I think the most toxic thing about infosec is the weaponization of humanity within the industry. People don’t trust each other, and everyone is always keeping info as ammunition for a future unknown battle.

We’re encouraged to LARP as robots, keeping our lives secret, and afraid to show our humanity for fear that it’s going to be used against us. And as a result- it can be hard to see our fellow security people as PEOPLE.

We all have feelings, families, interests. We all have fears, bad times, we experience loss.
These aren’t vulnerabilities, they’re the human experience.
and not seeing them as normal, makes it really hard to find true friends within the industry.

You’re a fucking person. Not a robot. Not a weapon. Not a superhero.
A human.
And maybe that’s one reason I feel like maybe security isn’t the right field for me- because I lack the ability to see people as anything other than people- including myself.

My humanity, and therefore my vulnerabilities- are a big part of who I am. I don’t try to hide that, I don’t put firewalls around my heart, and I don’t keep my life under a 18 digit randomly generated password with MFA.
I’m a person, not a computer.
And you are too.

Anyway, that’s my hot take on the industry and community in general. We need to keep our humanity intact, and stop seeing human vulnerabilities as something to always be exploited.