Today is the ninth birthday of this notebook.
Following the convention I have established each January, this is a brief reflective post before the year proper begins.
Nine years
The discipline continues. Nine full years of weekly writing have produced something I no longer think about — the question is what to write each week, not whether to write at all.
The cumulative markers as of year-end:
Approximately 400 posts across all categories. The cumulative archive is now substantial enough that I refer to it more often than to most external sources.
A correspondence network of perhaps sixty individuals with whom I exchange email regularly.
A discipline of calibration that has produced, slowly, better forecasting than I had at the start.
A platform for engagement with the field. Conferences, speaking opportunities, professional relationships, occasional consulting requests.
Substantial career progression through 2006 — from Vodafone interim to the Gala Coral CISO role. The cumulative trajectory is varied; the cumulative experience is broader than I had planned.
What is changing this year
The year ahead has specific structural features.
The DDoS book. I have been thinking about a substantive book on DDoS — the DDoS-for-hire trajectory, the extortion against gambling operators, the structural patterns of attack and defence. The intent is a practitioner-targeted book that addresses operational realities of DDoS in 2007. Drafting begins this month; specific publication timing depends on how the writing progresses.
Vista deployment. Vista to volume licensing shipped at the end of November. Specific application-compatibility testing through 2007 informs cumulative deployment planning. The structural impact will be visible across the year.
The continued Gala Coral role. The CISO work continues. Specific structural projects are scheduled; specific subsequent posts will reflect what is professionally appropriate to share.
Continued external engagement. Conferences, peer-CISO correspondence, specific industry coordination. The cumulative external network informs internal decisions.
What is the same
The weekly cadence. The British English. The internal links. The calibrated humility discipline. The willingness to be wrong publicly and explain it.
The quiet enjoyment of starting the year at the keyboard with a fresh notebook page open and a kettle on.
What I want to do this year
Six specific things, marked as predictions to score at year-end:
Continue the weekly cadence. 95%. The discipline is now habit.
Complete and publish the DDoS book. 60%. Substantial sustained effort; specific publication timing uncertain.
Continue the CISO role at Gala Coral productively. 90%. Specific structural projects through 2007; cumulative engagement is productive.
Attend at least four conferences. 80%.
Speak at at least one conference. 70%.
Write a substantial piece on internal segmentation. 55%. I keep promising this; this should be the year.
A small note on operational rhythm
The past several years have been operationally busy. I have been pacing myself for sustained operational work over years rather than for sprints between incidents. The burnout discipline continues to apply.
For anyone reading this who is in the field: take care of yourselves through the year. The work matters; the people doing it matter more.
Truly closing
Nine years on. Eleven years from when I started a Slackware box that became the foundation of all this work. Twelve years out of school.
Thank you for reading. Happy 2007. See you next week.