The end-of-year notebook closing post. Following the convention I have established each December, a brief reflective post before the calendar year ends.
This is a more substantial closing reflection than the typical end-of-year post. Eleven years of writing approaches; specific subsequent role decisions are being considered; the cumulative trajectory may shift in 2009.
What 2008 produced
The cumulative 2008 trajectory:
- Multiple substantive incidents — Société Générale, mass SQL injection, Kaminsky DNS, MS08-067, Conficker.
- The financial-crisis context across the latter half of the year.
- Infosec Europe 2008 presentation.
- Continued CISO role at Gala Coral.
- Continued cumulative archive growth — approximately 50 posts.
The cumulative 2008 contribution is substantial. Specific events tested defensive infrastructure across multiple dimensions; specific cumulative shifts continued; specific cumulative archive grew.
The eleven-year cumulative state
Approximately 500 posts now across all categories. The cumulative archive has substantial reference value.
The cumulative correspondence network, conference attendance, and reading discipline continue. The professional trajectory has been varied; the cumulative experience is broader than I had planned.
What is changing in 2009
Specific things visible at year-end.
Specific cumulative thinking about an independent practice. I have been thinking about this for some time. The cumulative trajectory — the DDoS book, conference engagement, cumulative practitioner network, specific subsequent opportunities — may make 2009 the year decisions are made.
Continued Conficker trajectory. The current variant will produce further variants; specific cumulative cumulative impact will be visible across 2009.
Continued financial-crisis operational pressure. Specific cumulative cumulative effects on security operations will continue.
Continued cumulative writing discipline. The notebook will continue regardless of role transitions.
A request to readers
If you have been corresponding with me, thank you. The cumulative network continues to be the most rewarding aspect of the discipline.
If you have not, consider doing so. Specific cumulative practitioner conversations matter.
The address is on the page. The signal-to-noise ratio of the inbox is good; I read everything.
What I am doing for Christmas
Nothing dramatic. The infrastructure continues. The honeypot continues capturing useful signal.
The family is gathering for Christmas Day. The notebook is closed for the rest of the week.
Specific cumulative thinking about 2009 — both professional decisions and cumulative cumulative writing direction — will continue across the break.
What 2009 looks like from here
The specific year ahead will include specific subsequent Conficker evolution, specific subsequent crisis-period operational pressure, specific cumulative cumulative subsequent threat-actor activity. Specific cumulative subsequent cumulative defensive infrastructure development will continue.
The notebook will continue. The reading will continue. The community will continue.
Specific subsequent role decisions will be visible across Q1 and Q2 2009. The notebook will document the trajectory.
A small final reflection on the discipline
I keep returning, in these annual reflections, to the same core observation: the consistency is the thing. The cumulative value comes from sustaining the practice across years.
The specific format that has worked for me is one of many possible formats. The discipline is what matters.
Truly closing
Eleven years on. Thirteen years from when I started a Slackware box. Fourteen years out of school. The trajectory continues; specific decisions are emerging; the discipline continues.
Thank you for reading. See you in 2009.
Happy new year.