you really have missed out. For the two years I’ve been to InfoSec he has, without a shadow of a doubt, been the best speaker there.

Forget the keynotes and whatnot, go and listen to James – he will undoubtedly have issues with his Mac but don’t let that put you off as his enthusiasm knows no bounds and he will have you totally engaged in whatever he has to say.

Plus he said porn isn’t so bad.

So all in all InfoSec13, on the face of it, wasn’t so great but underneath all the marketing BS and badge scanning I found James’ presentations to be a breath of fresh air and a chat with the earlier mentioned Brian Honan gave me some cause for hope.

So far. So good.

BSides London

Wednesday saw me make an almost entirely identical journey to Kensington High St for Bsides London.

I have mixed feelings about attending this event – I get to meet some cool people that I’ve known for a while and attend some great talks. On the other side of the coin I’m acutely aware that my security knowledge is virtually zilch in comparison with what just about everyone else there has. This leaves me feeling very self conscious. And to that the fact that I am a chronic introvert and I know I don’t get as much out of the day as I could.

But, despite this, I still enjoy the day very much.

Because I’ve been so pre-occupied with other things lately I hadn’t taken the time to even check who was talking this year in advance of arriving at Kensington Town Hall. When I got the track listing I quickly looked to see who was speaking first and foremost and what subjects they were covering second.

A few names stood out – I would pay to watch a Stephen Bonner talk for instance – and Javvad Malik whose presentation I would attend, regardless of topic, just because I think he is a great guy.

Fortunately, however, Javvad’s talk was exactly what I needed to hear at this time.

His presentation on personal branding within the security industry and his own journey resonated with me on many different levels. It also had a profound impact on my thinking. He didn’t come up with anything profound perhaps but it was exactly what I needed to hear.

There was a point about half way through his talk where Javvad mentioned that he was only at the beginning of the road to where he wants to go. This drove home the point that I hadn’t actually given much thought to where I was going, let alone how I was going to get there. Heck, I don’t even know where the road begins. But at least I know that now and have plenty to think about.

I need to re-evaluate what I’m doing, why I’m doing it and where I want that to take me. Whether that involves security or not is still questionable in my mind today but at least I feel like I at least have a clue as to what to do tomorrow.


Outside of the talks at BSides there were other conversations I had that have got me thinking in different ways and have injected at least a little fuel into my motivational tank (heres looking at you Peter Stephens) and so I came away from Kensington with at least a little hope for the future if nothing else.

I also picked up some new skills thanks to the guys at LockSport so, if security isn’t for me, then I may just have an alternative change of career in my fingertips –


Just kidding with the lockpicks really, though I did use them to open my own front door when I got home last night 🙂

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.


  1. You’re welcome Lee! I’m glad some of what I said resonated with you. Like Brian says, we need passionate people like you. You know how to get in touch if you ever want to chat.

    • Lee Munson says:

      I’m always a little backward in coming forward when it comes to what I do in the security realm, especially when it comes to connecting with people who I know are as busy as yourself, but its good to know you may be available sometime.

  2. Mark Stockley says:

    Do not give up Lee!

  3. great post Lee and as I said our industry needs passionate people just as much as we need those with tech skills. Happy to help out in any way that I can

    • Lee Munson says:

      Thanks Brian – I really appreciate your time and simply talking to you this week has helped to inspire me once again.

Speak Your Mind