With BSides, Black Hat and DEF CON (aka Security Summer Camp) fast approaching, I thought I’d do a quick blog with some hopefully helpful suggestions. It’s my first time back to DEF CON since the Alexis Park days (early 2000s), so I’m excited to see how the conference has evolved over the 10+ years. Based on reports, the odor has continued to devolve; I’m not looking forward to that.
How to Survive and Thrive at Summer Camp
- OPSEC. I won’t go into too much detail here, as a security pro you should be able to assess the threat environment and implement the appropriate counter measures. You can check out this infographic we did a few years ago (shout out to Danielle) on how to stay secure at conferences.
- Hallwaycon. Meet old friends and make new ones too. For me, hallwaycon is the best part of any event. For those that might not be as extroverted, engage with security folks you’d like to meet ahead of the event on social media. Interact in cyberspace and then parlay that into meat space.
- Bring earplugs. If you plan on attending any of the countless vendor parties, many of them will be dropping that base. So, bring a pair of earplugs along; that way you maintain your hearing for all of those SOC “pew pew map” animation noises. Earplugs are of course multi-function, so in the event, the odor is unbearable on Sunday, flip them around, and protect your sense of smell.
- Drink water. Make sure to stay hydrated. Take an Uber/Lyft just off strip and stock up on water; you will save on the $10/bottle hotel prices. You might also consider not drinking at all while you are there. At RSAC this year, I didn’t have any alcohol, and it made for one of the best weeks I’ve ever had at a conference.
- Pace yourself. If you are going to imbibe, pace yourself; Summer camp is a marathon, not a sprint. Also, if you are going to imbibe, see suggestion number 4.
Sessions and Event Recommendations at Black Hat and DEF CON
- “MITRE ATT&CK: The Play at Home Edition.” Two previous ShadowTalk guests, Ryan Kovar and Katie Nickels, are tag teaming a presentation on MITRE ATT&CK from a more practical level, digging into specific examples. Both are great presenters, so I highly recommend checking out this session on Wednesday.
- “Asset Discovery: Making Sense of the Ocean of OSINT.” On Friday, our own Rich Gold (Director of Security Engineering), is presenting at DEF CON’s Recon Village. We will be releasing an OSINT tool during this talk which we are very excited about.
- Talks on cyber insurance. There are multiple talks on cyber insurance at Blackhat. “How Do Cyber Insurers View The World?” with Matt Prevost and “Integration of Cyber Insurance Into A Risk Management Program” with Jake Kouns. As a security leader, I’m interested in the practicalities of cyber insurance. Side note, I am still amazed by those that believe transferring risk via insurance absolves them of all responsibility post intrusion.
- “Death to the IOC: What’s Next in Threat Intelligence.” Microsoft’s Bhavna Soman wants to kill IOCs and I agree. I wrote about what I call “Indicators of Exhaustion” in my first Digital Shadows blog; I really want to hear what Bhavna says is next for threat intel.
- “Woke Hiring Won’t Save Us: An Actionable Approach to Diversity Hiring and Retention.” I’m very interested in Rebecca Lynch’s (Duo Security) talk. I really want to hear about the “retention” component as well. It isn’t enough to bring people onto the team, keeping them on the team is what really matters.
- Party at EyeCandy Sound Lounge on Wednesday night. Shameless plug for the party we’re hosting with the partners below. I’ll be there, so feel free to track me down.
Finally, don’t miss our special ShadowTalk interviews leading up to the events and post-event. We have folks including Brian Hillegas, Director of Threat Intelligence at McDonalds, Jason Lewkowicz, Deputy CISO at Accenture, and Bob Anderson, CEO at Cyber Defense Labs. You can find all of the episodes here as they get released: Digital Shadows Podcast – ShadowTalk.
To stay up to date with the latest news in digital risk and threat intelligence, subscribe to our community email list here: