I shared it with a few of my friends who I knew were working on security programs at their own companies as there was a lot of useful information in the talk.
One person commented on how slick and well-delivered the presentation was.
“He’s got a naturally loud voice” chimed in another.
“If I were a CISO, I’d get more speaking opportunities too and be as good as him.”
“I wish I were as good as him, I get too nervous.”
Smiling whilst reading the exchange that took place, I recalled the first time I met Thom – which was the first time he’d presented at a conference. It was BSides London 2012
Note the use of cue cards, the nervous pacing as well as the umms, and errs. His trademark booming voice and bald head is there, the content is solid – but the overall package is a little rough around the edges.
Bsides London 2012 was also the first time I’d ever presented at a conference and was terrible. So Thom and I made a pact to help each other improve our presentation skills. We’d make a point to attend each others talks and then spend many an hour afterwards critiquing each others style.
We’d prepare and run through presentations, over skype in the evenings and comparing them to presentations we enjoyed – trying to adopt the best attributes whilst dropping the bad. Reading and recommending each other books on effective delivery, slide creation and audience interaction.
Since 2012, Thom has presented over 30 times – that’s nearly a presentation a month. On average it will take 10 hours to prepare, draft, practise and deliver a presentation. Which equates to roughly 300 hours worth of effort.
Yes, Thom is a friend, so I’m naturally biased. I’m not saying he’s the best presenter in the world – far from it. But I do know is the presentation in 2015 is a world apart from the presentation in 2012 and constantly grinding to make progress pays dividends in the long run.
The key points I’ve learnt from the last few years from Thom about public speaking (which may be applicable to other areas) are:
When we start, we’re all pretty rubbish. But don’t let that stop you – take advantage of a rookie track at a conference like BSides.
Clocking up stage-miles is one of the only ways to improve. You can’t become an expert swimmer without jumping in the pool.
Find a mentor / friend / trusted person to run through your presentations with prior to presenting.
Ask that mentor / friend / trusted person to sit through your presentation and note everything good and bad about your presentation from content, to delivery, to body language to audience engagement and be prepared to have open and honest conversations about it afterwards
Always be improving. There are tons of books and videos and experts out there who can help you improve your voice, your slides your delivery – everything. Utilise them.
As a bonus point, I’d just say to remember to have fun and try to enjoy it. It’s a simple process, but not always easy.
Do you ever get bored when someone starts of a presentation by going over how bad the infosec situation is? They’ll quote figures of breaches and how vulnerabilities are going through the roof.
Or maybe you’re pressed for time and need to get to the meaty part of your security presentation but want to make sure everyone is on the same page.
Well now you can do it with this one simple security haiku which will paint the whole landscape in 3 seconds – letting you get on with the important things in life.