The human OSI stack


Earlier this year, I attended a growing InfoSec event hosted at Abertay University in Dundee, Scotland called Securi-Tay. One of the talks was about carving a career out in InfoSec, presented by the talented Javvad Malik during which he showed the well known OSI model as mapped to humans.

I’d had something like this in mind for a while so, with Javvad’s kind permission to partly rip off his concept and his subliminal motivation, here is my take on how to make sure your human OSI stack is compliant with any current or potential employer’s.

Human OSI stack

  1. Physical. As shallow as it may seem, first impressions do indeed last. How you dress, your personal hygiene, your haircut, what type of glasses you may wear, the colour of your nails, whether you make eye contact or look at the floor. All these things, rightly or wrongly, form an impression. Try and be as smart and professional as you can be, whilst maintaining a certain degree of individuality. As with all layers of the OSI model, you can get a good idea of how best to be ‘compliant’ by looking at other successful people
  2. Data-link. Beyond first impressions, the way you actually communicate is going to make or break you. The importance of knowing how to talk to people at all levels cannot be overstated. Don’t think that emails, IM or social media are exempt from this rule. It covers all form of communications. You can spend a long time carefully building a professional persona and bring it crashing down in a single exchange. As one of my colleagues at a previous company used to say, ‘you are always just one click away from being fired’.
  3. Network. OK, so you’ve managed to get this far but you are only known for your abilities within your own team or maybe your company. It is more important today than ever that you get out and about and make a name for yourself. You need to extend your network of people beyond the walls of the building you work in. At worst, people will hear about the good things you are achieving, at best you will have a large pool of resources you can rely on for the rest of your career. Get to know key people in other businesses, especially your customers, competitors and vendors.
  4. Transport. Driving a nice car might draw more attention than taking the bus but I want to discuss the transport of work through your part of the business. Have you ever even considered the concept of work in progress, even just in your team but more generally through your business? Do you sit and complain about how there is never enough time in the day or do you look for the pinch points and what can be done to remove them? Defining what the manual process is will always be the first step. Write it down, step by step. Then look at how that process can be improved and made more efficient. Then start automating the different steps, with the aim being a completely automated workflow. Now you have more free time to work on other tasks and keeping the work in progress down to a streamlined minimum. Time well spent.
  5. Session. Not sure about the rest of the world, but in the UK, going on a session means having a few drinks. For the purpose of this bullet point, I’m talking about taking regular time outs. Don’t burn yourself out with work all the time. Find the things in life that make you relax, sit back and smell the roses/coffee/whatever. It might be having a social drink with friends and family. Or taking your kids geocaching. Or hitting the gym. The important point is…don’t lose sight of this. It is critical to achieving a work/life balance and you’ll not regret the long hours and hard work you put in.
  6. Presentation. Not so much about your own presentation, covered in the Physical layer but more about your presentation skills. Whether standing up in front of a group of people or publishing a book or a blog, you should be able to adjust your message based on audience to get it across in an entertaining and professional manner
  7. Application. How you apply yourself to your role is critical. Are you a 9-5 type person who comes in, works through their ‘in tray’ and signs out again? Or do you rip up the role and responsibilities sheet and look for new and different ways to offer value to your employer? The latter approach will almost certainly accelerate your career but at the very least expand your knowledge


This was a slightly tongue in cheek look at how to use the OSI model to help guide you in your career but the truth is that using a simple set of guidelines like this should prove more useful than just winging it or worse still, being a passenger.

Till the next time.

Please let me know your thoughts!