Not all that long ago, I joined a mailing list called WISE, which stands for Women In Science and Engineering. Once I'd joined it, I wondered what had taken me so long. Subsequently, one of the other members -- the same one who had invited me to the list -- talked about her professional blog, and I began wondering again. This time I wondered why I, an Infosec professional for over a decade and a prolific writer, didn't have a professional blog.
The answer to that question is simple but sad: I didn't realize, until fairly recently, that I had something to say. As a woman in Infosec -- there are still so very few of us -- I am something of a dancing bear, and I have been admonished to "shut up" by my male colleagues fairly often. Looking around, I am not seeing other female Infosec professionals with blogs or who contribute to the "official" blogs in the industry.
I'm not interested in bringing feminism to Information Security. Rather, knowing that I am good at what I do, I am interested merely in being heard. I am not so different from my male colleagues. I think that I do, in fact, have something to say.
So why Black Cats and Smoke and Mirrors? Well, first of all, I'm a nerd, and nerds love puns. Many IT professionals don't really understand Infosec, so I'm making fun of that. In addition, though most of us don't exactly brag about it, there's a little "black cat" in every white hat; in order to figure out how to protect systems, we have to know how to break or break into them. While obfuscation isn't the best or only way to protect, smoke and mirrors does play a part in securing systems and assets.
Although currently I'm between positions (and doing research in forensics on my downtime), I'm constantly thinking about and reading about Infosec. I think it's time I took all that thinking and reading and wrote about it, too. I hope that you'll agree that I have something to say.