Security Staff Acquisition & Development, Threat Management, Security Staff Acquisition & Development, Vulnerability Management

The exodus from Elon Musk’s Twitter has begun. Should the infosec community care?

Elon Musk
Twitter CEO Elon Musk at a Tesla electric car manufacturing plant on March 22, 2022. (Photo by Christian Marquardt - Pool/Getty Images)

Tracy Maleeff, better known by many as @InfoSecSherpa, got her first job in information security because of Twitter.

She was a librarian, looking to make a career change. She got trained up, shifted her Twitter handle from @LibrarySherpa, and gradually grew her use of the platform from what she described as lurking to actively interacting with the community.

“I was lamenting to one of my new infosec Twitter friends one day when I received four rejection emails and he asked for permission to mention me on Twitter,” she recalled in an interview with SC Media. “He posted something — ‘I can't believe none of you have scooped her up yet’ — and less than half an hour later somebody who became my first infosec boss replied and said, ‘Let's talk.’”

Much has been said about the loss of threat intel sharing that can come from a souring to the Elon Musk era of Twitter — a platform used extensively to disclose cyber incidents and to promote patching of critical vulnerabilities, among other things. Alex Stamos of Stanford’s Center for International Security and Cooperation noted the intel gap when speaking at the Aspen Cyber Summit earlier in the month, while others point to the many resources out of academia and industry that scrape Twitter for details on disinformation campaigns. Researcher Florian Roth even pointed to the loss of references in YARA and Sigma rules that he wrote, as people (out of defiance or paranoia) delete old tweets.

But Twitter serves another purpose for infosec practitioners — a more human one.

Consider that Maleeff, since transitioning to cyber, has become very vocal on Twitter about the lessons she brings from library science — also teaching people how to go to their local libraries to present infosec talks. The former contributes to cross-skilling, and the latter to cyber awareness. She was among a group that used the platform to call for donations to the first ever B-Sides Nairobi so that tickets could be purchased and distributed for free to people that couldn’t afford to go — most notably students. That contributes to efforts to bolster the workforce.

Twitter can also serve as an outlet for underrepresented groups to find peers and mentors and gain advice about workforce disparities and frustrations. Consider #ShareTheMicInCyber, the online movement started by Camille Stewart Gloster and Lauren Zabierek to address issues stemming from systemic racism in cyber. (Consider also that the inspiration for this very article emerged from a private Twitter group of women in infosec.)

As tweeted by Zabierek, executive director of the Cyber Project at Harvard Kennedy School's Belfer Center: “Twitter has been the way I’ve met + connected w/many, where we created #STMIC, where we shared ideas, where amazing things have happened. Grateful for the opps + memories but v. sad to lose connection esp where motherhood & being away from the action up here can be isolating.”

Alyssa Feola of Seventeen Sierra, aka @its_a_lisa, created a Twitter account back in 2010 after meeting Jack Daniel, community advocate and co-founder of Security BSides, as a means to stay connected to him and other influencers she met at conferences. But smartphones weren't as prevalent or functional, Internet wasn't as fast, and there wasn't as much of what she describes as “juicy information.” It wasn't until about 2016 that she got reengaged with the community again. She got her followership up pretty high, and then yes — backed off when the labeling of people as “Social Justice Warriors" felt a bit tired.

“Now, I use it mostly for DMs; the big news will come through to my feed but I'm not on it 24/7 the way I used to be," she said.

But those DMs unto themselves can fill a need. Twitter served as a platform for a groundswell of opposition to sexual harassment that permeated the industry for years, for example, and much of that bubbled up initially via those direct messages — a whisper network of women asking what happened, sharing their own experiences, asking whether there is reason for concern, and rallying to speak up.

These examples provide a hint at what could be lost with a mass exodus from Twitter; the potential hole in the community, particularly for those trying to enter and rise within the infosec workforce.

“The timing couldn't be worse, with the need for filling infosec jobs in the world,” said Maleeff, who the day of the interview with SC Media received a DM from a man in Ethiopia that she had been helping to find a job, telling her he got hired. “Without Twitter, I wouldn't have had the opportunity to help him.”

Canceling a Twitter cancel culture?

For all of the persuasive arguments about community benefits of the platform, there are also those that describe Twitter as a toxic echo chamber, where imposters intermingle with legitimate experts in the field. As one woman shared in a group, maybe no more Twitter means "no more community and therefore one less place to spread hate."

Indeed, in an interview with SC Media, Feola described a pretty standard Twitter experience for infosec professionals that transitions from enthusiasm to cynicism: join as a "lurker" entry level professional where you view everyone else as experts and yourself as an imposter; then progress to seasoned or even expert, and realize a lot of people may know less than they claim.

Along the way, yes, “you find your tribe; but Twitter as a social media platform loses its luster,” she added.

And truth be told, if Twitter were all kumbaya, then the term "trolls" would not exist. Sheer volume, combined with the toxicity that often comes with (a degree of) anonymity, can also cause individuals to rapidly lose ownership of their own narrative.

Erin Jacobs — aka known as @SecBarbie — received notable backlash when she tweeted  that “people who do nothing but tweet all day and are defined by their egos and twitter identity have been freaking the fuck out”  while people who actually do the work really don’t care. She backtracked in response to criticism — clarifying that the tweet was not meant to disrespect the infosec community as a whole, but rather those that contributed to what she described in a later tweet as “the shitshow” that cluttered her feed amid the uproar over Twitter CEO Elon Musk's escapades. Her attempts to make good seemed to get lost amid the twitterverse lashing.

“Personally, I think as soon as we had cancel culture, as soon as we had people with more than 30,000 followers, the community stopped being a community,” Feola said. "Yes, people might not be able to find other likeminded folks as easily. But there are other types of activities out there. And maybe it will help send the message that you can be an expert in cybersecurity even if you're not on social media.”

Might an alternative platform fit the bill? Or, as expressed by cyber pro Keenan Skelly in a Twitter group on the topic, “does Infosec Thought Leadership require centralization & the ‘Hot Air’ that comes with it?”

“Wouldn’t it be great if we could leave that behind in this transition,” she added. “I’m skeptical.”

Even as some linger on Twitter to see what comes of the platform in the long term, nobody that spoke to SC Media believed it would return to what it once was. Many seem to be using their profiles to communicate where followers might find them elsewhere: a smattering of Mastodon handles now appear within bios for example.  Private group discussions are assessing the virtues of Discord, Reddit, Fediverse, ActivityPub.

That said, few expect any one platform to emerge as the new defacto medium for infosec community exchange.

“I think there's a 20% chance of a big boom event happening and all of #infosec Twitter naturally migrating by following A Great Influencer,” Feola said in a group discussion. “Otherwise... I think it's going to take 3-5 years to actually see the momentum to shift and pick up again, leaving a good chance that it dies off.”

So then, is the seeming demise of Twitter — or at least its demise as an infosec community center — something to mourn? Or might this create healthier engagement in the long run? General consensus seems to be a little of both,  perhaps best captured by a pinned tweet from Jack Daniel:

“We changed the world here. Really. Friends were made. Loves found. Careers advanced. Ideas explored. Information shared. News broke here. Shoulders were cried on. Hugs were exchanged. Sometimes only online, sometimes that was enough, but often what started here became very real.”

Jill Aitoro

Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.