Conferences

BSides Nashville 2018

 
 

Why go to security conferences

Professionals can benefit from attending security conferences for several reasons:

Networking Opportunities: Security conferences bring together professionals, researchers, practitioners, and enthusiasts from various backgrounds within the information security field. This provides an excellent opportunity to network, exchange ideas, and build relationships with like-minded individuals. Networking can lead to collaborations, job opportunities, and the sharing of valuable insights. The number one way to improve a job search is to network at conferences.

Stay Updated: The field of information security is rapidly evolving, with new threats, vulnerabilities, and technologies emerging constantly. Conferences often feature talks, workshops, and presentations from experts who share the latest trends, attack techniques, defense strategies, and research findings. Attending these sessions helps infosec professionals stay up-to-date with the latest developments in the field.

Skill Development: Many security conferences offer hands-on workshops and training sessions that allow attendees to enhance their technical skills. These workshops cover a wide range of topics, from penetration testing and ethical hacking to incident response and cryptography. Participating in these activities can help infosec professionals improve their practical skills and knowledge.

Exposure to Diverse Perspectives: Information security is a multidisciplinary field, and conferences often attract speakers and attendees from various industries, backgrounds, and regions. This diversity of perspectives can provide valuable insights into different approaches to security challenges and broaden one's understanding of the field.

Vendor and Product Insights: Conferences often feature a vendor or exhibitor area where companies showcase their security products and services. This can be an opportunity to learn about the latest security solutions, tools, and technologies available in the market. It also provides a chance to interact directly with vendors and gain insights into their offerings.

Career Advancement: Attending security conferences can enhance an infosec professional's reputation within the community. Speaking and volunteering are great ways to contribute back to the community. This enhanced visibility can lead to career advancement opportunities, including job offers, consulting engagements, and speaking invitations.

Personal Growth: Engaging with other professionals in person and learning about their experiences can contribute to personal growth and development. Conferences provide a chance to gain insights into different career paths, leadership strategies, and approaches to problem-solving.

Building a Community: Attending security conferences helps infosec professionals feel connected to a larger community of individuals who share their passion for cybersecurity. This sense of belonging can provide emotional support, encouragement, and a platform for sharing experiences.

Resume item: Conferences are a great bullet point to add to a resume. This shows engagement and initative in the field to prospective employers.

Overall, security conferences offer a holistic experience that combines education, networking, skill development, and inspiration, making them valuable for information security professionals looking to advance their careers and stay at the forefront of their field.

Podcasts about conferences

What I Learned at DerbyCon

How to prepare for a conference

Preparing for a security conference can help you make the most of your experience and ensure that you gain valuable insights, connections, and skills. Here's a step-by-step guide on how to prepare:

  1. Set Clear Goals: Define your objectives for attending the conference. Are you looking to learn about specific topics, network with professionals, discover new tools? Having clear goals will help you plan your time and activities effectively.

  2. Research the Conference: Familiarize yourself with the conference schedule, agenda, speakers, workshops, and sessions. Identify the sessions that align with your goals and interests. Many conferences provide mobile apps or websites that allow you to create a personalized schedule.

  3. Register Early: Secure your spot by registering for the conference well in advance. Some conferences offer early-bird discounts, so keep an eye on registration deadlines.

  4. Book Accommodation and Travel: If the conference is not in your city, make travel arrangements including flights, accommodations, and transportation. Book early to get the best rates and availability.

  5. Plan Your Schedule: Review the conference schedule and select the sessions, workshops, and talks you want to attend. Make note of any overlapping sessions and prioritize based on your goals.

  6. Prepare Questions: Think of questions you want to ask during sessions or after presentations. Engaging with speakers can help you gain deeper insights and make connections.

  7. Pack Essentials: Pack your conference essentials, including:

    • Laptop/Tablet: For note-taking, code demos, live workshops, or to participate in Capture The Flag (CTF) competitions.

    • Chargers: Keep your devices powered throughout the day. Backup batteries are a great way to ensure you don’t run out of power on mobile devices.

    • Notebook and Pen: Studies show that writing notes on paper improves memory retention of the topic.

    • Comfortable Attire: Be aware of the conference you’re attending. Conferences like RSA and BlackHat are more “formal” business attire is usually worn with jeans. DEFCON and BSides is more of a hoodie type of conference. Always assume you’re being interviewed and how you dress will be judged based on the conference.

    • Snacks and Water: Conferences can be busy, so having some snacks and a water bottle can be useful.

  8. Download Apps: If the conference offers a mobile app, download it before the event. These apps often include schedules, maps, speaker information, and networking tools.

  9. Connect on Social Media: Follow the conference's official social media accounts and use event-specific hashtags to engage with other attendees before, during, and after the event.

  10. Practice Elevator Pitch: Prepare a short and engaging introduction about yourself, highlighting your skills, interests, and what you hope to gain from the conference.

  11. Bring a Backup Plan: Sometimes sessions get full or plans change. Have backup sessions or activities in mind in case your first choice doesn't work out.

  12. Network Strategically: Identify people you want to connect with based on the speaker list, attendees' profiles, or industry influencers. Reach out in advance if possible to schedule meetings or discussions.

