Wednesday, October 3, 2012

My DerbyCon Talk

First let me say how great DerbyCon was, the content, the people, the staff, everything about it was ideal.  Second let me thank the people who ran it for selecting my talk.  I was surprised and very excited that I got to speak.

My talk was in the small room and against some stiff competition at the 4PM Sat slot and several Chicago land people I know went to Ben0xA's talk instead, which I totally understand.  His talk rocked.  But the room was almost totally full anyway and I think only one person walked out on me which is rather good for a Con, so it worked out fine I think.

I was pretty nervous in the beginning and talking a bit faster than I needed to, something I even say at some point.  I was afraid I would run out of time.  Once I noticed how fast I was going I loosened up a bit and remembered to tell the audience to ask questions which I meant to do in the beginning but forgot.  So they did, and their questions were great!  Several questions reminded me to talk about something that I planed to talk about but forgot like how to say no to people who you have to make sure keep liking you if you want to keep your job.  Seriously the questions improved the talk and I love how smart everyone is at Cons like this.

At the end I got a lot of positive feedback and people wanting to continue the conversation which we did at the hotel bar and it was great.  For my first talk at a large Con I'm putting this down as a success.

I posted the slides at the securityhangout forum, the direct link to the post is

The video can be seen here:

All the video's are here:, I recommend checking out tons of them.

Let me know what you think of the talk and slides.  I'm always looking to learn and to improve.


  1. Hey John, I didn't get a chance to see you in person but watched your talk online. I thought you did a great job! I liked how you used real life examples of what a leader should and should not do. Id love to hear more infosec talks from a leadership/management perspective. Even something as simple as a talk on career progression to land in that role. What steps do infosec guys need to take to get that director or manager job? What certs or books helped the most? Thanks

    1. Thank you so much for your comments. I'm sorry it took me so long to publish it. I'm going to check my notification settings now.

      I don't think certs help you get promoted or land manager level jobs personally.

      I read a stack of management/leadership books about 10 feed high, and almost all of them are worthless imho. The only two I recommend are how to win friends and influence people and crucial conversations.