Today is the tenth birthday of this notebook.
A decade of weekly writing. The cumulative archive is now substantial enough that I find myself referring to specific older posts more often than I refer to most external sources. The discipline that I started in 1998 to force myself to finish thoughts has, ten years on, produced something I had not anticipated.
This is going to be a longer reflective post than the typical year-opening because the ten-year mark warrants careful treatment.
Ten years of cumulative observation
Ten years now of weekly writing. The cumulative markers as of the ten-year mark:
Approximately 450 posts across all categories.
Approximately 90 conferences attended across the years.
Approximately 2500 hours of focused reading across the years.
A correspondence network of perhaps 65 individuals with whom I exchange email regularly, plus many more with whom I have had specific exchanges.
A calibration archive of approximately 100 specific predictions across the years.
A book, Evolution of DDoS, shipped in late 2007.
Substantial career progression through the decade — DEC technical work, the Laverock Von Shultz / gaming-operator role, RBGE consulting, Vodafone interim, Gala Coral CISO. The cumulative trajectory has been varied.
What ten years has taught
Three structural observations from sustained cumulative observation.
The threat landscape evolves predictably across multi-year windows. Specific incidents are unpredictable; the structural conditions that produce specific incidents are predictable. Ten years of cumulative observation reveals patterns that single-year observation cannot — the gradual professionalisation of threat actors, the maturation of commercial-cybercrime infrastructure, the periodic category-shifts (web-application worms, peer-to-peer botnets, mobile platforms, politically-motivated attacks).
The defensive trajectory is positive but slow. Specific defensive disciplines compound across years. The cumulative effect at mature operators is meaningful; the cumulative differential between mature and immature operators continues to widen. The structural improvements (Trustworthy Computing, browser-engine diversity, hardware-virtualisation security, mature filtering infrastructure) deliver measurably better outcomes — across years, not across months.
The cumulative compounding of sustained discipline matters. Specific weekly investment in writing, reading, conference engagement, and operational practice produces cumulative outcomes that single-year discipline cannot. The cumulative archive supports specific subsequent work in ways that ad-hoc effort cannot.
These observations are not novel — but they are visible only across ten-year windows. The cumulative experience produces structural understanding that bounded-window experience cannot.
What is changing this year
Three things visible at the start of 2008.
Continued CISO role at Gala Coral. The cumulative engagement is productive; specific structural projects through 2008 are scheduled.
Continued reception of the DDoS book. Specific reader feedback through the next several months will inform potential follow-up writing.
Continued external engagement. Specific Infosec Europe opportunity appears confirmed for April; specific subsequent conference work continues.
The trajectory continues. Specific events will inform specific writing; the cumulative archive grows.
What is the same
The weekly cadence. The British English. The internal links. The calibrated humility discipline. The willingness to be wrong publicly and explain it.
The quiet enjoyment of starting the year at the keyboard with a fresh notebook page open and a kettle on. The discipline that has, after ten years, become something deeper than habit.
What I want to do this year
Five specific things, marked as predictions to score at year-end:
Continue the weekly cadence. 95%. The discipline is now part of how I think.
Continue the CISO role at Gala Coral productively. 85%. Specific structural projects through the year.
Speak at Infosec Europe. 85%. The opportunity is emerging.
Attend at least four conferences. 80%.
Specific follow-up book or substantial extended writing. 55%. Cumulative reception of Evolution of DDoS will inform.
A reflection on ten years
When I started in 1998 I did not expect to still be writing every week in 2008. The original purpose has been served many times over; the cumulative emergent purposes have been added; the cumulative effect on my own thinking and on my own career has exceeded what I had any reason to expect.
For practitioners considering similar discipline: ten years is a meaningful milestone but not a unique one. The cumulative trajectory continues regardless of specific milestones; the discipline produces value across multiple time horizons.
The specific format that has worked for me — weekly, technical, British English, calibrated, internally linked — is one of many possible formats. The discipline is what matters; the form follows the practitioner.
A request to readers
If you have been corresponding with me — across any portion of the past decade — thank you. The conversations are the most rewarding aspect of the discipline.
If you have been reading without corresponding, consider corresponding. The cumulative network is substantial; new entrants continue to add value.
The address is on the page. The signal-to-noise ratio of the inbox is good; I read everything that arrives.
Truly closing
Ten years on. Twelve years from when I started a Slackware box that became the foundation of all this work. Thirteen years out of school. The trajectory continues; the discipline continues; the community continues.
Thank you for reading. Happy 2008. See you next week.