In any field related to intelligence and security it is critical to stay abreast with external news and developments. But, your time is a zero-sum game and all security and intelligence analysts must balance their time “reading the news” (consuming news from others) with “creating the news” (generating new intelligence and insight for others) – this is how I view my work time strategically. Building tools and techniques to more efficiently “read the news” allows you to spend more time “creating the news.” So it is no surprise that I get asked regularly what I do to stay connected with the world and the community. Here is my answer, for my particular situation and need. Mileage will vary.
For me, the key is to take advantage of curated news/information streams instead of curating it myself. However, just like relying on any one news source, relying on one or a few curators for your news will quickly introduce you to the bias of the curators themselves. Therefore, I don’t rely entirely on this method and also self-curate to a small extent to lower that risk.
I organize my professional reading into three categories: world, profession (computer science/security/analysis/data science), and discipline (threat intelligence). Usually, I begin by reading the world news, followed by threat intelligence, and lastly information I need about my profession. I feel that this appropriately prioritizes my time and gives me the best perspective to solve problems throughout the day.
Here is my particular strategy:
- I begin with the top stories on Google News and then to the Economist. I then browse the front page of Reddit. Together this gives me a healthy sense of major events in the larger world. This is critical because my discipline is heavily influenced by larger world events. However, within this set I also focus my time reading articles which have direct impact on areas of world my daily work touches.
- I read curated security and intelligence emails: Team Cymru Dragon News Bytes; SANS NewsBites (weekly); and two others which come from paid services via my employer.
- Twitter. I use key hashtags and user lists to pare down the stream to a consumable chunk. This is very much an art form and I’ve yet to feel a mastery.
- RSS Feeds. I use Feedly to curate my RSS feeds. However, over time I’ve found that my other strategies tend to surface most of the gems from the feeds.
- If I have time, I’ll then use a financial news site to browse the news about my company as well as major players in cyber security to maintain awareness about the larger business pressures and events which may impact my work.
- Return to Twitter. About 2-3 times/day I’ll return to Twitter to scroll through tweets by key hashtags and user lists to make sure I find anything critical right away.
The Long & Important Ones
About once-per-day I find a white paper or article on which I want to focus and absorb. For those, I print them out (yes, on paper) and read them later with a pen in my hand so that I practice Active Reading; making marks, underlining, and making comments which help me absorb the material and create an internal conversation. I find this a highly enjoyable activity which stimulates creativity and engagement helping to foster new ideas.
How do you maintain your external situational awareness? Please comment below or tweet @cnoanalysis