Readin' and Writin'

Richard Bejtlich recently wrote an interesting blog post on reading, and followed that up with some answers to questions posted as comments to the first post.  In his first post, Richard discusses several types of reading; I tend to find myself reading mostly for information or entertainment, but when I'm writing a report or book, I will most often resort to a proofreading style of reading as I go back over what I've written.  Right now, my entertainment reading consists of a book on the life of George Washington and the ebook version of William Gibson's Zero History.

Many times, when I read for information, thoughts and ideas marinate and percolate, not just with respect to what I'm currently reading, but also including other sources...stuff heard in podcasts, other books or whitepapers read, etc.  For example, when I was reading Will Gragido and John Pirc's Cybercrime and Espionage, something that I read combined with work I'd done in the past...PCI breach investigations, and the QSA certification/re-cert classes I was required to pass...to ignite some interesting ideas.  So while I was reading, I would write down some notes, and then revisit those notes later after I'd finished reading, or even a day or two later.

Now, this a good place to transition from types of reading to types of writing.  One type of writing, such as note taking, is meant for personal information retention.  Often, we'll take notes and jot down little missives as a way to remind ourselves of something, or simply to document what we might have thought was a good idea at the time.  Another type of writing (documenting case notes, report writing, book writing, etc.) is meant more for transmitting information to others.  This style of writing will encompass a variety of forms, but for the most part the overall goal is to preserve and transfer information for others to use.

One method of writing I made great use of while I was in the military is illustrated in how I would write fitness reports ("fitreps"), the military term for "personnel evaluations".  I would start the fitreps several weeks out by consulting my platoon commander's notebook, and jotting down some notes to myself with respect to key elements I would like to highlight in the report.  Then I would set aside specific time for myself to revisit these notes over the next couple of days or weeks, allowing my thoughts to "marinate" and crystallize a bit.  By focusing for an hour or two each week, I could get the reports completed in a manner that I was very comfortable with, rather than rushing at the last minute and submitting something that I wasn't comfortable with and wasn't complete, and might have a detrimental effect on the Marine's career at some point in the future.  I'd actually seen the effect that poor planning and writing had on a Marine's career; one of my Staff Sergeant's was applying for the Warrant Officer program, and the selection committee had found a fitrep written on the SSgt in which the reviewing officer, a Marine Captain, had stated that the SSgt deserved to be awarded a medal...but never submitted a write-up for the medal.  In short, poor planning and execution could have a negative impact on someone's career later on down the road.

As a community, I don't think that we do enough reading or writing.  By reading, I mean really reading for comprehension, and by writing, I mean really writing to convey some sort of information.  Too many times, I see questions being asked in online forums, and the response that is received has no correlation to the question; it's as if whomever had read the question had only read every third or fifth word, and just answered another question all together.  Also, we all see emails and posts to list servs and forums that would benefit greatly from spellcheck or just a review for grammar.

It all comes down to thought processes.  One simple way to expand our horizons is to read something, and when we do, put more thought than just "neat!" into what we're reading.  Another way to expand and develop ourselves professionally is to write more for public consumption.  When you read something, do you think critically about what you're reading?  Or do you simply accept it without question because the person writing it is someone that you or others consider to be an "expert"? 

If you think that something you've read is a good idea, why do you think that?  Is it because it would be (or would have been) useful to you in some way?  How so?  Can you articulate that?

Ultimately, what we do ends up in some sort of written form.  When we perform analysis, many times the end result is a report to someone...our boss, a customer, etc.  The way we provide value through the reporting process is to think critically, and provide a clear, concise description of our findings to the customer, in a manner that they can understand and use. 

So how do we go about doing this?  A lot of us read...even it's 140 characters or less at a time, we tend to read stuff, right?  So what do you do at that point?  Do you simply retweet, or do you use that as the beginning of a blog post?  If you are writing a blog post, are you simply providing a link to what you read, or are you writing a description of how the information was impactful or meaningful to you?

There a lot of opportunities out there.  For example, look at what Corey's done over at the Journey into IR blog, with his exploit artifacts posts.  This is just one example of what can be done.  Regardless of the route you choose to take, or the path you choose to follow, reading something within the community (book, tweet, blog post, etc.) and not taking the opportunity to think critically about what was read and to open a discussion on the topic, sharing your thoughts with others...all of this is simply a missed opportunity.