Building a community that learns together
When I started Division Zero (Div0), I wanted to build a vibrant cybersecurity community where practitioners could learn from each other and have fun doing so.
From closed group to open sharing
In the first few years, Div0 operated like a closed group, where members took it upon themselves to be subject matter experts—conduct research and share it with the wider community through seminars, writing blog posts, and tutorials. Over time, we realised this approach was not sustainable.
Lowering barriers, opening doors
All members had full-time jobs or their studies to manage and couldn’t dedicate so much time to the community. In addition, we realised we were indirectly preventing practitioners from being part of the community, as many were reluctant to join with such a high level of commitment. So, we restructured the group into an open community group to lower the barrier to entry.
Empowering a self-sustaining eco-system
Now, we have a core team that organises seminars, facilitates conversations, and seeks contributors from the larger ecosystem throughout the industry and academic space.
We no longer put the burden of content creation on ourselves but rather encourage practitioners and enthusiasts in the industry to step up and share and contribute back to the community.
Responsibility to each other
The only strict responsibility we take upon ourselves today is organising at least one meet-up per month. This is deliberate, so that meetups become part of Singapore’s cybersecurity practitioners' routine to regularly exchange know-how and experiences.
It's not just what you know
Many people concentrate on increasing their knowledge or expertise. They may study, sign up for courses and certifications, and keep themselves updated about the latest developments and research. All this is very important.
Knowledge is only powerful when it is applied
But it's not just about knowing things. It's also important to know how to use the things you know into your arsenal of expertise so it can be readily tapped at any time. Only then is your knowledge going to lead to success. You have to examine, investigate, and reflect on every piece of knowledge you gain, not just in cybersecurity but in all matters in life, and incorporate it into your arsenal of expertise so it can be readily tapped at any time. Only then is your knowledge going to lead to success.
Working smarter...
My interpretation of "working smarter" is that we innovate to inspire exponential growth and outcomes, not just work harder and longer hours that could only result in linear progress, or even worse, diminishing returns.
... not working harder
When we faced the issue of Div0 having fewer members who were able to contribute to the closed group, we could have tackled the problem by aggressively recruiting more members under the same model. The likelihood is that we would have found this harder and harder to do. This is my interpretation of "working harder".
Future-proofing your career
By taking a step back and examining if our current model was the best model, we were able to recognise its flaws and formulate a new, better model. Although it was a major restructuring, it was necessary for our efforts to be sustainable and lead to exponential growth rather than diminishing returns.
Stepping back to move forward
To me, it is crucial to "work smart" by deliberately taking a step away from busy work occasionally to examine the overall path and direction, whether by factoring in time on a regular basis to do so or by other means. Only then can we prevent ourselves from working hard in the wrong direction.
Read Emil's case study