Last Wednesday night I had the honor to be part of a group of fellow members of The Dutch Institute for Vulnerability Disclosure (DIVD) to meet, have dinner and speak with, Chris Inglis, the National Cyber Director and advisor to the President. Mr Inglis and his delegation were visiting The Netherlands on a tour that included Israel’s Cyber Week and a visit to the United Kingdom. DIVD, DIVD Academy, CSIRT.global, Connect2Trust and Het Nederlands Security Meldpunt (the Dutch Security Clearinghouse) got and opportunity to present themselves to this delegation.
When we explained the three year history of DIVD, and what we as an organization of volunteers have been able to achieve, we were asked: “How do you sustain this?”
And that is a rightful question. What drives volunteers like myself, to put spare time into DIVD? Why do we do this while many of us have busy jobs, often in Cyber Security? Are you in this for the recognition, Inglis asked, to be in a hall of fame? And while we believe in giving credit where it is due, it isn’t the main motivator.
From there on the conversation went to other topics, how to better cooperate, the vulnerability of the internet and how the security.txt standard might give us the “signage” we need to help us make the internet safer. But the next day, my mind kept wandering back to that “why” question, and I believe I know the answer…
Intrinsic motivation. I truly believe that intrinsic motivation is what sets DIVD volunteers apart from the rest. For myself I do it mainly because I feel that the internet needs to be more secure and that our work makes a difference.On top of that I enjoy doing it because of the wonderful people I get to work with and the wonderful puzzles we do and adventures we get into.
And this attitude has brought us far. At the end of the evening it was put nicely: “If the story you told us would have been a pitch, our answer would have been, we like the idea, but we doubt if it can be pulled off…” and yet we did just that for the past three year.