It was my first time in Chicago, which I must say did not live up to its reputation of being windy at all – in fact the weather was quite pleasant. But I wasn’t in town to see the sites or enjoy the mild weather; I was here for the (ISC)2 Congress conference.
I do quite enjoy Congress – like any conference; particularly one in its 3rd year it has its pros and cons. But for the most part the talks were good, the people were decent and there was a total absence of drunk or hung-over kids looking to pwn your devices as is standard at most hacker-con type conferences.
You know how if a movie has a great opening sequence, it gets you on a high and you anticipate what happens throughout the rest of the movie. Well, I started off Congress by attending Chris Nickerson’s talk on Red Team testing and identifying risks of physical and IT security convergence. Not only is does Chris have some excellent viewpoints – but he’s not afraid to call a spade a spade.
After that I had to get my game face on as I was on a panel along side Eric Jacobs, Spencer Wilcox, James McQuiggan, Dan Waddell, Forrest Foster and was pulled together and moderated by Tony Vargas – It seemed to go well and we even made it into a Dark Reading article.
I made it to two great talks delivered by Spencer Wilcox, one on mobile device privacy and geolocation and another on the gamification of security. I particularly like the gamification talk which went into many different concepts and aspects of what makes a game appealing, why people play and how some of those techniques can be used in security both at a technical and human level.
Tim Wilson facilitated an interesting discussion with Julie Peeler and Rohyt Belani on end user awareness and changing behaviors.
Eve Adams gave a cool talk that gave practical tips on how one can improve their resume and further career in infosec. She even meme’d me with a slide – I’m still trying to work out if this was a good or bad thing.
Whilst at conferences, the best way to usually communicate with others is via some form of social media. I find twitter direct messaging works pretty well for this and I’m used to seeing someone message me asking where I am, discussing which talks are worth attending or what lunch plans are. So I was quite surprised when I received this message from Andrew Hay.
This message worried me as I’m only around 5’6 (in heels) and Andrew is something like 6’5 and a former rugby player. So I responded in the only way I could – honestly.
As I sent the message, I kind of got the feeling that my profile picture probably didn’t come across too well and I was apprehensive about the response I would get… so you can imagine my surprise when I saw this.
I politely excused myself and avoided contact for the rest of the conference.
The Rick Roll
Often when I go to conferences I end up making a video of my adventures. I was short on ideas and time at Congress – so ended up rick rolling the attendees by getting them to sing the chorus one word at a time. Guess you should never trust a guy with a camera asking you to say one word to “test out his mic”