28 July 2017
Blogs by author: Bryan K. Fite, Account CISO, BT.
With so many cyber security events to choose from, Bryan K. Fite shares his advice on how to pick the right conference for you.
Tis the season for hacking…
As we enter the busy season for hacker and security conferences, I find myself making tough decisions (as usual) about where to spend my limited discretionary ‘hacker-con’ budget and diary space. Events come in all shapes and sizes…
To borrow a description from Kimble (aka the controversial Kim Dot Com), ‘mega’ conferences like Black Hat and Defcon are big (really big), content rich, heavily marketed, have a proper brand, are logistically intensive and easy to justify to the boss.
They cover the ‘big’ topics — including securing your journey to the cloud, digital transformation, and tackling cyber threats using Big Data. They also attract CISOs and IT Security professionals alike, due to their role-based tracks.
Conference cons to look out for
On the flipside, the big conferences crowded, the best sessions are often oversubscribed, fraught with distractions and require tough time-allocation decisions. How many times have you scheduled a meet up with a colleague, only to continually miss each other at previously agreed rendezvous points? Or what about when you have to choose between two awesome sessions because they were scheduled opposite each other, or in auditoriums a mile apart?
Other hallmarks of these events are the number and quality of the parties. Some people try to hit as many as they can (hardcore — a noble challenge or fools errand?), while others prefer the always present ‘ad-hoc’ dinners. Difficult decisions to be sure.
Content quality varies widely, but the sheer number of sessions leaves attendees to choose the sessions they go to — looking for novel and relevant content, while avoiding ‘stunt hacking’ sessions.
The bigger the better?
Large conferences normally target specific industry sectors, or the proverbial ‘enterprise’ security practitioner. They tend to have a sponsor-driven commercial model, and create a forum to bring large numbers of ‘quality’ attendees to the party. Take Infosecurity, ISF, SANS and Hacker Halted, for example. Their content is very much influenced by their sponsors and vendors.
While some content is good, many sessions are thinly veiled marketing decks. There are always plenty of professional panels with industry luminaries, though. Very little novel or cutting-edge research debuts at these events, but they’re often good for gaining extra education and networking with industry peers and vendors.
Finding the middle ground
Medium sized conferences tend to have a cult following, a solid brand and limited seating. Some of them have ultra-cool venues like Troopers (Heidelberg Germany) and H2HC (Sao Paulo Brazil).
It’s all about the community furthering the art and science of information security. You should also consider Shmoocon and USENIX if this is your motivation. All boast excellent content, and avoid the traditional vendor sponsorship trap.
Catching closed-door content
Small conferences tend to be regional in scope, and have a core group of ‘regulars’ (supporters). CircleCityCon and DerbyCon are good examples because they create small forums that feel more like family reunions than traditional corporate conferences. The content is good, but the parties are often even better…
Micro-conferences tend to be intimate, focused and exclusive. The conference I attend every year, Day-Con, is the conference Chris Hoff (@Beaker) described as the original ‘Non-Con’ — single track, closed door, features point of origin hacking, relevant content and does not have a call for papers.
Another micro-con, 614Con in Columbus is actually held in a microbrewery…
Building the hacker community
While all of these events have significant differences, they have many similarities too. They all create opportunities to learn, share and network. They provide and promote ways for different stakeholders to interact with each other in a safe and, hopefully, relevant way. They have social components for meeting others with similar interests.
This is how communities are built and developed. It’s important because humans matter, and when innovative humans from cross-functional stakeholder groups get together they can do amazing things. It takes a village, and this is true in the world of cyber.
Don’t take my word for it — read about why community matters and get tips on evolving your cyber operational practices to make defenders more effective.
Which con will you pick?
So what is the best hacker conference? Obviously, it’s a loaded question and depends on many factors — proximity, cost vs. value, maturity level, your ‘day job’ and with which ‘tribe’ you identify most. Most of those you can answer easily, but the maturity level maybe not so much.
These days, I find I like to attend smaller, more intimate, events that combine a nice balance of original/novel research, proper sit-down meals and interactive workshops.
This is what Day-Con has evolved into after 11 years. With that said, I can honestly report that, in my not-so-humble opinion, the best hacker conference in the world is Troopers. It consistently delivers world-class content, has an incredibly diverse attendee roster and the speaker dinners are legendary!
The good news is there are more conference choices available than ever before. Regardless of which ‘gathering’ you find yourself at, it’s important to get out of your [insert favourite nerd reference here — basement, attic, lab or office]. So go find your favourite con because hackers matter, and the community needs you.
I won’t be making it to Vegas this year for the mega-cons, but for many hackers a Defcon pilgrimage is mandatory. If you make it down check out our very own Konstantinos Karagiannis, he has a session on smart contracts, Friday at 11am.