HouSecCon 2018 was my first infosec con. There was an amazing whirlwind of crazy that led me to being able to attend. I learned a lot, and it really fueled me to dive even deeper into the tech stuff that I’d been doing as a hobby. I was literally an imposter at the con, which was an interesting experience. Going back this year as someone who works in infosec was much different – in a good way.
Smaller cons are a great opportunity to network and learn. The big cons (like DefCon) have their purposes, but I generally like the more local options. My goal was to do well on my talk, check out some potential vendors, learn a lot, and visit with other people in infosec or interested in infosec. This is my weird summary/brain dump/random musings of what I’m trying to do when I go to a con.
Some cool things I learned…
Some cons you go to and there are few talks you want to see. That was not a problem for me at HouSecCon this year. And luckily they film the talks, so I’ll be able to catch some of the ones I wasn’t able to go to. I plan to add links to the talks once they are up.
A few highlights…
Chris Roberts – Opening Keynote: User training needs to adjusted to the time of year and must be more frequent, and don’t be a jerk
Josh Burgess – Predicting Instead Of Stopping The Attack: Data can be overwhelming, have to prioritize, browser extensions = RUN AWAY
Chris Humphreys – Compliance Considerations For Cloud Migrations And How To Bridge The Gap: Institutional knowledge is as big of a problem in infosec as it is in academia, people are often a single point of failure
John Dickson – App Sec In A World Of Digital Transformation: Don’t recreate the problem you had with legacy code, bake in security
Bruce Potter – Oh Noes! – Role Playing Your Way To Better Incident Response: Table tops can be engaging, visual reminders are great
Liz Tesch – Splunking Azure – Getting (Your Data) There Is Half The Fun: I need to play more with Azure
Tony Bradley – Don’t Believe The Hype (Spoiler Alert: It’s All Hype): Listen for what is NOT said
Any Bennett – So You Went To The Cloud (Or Are Thinking About It Really, Really, Hard) Now What?: Cloud = Someone else’s computer (can’t say this enough), another meaning of SWAG (basically a “creative” guess), what’s the business case
Ben Brown – More Than TOR: Shining A Light On Different Comers Of The Dark Web: Lots of options, it’s not all dark
Lauren Neely – The EU, California, And Now Washington? A Survey Of The Data Privacy Landscape For 2019: The privacy regs are coming, likely will result in multiple different frameworks, different jurisdictions are going to try to enforce their regs everywhere
Keirsten Brager – Building A Business Case For Your ICS Security Monitoring Strategy: Show deficiencies, find out what execs care about, conduct a what can get me fired risk assessment, share the misery
I wasn’t able to get to the ICS or lockpick villages, which was a bummer.
Catching up and IRL meetings
It was nice to catch up with people who I haven’t seen in a while. I was able to meet some of the people who I only knew online, which is always a fun experience because meeting IRL can be super awkward. I find most people just need to get some sort of connection between the person in front of them and the online persona. There’s a lot of using your online handle to give some context and some confused staring when you try to make sure the person you are looking at is the person in the profile picture. Of course, whether the person behind the profile is actually the person in the picture is another can of worms.
An interesting moment for me was being asked if I was Kelly Handerhan from Cybrary. Definitely not a bad person to be mistaken for – she does a great job with her classes.
Meeting new people is hard, but it’s also one of the things to do at cons. It’s easier when you have some sort of connection, but randomly starting a conversation with someone is an adventure. At least at a con you have some sort of common ground, in theory. This is something that seems to be a lot easier at smaller cons because there’s a higher chance you’ve seen the person before or gone to some of the same events. If nothing else, work on those SE skills and start chatting.
I know everyone loves to hate on vendors. And I completely get it. Being sold FUD (fear, uncertainty, and doubt) or miracle beans can get old. But events would be cost prohibitive to attend without vendor sponsorship, so THANK YOU VENDORS! Plus, swag. I like walking through and hearing what vendors are pitching. It gives me an idea of what’s out there and can often give me ideas of things to implement. It’s also good to put some faces with names at vendors whose products I’m already using.
First Con Talk
I put in for the CFP because submitting stuff for conferences is something I’m used to doing and I thought it would be good for me. My 0 to Splunk talk went well at the Splunk Houston User’s Group, and since I know Splunk skills are in demand right now, I thought the topic might be a good one for HouSecCon. I honestly didn’t think it would be selected. I’m glad it was. I refined the talk and really focused on learning Splunk in the context of security. I thought my talk went well. I’m comfortable with public speaking, but I was a little nervous about presenting in this context because I’m definitely not a Splunk “expert”. But I feel like it went well. I wanted people to walk away with a game plan for learning tools, and I think I did.
I know the infosec community can be a dumpster fire at times. That’s true for any group. But I’ve been fortunate to find a supportive community both online and in the area. It’s nice to feel like people are trying to bring you up. In a field with high rates of burnout, I think it’s vital to find a community that will be supportive. It was also great to talk to people who I see at local events and hear how they are doing. It’s especially nice to talk to college students who are about to graduate and are excited about getting that first job. Working with students is something I know I’ll miss as I continue to move away from academia, so I look forward to working with college students in a different way. And a special nod to WiCS-UH – good to see so many familiar faces from that group attending and helping out.
Cons are great, but also involve peopling or extroverting or whatever you want to call it. Plus you have the avalanche of vendor emails that come after. And work/life stuff to catch up on – especially if you traveled. It’s worth it because the professional development is vital in infosec. I don’t know how the people who are hitting a con a month do it. I’m watching for the talks to be posted because there are several more I wanted to see.
I think the takeaway is go to things. Whether it’s a meetup, a local con, or whatever, getting out there is going to be beneficial. BSides Houston announced a September date right before HouSecCon, so I’ll be watching for details on that one. Also don’t be afraid to go if you aren’t in the industry. For those looking to transition, cons and meetups are a really good way to judge if the field is right for you. If you look at a con agenda and nothing looks interesting, you might want to look at other areas. I also really like that a lot of infosec cons film the talks and make them available. I’m not going to lie – I have 0 desire to watch my talk. But I really appreciate being able to catch things I wasn’t able to go to.