Since I've taken a lot of flack (much of it over DM) for this thread, I'd like to clarify a few things. Succeeding in infosec is largely about adapting to changing realities. It's my experience that orgs resistant to change in one area act similarly in other areas. 1/n

10 years ago, I never would have believed a sitting president would advocate for decriminalization of marijuana. But I also couldn't have predicted that I'd tweet thus from an octo-core device with 6GB of RAM. Or that I'd tweet at all... 2/n

What about mass adoption of IoT devices (and the amazing number of them in use in corporate networks)? This isn't anything I was banking on. I never thought I'd be doing forensics on a corporate Alexa in 2018 or that I'd do forensics on a consumer CCTV system. 3/n

But I've had to adapt to a new set of realities (and quickly). If your org isn't adapting, it's dying. And you'll never interview at an org where they say "we are stuck in the past and won't adapt." So I recommend you look for external factors that show the org is nimble. 4/n

Come work in an EDU where we actually mimic the real world and use tomorrow's tech yesterday and 5 yrs in the future tech today......