Sign in Subscribe
4 min read second-brain

How I Manage Information Overload in Cyber Security

How I Manage Information Overload in Cyber Security

Introduction

Cybersecurity is an extremely fun and rewarding career. However, keeping up with the constant fire hose of new information can be a source of burnout. I struggled with this for a long time... OK fine I still struggle with this. It's so easy to get sucked into the never ending void of Twitter (I mean X) doom scrolling or spending an entire day reading every article and newsletter in existence trying to stay on top of it all. Then after a long day of not getting any work done you are left feeling like an imposter – "How do all these researchers produce so much quality stuff while also tweeting hilarious memes all day." (You know who you are! Freaking wizards of cyber🧙).

In this post I want to share the way I "solved" this problem for myself. I'm sure there are a ton of other ways to do this and I'm always looking to improve my processes so hit me up if you have a different process or ideas to improve this one.

💡

"A wealth of information creates a poverty of attention." -Herbert A. Simon

There are three key tools that I use to manage the flow of information coming from our wonderful community of nerds. Readwise Reader, Beeper, and Obsidian. Don't worry I promise this isn't some crazy overcomplicated process – it's actually quite simple!

Notes Meme

(╯°□°)╯︵ ┻━┻

Here is a beautiful diagram of my workflow. ❤️‍

Content Workflow

Reader

Reader is a read-it-later app made by Readwise (which is a highlight resurfacing system). It's my one stop shop for managing the flow of information. The two main buckets in Reader are the feed and the library. The feed is where everything you subscribe to goes (RSS, email newsletters, Twitter list summaries, etc.) and the Library is where things you save go. The Library contains three buckets – later, shortlist, and archive. I send everything I possibly can to Reader and I quickly clear my feed twice a day at the beginning of the work day and then again at the end. This involves sending items to the later queue that I'm interested in reading someday and sending anything that urgently needs to be read to the shortlist. I also tag some items – for example, if an item seems like a candidate for detection creation I tag it with #detection-opportunity. Once the feed is processed I only read what's in my shortlist and once the shortlist is empty I pull from the later list. As I read items I highlight and take notes in Reader which then gets forwarded to Readwise then to Obsidian where I can quickly discover that info while I'm writing. Once I'm finished with a piece of content I can archive it out of the way for discovery when I need it. You can also create views in Reader with custom queries to quickly access specific content, say detection opportunities. There are times when I'll venture outside of the shortlist to read. For example, when I'm working I'll mostly be in the detection opportunity view looking for detection ideas. The opportunities with Reader are endless.

Check out inputs to see my current list of cybersecurity inputs.

Focus

Beeper

I've always struggled to keep up with all the Slack and Discord communities. It felt like so much work to click around in Slack and Discord to catch up with all the unread channels. Often times I would join a channel, be active for a few days then get overwhelmed and never check it again. Beeper makes keeping up with communities soooooo easy. Just connect your accounts and boom you can choose the communities that you really want to stay on top of and push all the new messages to your inbox in Beeper so you never miss a beat. Once read you can archive them so they disappear from the inbox. But don't worry you can click into each specific community and see all the channels in there as well. I know I know the cybersecurity voice in everyone's head is saying no no no I'm not having my comms go through some third party. Yeah I get it. I wouldn't suggest using this for your personal comms or work comms unless you do you research and figure out if it aligns with your threat model -- but for community comms it's worth it for me.

Obsidian

Obsidian is a wonderful note-taking app. It's just markdown files so you own your notes and aren't locked in. Plus with all it's plugins you can mold it to make your perfect setup. It integrates with Readwise to pull all the highlights for easy searching and processing. This is key because I do all my writing in Obsidian so having my highlights and notes in there to work with as I write is very helpful for me.

Podcasts

You may have noticed I didn't mention podcasts. I don't have the greatest podcast workflow at the moment but I use Snipd to process podcasts. I'm hoping Reader eventually adds podcast support but for now I haven't had success sending podcast RSS feeds into Reader.

Conclusion

Creating a workflow that works for you can greatly decrease the amount of burnout you deal with in the industry. The workflow I shared works for me but it may not work for you. Find what works for you and iterate over time to improve it. Beware that over time your inputs will likely grow out of control so I highly recommend a regular audit to keep your list of inputs fine tuned to what brings you the most value.

If you have any questions about this process or if you'd like to see a more in-depth post showing this process with screenshots or a video please let me know! I can be reached on Twitter at @ajkingio.

Published by:

AJ King