For those of you who don’t know me, I am Richa Nevatia - artist, bookworm, content enthusiast, dance student and, a non-techie working in a highly technical environment for a tech start-up! So it has been a very exciting learning curve for me, and if you would like to join me in my journey of discovery, keep reading on.
Part 1: Learning about cloud security
I had always been interested in science, but somehow life pulled me into a career in marketing and communications. It was this interest in science that made me look for places that would benefit from this conjunction of passion for STEM and education in marketing. After my stint at CERN, I was even more eager to continue working in spreading STEM disciplines. This is how Kloudle happened. And even better, it was to build Kloudle Academy, a place to engage SREs in SysAdmin and Cloud Security topics. And this needed me to know what I am talking about!
After going through some documents about Kloudle and the industry they operate in, I went on to do some basic Google search about cloud security. Surprise, surprise! In this age of information, I found a hundred thousand resources on cloudsec. Reading through some of the resources meant for beginners, I formed a basic theoretical knowledge base of how cloud security works as a function. It helped me better place the industry we operated in and provided me the much needed context for the job profile. This was an essential step in my learning process. Of course it’s not a completed job yet! It’s a continuous process that will take me years to develop in.
Next, I spoke to a few techies (most of my marketing TG) - SREs, SysAdmins, DevOps, Developers and Engineers. Getting to know them at a professional and human level helped contextualise the different job functions within cloud security- what drives them, what causes them the most frustration, what are their dreams and aspirations, what are their daily job tasks, what would they like to do better or more, and so on.
One of the most important resources when it came to learning about cloud security was the founding team at Kloudle. One of the founders, Riyaz is an ethical hacker. He finds ways to break securities, find vulnerabilities and misconfigurations to maximise any hacking benefits. He is in fact one of the top 10 hackers in the country having done some really cool stuff like hacking into nuclear power plants and hacking into a company’s cctv camera from a boat in the middle of the sea! To counter him we had Akash as the other founder. He is a defender and security specialist. He protects systems, networks and data from people like Riyaz! Firm believer in taking ownership of your projects’ successes and failures. Together they create this beautiful ying-yang of a team to build some really cool stuff in the cloud security world. They have been steadily training me in cloud security business, about the people who build that world, and what value addition I can bring in with Academy.
Let’s not forget the actual SREs and DevOps who I interact with everyday, who write content for Academy. These are the young generation of cloud security specialists who are building the future of the internet world. These guys are afraid of nothing! Their zeal for learning, doing security research and sharing their knowledge and gained experience is a wonder that happens everyday, day after day! For me to be surrounded by such a team, learning something new every day is fortunate beyond my wildest dreams.
Part 2: Tech culture in cloud
I learnt a lot of interesting things about the tech culture through various aspects- online communities, in-person interviews, office and team cultures and so on.
Most techies are very passionate about the work they do. I am not talking about the run-of-the-mill software engineers, but of SysAdmins, DevSecOps and Cloud Security specialists. These are people that chose what they work in. The lack of formal educational programmes in these fields combined with the technical expertise they have speaks to the passion that they have found in the security industry
Self learning is a huge part of their professional lives. These are people who go online, learn from forums and communities on how to set up servers, build networks and secure them. They will get their hands dirty to understand concepts from the basics and are very self-reliant.
VUCA(Volatility, Uncertainty, Complexity, Ambiguity) perfectly describes the world security sits in, and the techies know very well how to adapt in these scenarios. Security is constantly changing. Since 2016, more than 4000 ransomware attacks have been taking place daily according to a 2020 report by the FBI! This keeps the techies on their toes, learning about the latest patterns and theories in hacking and finding ways to prevent them from affecting their systems.
They want to give back to the communities they learnt from. Techies want to share their experiences and knowledge to build back the community even stronger. This is creating a pyramid of learning and development in the field of security which will ultimately bridge the gap between the lack of qualified personnel and the demands for security technicians and consultants.
human level, they are perfectionists. They would never want to deploy things without making sure that the server or network or platform is secure and will keep functioning that way. They have learnings from past failures to fall back on, and they know the cost of imperfection is too high in terms of ransomware attacks, hostage taking of data reserves, and system lock-outs by malicious hackers.
Part 3: Marketing to techies
Part 4: Communities that have been helpful to me