Security is a tough nut that can’t be cracked by one alone—neither technology nor research, neither corporations nor start-ups, and neither products nor processes. None of these alone can crack the security nut. The most important part of the problem and solution is people! Nothing beats the efforts of few passionate people collaborating for a cause.
Never doubt that a small group of thoughtful, committed, citizens can change the world. Indeed, it is the only thing that ever has.”― Margaret Mead
Users groups began appearing in the mainframe days as a way to share hard earned knowledge and began to proliferate with the microcomputer revolution of the 1970’s and 1980’s. During this time, hobbyists sought to help each other with their homespun wisdom on programming-, configuration-, hardware- and software-related issues. Prior to the penetration of the Internet, these groups gladly provided free technical support and helped users discover the personal computer and aided in the adoption of the PC in a major way.
The emergence and participation of the general public in the use of the Internet and coincidental rise of operating systems like GNU/Linux as well as the open source movement was further intensified by user groups. Such groups found a new place online to discuss these tools via mailing lists, bulletin boards and more. Once run only by researchers and computer geeks, hardware and software was being made popular among the general public through user groups.
Computer user groups are not new. In fact, they were central to the personal computer’s history: Linux User Group HOWTO.
Typical user group activities include technical presentations, informal meetings, knowledge sharing, best practices, and discussions around advocacy, education, business, and socializing. For user groups focused on say a particular operating system, members also collaborate on bug quashing or fixing.
There are several professional security-related user groups such as OWASP and ISC2, as well as hobbyist groups like BSides. Cisco participates in significant ways in several security groups including FIRST and ICASI. In India, NULL is the largest open security community. These groups are having an impact on the threat landscape by contributing various security-related projects, workshops, and tutorials. Advocacy and education are integral to thwarting social engineering techniques and phishing attacks, and support is integral to setting up a secure Wi-Fi for our neighbors or removing malware from Grandpa’s phone.
Whether it’s the microcomputer revolution, the proliferation of alternative operating systems in the personal computer revolution, or securing networks and devices, user groups contribute significantly applying their core set of goals and spirit of collaboration.
Community cannot for long feed on itself; it can only flourish with the coming of others from beyond, their unknown and undiscovered brothers. –Howard Thurman
If there’s a user group in your city embrace, empower and engage it. If there isn’t one, start one. In either case, I’m interested in hearing from you about your user groups and any security-related activities your group engages in.
Thanks and look forward to hearing from you!