As many of you know, we have been running weekly Office Hours sessions after our very successful pilot program back in March. We’ve had friends, colleagues, customers, and prospects drop in to chat with both our leadership and testing teams.
Some people, however, may still be confused as to the reason for Lares holding office hours so this blog post aims to clarify what we sought out to accomplish.
Our goal was to provide a safe and approachable setting where anyone could come in and ask our team of experts questions about red teaming, penetration testing, application security, purple teaming, social engineering, cloud security, or physical security. These questions could be absolutely anything from “How To” technical questions on offensive or defensive practices to existential, ethical, or philosophical quandaries on pretexting, attack practices, or public exploit disclosure.
Bill Taylor hits the nail on the head with his Harvard Business Review article entitled Should You Hold “Office Hours”?
The concept of “office hours” for business goes back to a universal ritual from our college days. We’d take classes with professors who were busy, distracted from teaching with research in the lab or the library, and otherwise remote and unapproachable. But we knew that for a couple of hours, at least one day a week, we could stop by their office, ask for advice, try out an idea, and get the guidance we needed. Well, we’re the professors now — busy, distracted, unapproachable — and it’s our colleagues, customers, and all sorts of other constituents who are eager for our time and guidance. So maybe it’s time to transport that familiar ritual from the Ivory Tower to the halls of business.
In the same article Jason Fried, the CEO of Basecamp, explains his reason for holding office hours:
“You can call and ask product questions, pre-sales questions, suggest feature requests, lodge complaints, offer praise, share ideas, discuss recent blog posts, or talk about good or bad experiences using our products. Anything that’s on your mind is fair game. I’m here to listen, share, and be available to help in any way I can.”
Hopefully, this clarifies the “No Agenda, Agenda” and encourages more people to show up and ask the questions that have been on their minds. Please join us on Thursday, May 7 at 12pm EDT (9am PDT) for our next Lares Office Hours session. We look forward to speaking with you!
Andrew Hay is the COO at Lares and is a veteran cybersecurity executive, strategist, industry analyst, data scientist, threat and vulnerability researcher, and international public speaker with close to 25 years of cybersecurity experience across multiple domains. He prides himself on his ability to execute the security strategy of the company with which he works without neglecting business objectives and the needs of its customers. Andrew is the author of multiple books on advanced security topics and is frequently approached to provide expert commentary on industry developments. He has been featured in publications such as Forbes, Bloomberg, Wired, USA Today, and CSO Magazine.