Author: Gary Hibberd

Date: 15th July 2020


Recently I set myself a personal challenge to write 30 blogs in 30 days. Of course, the topic had to be focused on Information Security and Data Protection, but having worked in the field for over 20 years, I was certain it wouldn’t be too big a challenge.

But writing blogs is no small task, and along the 30 days, I discovered some things which I hadn’t expected when I set out on the challenge.


Information Security is NOT boring

I never thought that Information Security was boring anyway, but it is a stone which has been cast at the topic for a very long time. When I set out on the 30-day challenge I fully expected to find it easy for a couple of days, then perhaps inspiration would ‘dry up’ and I would be left grasping for a topic to write about.

Now please know that I’m no stranger to writing blogs, and I’ve even authored a book or two, so writing comes relatively easy to me. But even I recognised that finding 30 topics, in 30 days might be difficult.


How wrong I was.

Over 30 days and 34,584 words, I covered topics such as;

What does a Hacker look like?

– Are cybersecurity jobs boring?

 Is Cyber Insurance all you need?

– Who needs ISO 27001?

– CyberNatter – Let’s get moving

I even answered the question “Are Cybersecurity jobs boring?” (spoiler: The answer is NO they’re not)


Why write blogs?

Of course, if you were asking a Marketeer this question, they might tell you that blogs are a great way to talk about what you do and to get your brand out to the public. Social media is awash with people looking to find a voice, or more accurately, for someone to hear their voice.

Therefore blogs are often seen as merely marketing tools. But I have always had a different view about blogs, and the 30-day challenge showed me I was right.

Blogs are a place where someone can offer their view of a certain topic, based on their knowledge and wisdom. But when I write a blog, I see it as an opportunity to update my knowledge, test any assumptions that I might have developed over the years. In short; Blog writing keeps me sharp!

Writing blogs should require an element of research and fact-checking. In my opinion, the best blogs also come from a certain point-of-view (usually that of the writer), so no research is required. But what blog writing can do is force you to perhaps look at a topic from a different angle, and thereby giving you a new perspective on the topic.

For example, I have long held the opinion that Cyber Insurance is a good thing. But when I did a little research, I discovered the question that people were asking, wasn’t; “Is Cyber Insurance good or bad”. They were asking if all they needed was Cyber Insurance, why bother with Cybersecurity? That gave me pause for thought and gave rise to the name of the blog.

As stated above, blog writing about a topic you know well, should force you to do a little research so that you know you’re not outdated in your approach, and more importantly, in your thinking.

Blog writing about a topic you’re not too familiar with is equally important, but altogether more challenging. When I wrote the blog “Track and Trace; Security and Privacy” I had a good understanding of both security and privacy, but ‘Track and Trace’ is a new technology. What does it do? Who is behind it? What are the implications now, and for the future? Clearly, I needed to read about the technology behind the system, but I also read through countless other blogs and articles on the topic so that I could give a balanced view on the issues related to it.


30 Day Challenge – What I learnt

I learnt quite lot over the 30 days, so if you’re thinking of writing some blogs, then the following tips and points might help you.

Before offering these tips, let me assure you, and the professional writing community, that I do not see a career change coming any time soon.  The tips I am about to give are merely based on my own experience and views.


Blog writing is for everyone

I don’t care if you’re the CEO, the head of IT, the head of Sales, the Dev Ops guy, a Consultant, a Finance guru or a Marketing Wizard; Everyone should write blogs. It should be part of your personal development process. Why? For all the reasons stated above. Writing blogs forces you to look at a topic more deeply than perhaps you have in a while. It requires originality and critical thinking. It requires you to give your opinions and point-of-view and can push you to places that perhaps you feel uncomfortable.

It’s also a great way to show your personality and your thought-leadership. We often hear how companies are ‘thought-leaders’ in X topic. But how do they demonstrate that? Through fancy websites and corporate BS?! In truth, anyone can do ‘thought-leadership’. I prefer to hear authentic thought-leadership. A company isn’t made up of one person. It’s made up of many individuals, and their collective thoughts and opinions, displayed in blogs give me a greater understanding of that organisation. It gives them an authentic realism that I can get behind.


Blog writing is creative

Believe it or not, but most of us have a creative side. I’ve always loved writing and the process of telling stories.  As children, we grew up hearing and reading stories. As adults, we watch movies and read books, but in our day-to-day lives, we don’t often get the chance to be creative.  Blog writing can be that outlet.


Blog writing is a process

You’re not going to get it right the first time. When I sit down to write, after doing some research, I simply start writing. Sometimes the first line I write, ends up being in the conclusion, and visa-versa.

I call this my “Rubbish-First-Draft” (RFD). No one is going to read it! I throw my thoughts on a page, and then I go grab a cuppa, and return to it 10 minutes later. Then I start to craft it into something that people will (may?) read.

I also make sure I write at the same time every day. It’s in the diary. It’s blocked out, and it’s time I’ve allocated to it.  Over the 30 days I did this exercise I set the same time from Monday to Friday (6:30 am – 7:45 am) and Saturday and Sunday (9:30 am – 10:45 am).

Some people say “I don’t have time to do blogs”. And they are correct. You have to make time to do blogs.


Blog writing is for me

It may sound strange, but I’m often not thinking too much about the person reading the blog. Of course, I keep in mind the person I want to read it, and the person it’s aimed at. But fundamentally, I see blog writing as a way to organise my thoughts. The fact that I put them on a page and others read them is great, but I try not to get too hung up on “Will anyone like this?”, “What if someone disagrees?”, “What if I make a mistake?”



Anyone who is reluctant to write blogs, I would simply say; Get started. Just do it. Write your ‘RFD’ and edit it later. If you’re really struggling to get started, here’s a tip; Pretend you’re telling your Mom/Dad about the topic. Start with, “So I was reading this article the other day about how only Penetration testing once a year is a bad idea. What’s a Pentest? Glad you asked..”

You can always go back and edit the start if it doesn’t feel right with you.

Blog writing is for everyone. Over the course of my career, I’ve written hundreds (thousands?) of blogs and articles, but this 30-day challenge was both a challenge and enjoyable. In fact, I loved doing the challenge so much that I spoke to Jenna (our Marketing Wizard), and she agreed to help us run a challenge that YOU can get involved in.

Throughout August we’re going to challenge you to improve your security, just a little bit, every single day! We’ll ask you to consider what Security and Privacy means to you. We’ll challenge you to look at Data differently, and we’ll challenge you to talk about Information security in ways you may never have done before.

Of course, it’ll be 31 days, but it will be interesting, it might be a little challenging, but we also hope it will be fun. After all, isn’t that what life’s all about?

Other resources

Case studies

Our cyber consulting team works with clients from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here. Learn more >


See what our team have been discussing around current issues in regulation and data security, and recommended processes and policies that will benefit your business. Learn more >


In our collection of whitepapers, Cyberfort’s cyber consulting experts explore issues from cyber threat intelligence to incident planning and data security. Read our whitepapers to help make informed decisions for the benefit of your business.Learn more >