  13. Stay Hydrated and Rested: Conferences can be physically and mentally demanding. Make sure to stay hydrated, get enough rest, and take breaks when needed. There is the “3-2-1” rule at many hacker leaning conferences: 3 hours of sleep; 2 meals; and 1 shower each day. Yes, some people have to be reminded of this.

  14. Follow Up: After the conference, follow up with new connections, share your experiences on social media, and reflect on what you learned.

By preparing in advance and having a clear plan, you can make the most of your time at the security conference and maximize the benefits you gain from attending.

How to Attend a Conference

Participate in HallwayCon

"HallwayCon" is a term used to describe the informal networking and discussions that take place outside the official sessions and presentations at conferences, especially in the technology and cybersecurity fields. It refers to the interactions, conversations, and impromptu meetings that occur in the hallways, common areas, and social events of a conference venue.

While the scheduled talks and workshops are the primary focus of any conference, many attendees find that some of the most valuable insights, connections, and knowledge sharing happen during these informal interactions. HallwayCon can involve:

  1. Networking: Meeting and chatting with fellow attendees, speakers, sponsors, and experts in a more relaxed environment.

  2. Knowledge Exchange: Engaging in spontaneous discussions about the latest industry trends, emerging technologies, and security challenges.

  3. Idea Generation: Brainstorming ideas, collaborating on potential projects, and discussing innovative solutions to problems.

  4. Problem-Solving: Seeking advice and solutions for specific technical or security-related challenges from peers.

  5. Deeper Conversations: Having more in-depth conversations with speakers and experts about their presentations or research.

  6. Career Opportunities: Exploring job opportunities, partnerships, and collaborations with other attendees and companies.

  7. Community Building: Building relationships and fostering a sense of community within the conference attendees.

The term "HallwayCon" highlights the notion that some of the most valuable learning and connections can occur in the informal spaces between the official sessions. It underscores the importance of active participation, networking, and engagement beyond the structured conference agenda.

Attending HallwayCon requires being open to engaging with others, striking up conversations, and being receptive to serendipitous opportunities for learning and collaboration. It's a reminder that conferences are not just about absorbing information from presentations but also about interacting with fellow professionals who share your interests and passions.

How to Network in Information Security - Part 1

How to Network in Information Security - Part 2

Conferences to attend

BSides - This is a community driven conference with over 200+ conferences world-wide. Their is tremendous value at these conferences at a very affordable price. I’ve been to conferences that charge hundreds of dollars that don’t stack up to some BSides events.

BSides Nashville

BSides Indy

BSides Huntsville

BSides Augusta

DEFCON - This is the hacker conference. Usually held in the first weeks of August in Las Vegas, Nevada, along with BlackHat and BSides Prime. This is a very technical conferences where the expected attire is a hoodie.

BlackHat - This is the business casual with a sports coat security conference that precedes BlackHat. Lots of CISOs and vendors.

RSA - Held in San Francisco, California, you’re only really going to this event if you’re a senior security executive or a vendor.

Wild West Hackin Fest - This is a great multi-day conference that is a bit more pricey but has more of a DEFCON feel in either South Dakota or Southern California.

misecCON - formerly Converge and BSides Detroit , this conferences is a revival of those conferences into a new one based out of Lansing, Michigan.

ShowMeCon - I can't say enough good things about Dave (@bagomojo). He and the organizers do a tremendous job taking care of the speakers and attendees. There was great content, activities, food, parties, and the venue was top notch. This is one of the most well run and classiest conferences I've had the opportunity to attendee. Check out episode 87 and 171 to learn more.

CircleCityCon - This is a great conference in the Indianapolis, Indiana, area.

Local - Check out the conferences held in your local or adjacent towns. ISSA and other local user groups will often put on one day conferences. I’ve helped fill out security tracks for multiple IT conferences in Columbia, South Carolina. While living in Nashville I discovered that the local ISSA chapter puts on one of the bigger ISSA conferences in the United States.

Contributing to conferences

Why Contributing to the Infosec Community is Important

Podcasting from conferences

The least popular podcasts I had were my conference recordings. They were long and random and didn’t really have a direction. I thought they were great. The people on the podcast thought they were great. Most people didn’t make it all the way through. Those that did found value in understanding how security professionals communicated. We’re all down to earth people and some people found comfort in that. The episodes below may be a bit dated and random but they provide valuable insights into how people inside and outside the industry think and communicate.

What’s Happening at DerbyCon 2018 - Part 1

What’s Happening at DerbyCon 2018 - Part 2

ShowMeCon 2018 Live

What’s Happening at Converge and Detroit BSides 2018?

What’s Happening at DerbyCon 2017?

What’s Happening at BSides Augusta 2017?

What Does Chris Maddalena, Kyle Andrus, And Daniel Ebbutt Think About Security at DEFCON 2017?

What Does Jayson E. Street, Dave Chronister, Johnny Xmas, April Wright, and Ben Brown Think About Security?

Presenting at Conferences

How to Handle CFP Rejection(s)

How to Submit to a Conference - Part 1

How to Submit to a Conference - Part 2

Created with the help of ChatGPT