Specializing and Generalizing in the World of InfoSec

As with most professions these days, information security specialists need to continually strike a balance between focusing on the issues most relevant to their jobs—while keeping at least an eye on what’s going on everywhere else. One of the more efficient ways to do this is to attend conferences, which help you learn a lot about a lot of things—in a short amount of time.

My favorite such events are the Security BSides events, DefCon, and Black Hat. Each conference has its own unique attitude, focus and cost. Some attendees come straight from corporate; others from the steam punk or maybe just punk scene. But no matter where their attendees come from or what their focus is, these events allow you to immerse yourself for a day or two in everything from Penetration Testing and Forensics to 802.1X, POS, and Lockpick Village.

BSidesLV logo

BSidesLV is an Information/Security conference that takes place every year in… you guessed it… Las Vegas. BSides events take place all over the U.S. and the world (London, Warsaw, Singapore, and Canada just to name a few). Its organizers typically plan the shows to at least overlap with some of the bigger shows (including DefCon, Black Hat, and RSA).

While the bigger shows may cost thousands of dollars to attend, entry to BSides is free or a nominal charge. The presentations tend to be very technical, and are often attended less by corporate security department staff and more by people who are just really interested in security technology.

There is a bit of mystery around BSides events. They’re not usually well publicized, but they are always well attended. It helps to know someone who is a dedicated BSides attendee and knows all the ins and outs of getting into the best briefings.

In general, BSides events last two days, are attended by a lot of quirky people who like to dig into a wide range of quirky InfoSec issues—and who like to have crazy parties afterwards. BSides events also include lots of vendors and vendor booths.

DefCon ConferenceDefCon
Billing itself as the world’s longest running and largest underground hacking conference, DefCon might also be tagged: Disneyland of InfoSec conferences.” In addition to the chinos and button down shirts, you’ve also got your mohawks and beards; your blue hair and tattoos. Like BSides and Black Hat, DefCon is also serious business. It’s not uncommon for a well-received presentation first done at BSides to be picked up again at DefCon or Black Hat.

DefCon Lockpick VillageIn addition to sessions about everything from digital civil liberties, microcontrollers, and how to build robots for world dominion, DefCon also features its famous “Capture the Flag” hacking events. Like BSides, DefCon hosts “Lockpick Village,” where attendees can learn how to pick real metal locks of all shapes and sizes. And it hosts “Wireless Village,” where attendees can learn to hack wireless networks. Fun!

Where BSides is free or close to it, DefCon usually costs about $200-$250 (and knowing perhaps better than any other event organizers the pitfalls of plastic, they take only cash). Again, vendors are welcome. In fact, DefCon is famous for vendors who will sell just about any kind of gear—new or old. (If you’re looking for an old Cisco device to complete your router collection, this might be the place to check.)

Black Hat ConferenceBlack Hat
Black Hat (which might also be called “Black Tie” in terms of entry fee) is the most exclusive of the three events. Supported by large corporate sponsors, Black Hat can cost in the neighborhood of $2000+ for a two-day event. Attendees tend to be corporate security directors, CSOs, and higher.

But you’re not paying just for glitz (though there is plenty of that). Black Hat presentations are always compelling and often news-breaking. This year, presenters Karsten Nohl and Jakob Lell introduced a new form of malware that operates from controller chips inside USB devices (BadUSB: On Accessories that Turn Evil). Like many presentations at all of these events, Nohl and Lell explained the nature of the problem, showed how it works, then demonstrated how to solve it.

In upcoming blogs, I’d like to offer a more in-depth look at BSidesLV and Black Hat briefings I attended this August in Las Vegas.

In particular, I’d like to talk about the BSidesLV opening presentation “Beyond Good and Evil: Toward Effective Security” by Adam Shostack, and the Black Hat keynote, “Cybersecurity as Realpolitik” by Dan Geer.

Geer offers some very useful insight into the concept of trying to be a generalist in the change-at-the-speed-of-light world of InfoSec. Shostack amplifies and elaborates on a desperately needed change in the world of online security—something I too discussed last May on the Internet World blog (Let’s Take a Page from the Bad Actors’ Own Book on Network Security).