Learning the Ropes 101 - People Skills

For most of you reading this series you might have seen the first few technical articles then one about reporting, now you're seeing this about people skills. It's got you thinking now hasn't it? Why do I need to talk to people irl? I WANT TO HACK THE PLANET! Alright calm down there dade.

Yes having technical skills are great, and really fun to learn. However, leading on to getting started in information security it is important if you want to actually become a pen-tester or a consultant you're going to need to talk to clients or other humans at some point.

There is a phrase I've heard many a time in the lead up to starting my career: "It's not only what you know but it's who you know". And, this rings very true when it comes to starting out, you could have a top degree, some 1337 skills and/or be pwning things every day of the week. If you can't actually speak to folks you're not going to get too far.

Fear not! There are great ways to gain contacts really easily and effectively. These skills come in two of many flavours, mainly meetups and conferences(there are other ways too but these will be what I talk about here).

Meetups

In security and technology there are a mass multitude of meetups in most cities and you'd be surprised at how not well known these can be. They are usually a great way to meet local like minded individuals from many backgrounds who share the same interests as you. Additionally they may too share the social awkwardness factor, and this adds to the building of your people skills. Nobody is going to judge you for talking to people and if they do well they're only ruining their own potential connections.

An example of great meetups for hackers and security folks alike is local DEF CON and OWASP groups. In Glasgow I run the local DEFCON Chapter DC44141 however there are many other groups if you're not in Glasgow. For DEFCON Chapters you can find a list of all official one on the DEFCON Website or by simply doing a quick google search. Alternatively there are also OWASP meetups in many cities for those of you interested in web application security.
Don't let these two groups be your limit though, there is a vast multitude of other meetups in other cities all it takes is some googling and searching on twitter to find something you might like.

Conferences

Much like meetups, conferences tend to be great for meeting and chatting to like minded folks as well. They have the added benefit usually of having interesting talks at them too related to a topic of interest. As far as security conferences go there are a few key ones to check out both international and UK based. Below is a short list of my favourites, bearing in mind this is not a comprehensive list, there are others available and I would encourage you to seek them out.

UK Conferences

• BSides Manchester
• Steelcon
• BSides London
• BSides Edinburgh
• BSides Belfast
• 44Con
• Securitay

International Conferences

• DEF CON Las Vegas
• Hack In The Box
• Appsec EU
• BSides Athens
• Blackhat USA/Europe

Having given a small list of things to checkout hopefully you'll make the effort and go to a meetup or conference. By doing so you will not
only benefit yourself but you will help grow a great community.
On top of going to conferences as an attendee, look at doing a talk if you
fancy it! Not only can you share a topic you enjoy but you can also increase your people skills by pushing the boat out that little bit
further.

Now you've read up on People Skills you might want to check out the past few Learn the ropes 101 posts I've done:

• Learning The Ropes 101: Writing Beautiful Reports
• Learning The Ropes 101: Learning About Linux
• Learning The Ropes 101: Learning Basic Networking
• Learning The Ropes 101: Introduction

Did you enjoy this? Check out the other #ltr101 posts here or consider buying my book.