Operations

5/26/2016
11:00 AM
Joshua Goldfarb
Joshua Goldfarb
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

A Wish List For The Security Conference Stage

All the world may be a stage, but in the theater of cybersecurity, we need a more relevant dialogue of fresh ideas, novel approaches, and new ways of thinking.

William Shakespeare’s play “As You Like It” contains one of most oft-quoted phrases in the English language. One of the monologues in the play begins with the words “All the world’s a stage.” I’ve always found this phrase to be quite interesting and captivating. But what does this have to do with information security? 

There is quite a bit of buzz around information security (sometimes referred to as cybersecurity) these days. Where there is buzz, there is often hype. And where there is hype it seems, there are a nearly innumerable amount of conferences. In fact, I was once in a meeting where someone remarked: “We could attend a security conference every week if we wanted to.” That was in 2007. In 2016, I think one could probably attend five security conferences each week and still not cover them all.

Sometimes it seems that people organize conferences for the sole purpose of creating another stage upon which a select group of individuals can present. This can be frustrating, or perhaps a bit aggravating for people on the outside for a number of reasons. I’d like to discuss this concept in additional detail, but before I do so, I think it’s important to remember the famous Groucho Marx quote: “I wouldn’t want to belong to a club that would have me as a member.”

Once thing I’ve noticed over the course of my career is that many of us watch presentations, rather than listen to them. If we actually listen to a presentation, we can dig a bit deeper than what we see on the surface. When we do this, we find that many of the presentations out there are full of hot air. In other words, the delivery is good, the slides are attractive, the buzzwords are there, but no actionable information that a viewer of the presentation can take back and implement operationally.

The tragedy in what has become of some security conferences (though not all, of course) is that those on the inside are most often offered the stage, irrespective of what they may or may not bring to that very stage. Fresh ideas, novel approaches, and new ways of thinking don’t always get to see the light of day. Unfortunately, this impedes our progress as a security community.

What I wish some speakers would realize is that access to the stage comes with a tremendous amount of responsibility. Or, at least it should. How often do we hear about security celebrities, thought leaders, and rock stars who will be appearing at a given conference or in a given forum? But what happens when those on the stage:

  • May not have written anything new in 5, 10, 15, or perhaps even 20 years?
  • Harp on the news items and buzzwords of the day rather than provoking deep intellectual thought and debate?
  • Intentionally, or unintentionally, distract the community from the long-term, strategic issues we need to remain focused on in favor of issues that suit their agenda?
  • Seek a sound byte or news clip at the expense of the greater good of the community?
  • Pursue self-promotion and populism at the expense of outreach, education, communication, and real change?

As someone who travels quite a bit and is fortunate enough to meet with so many security professionals on a continual basis, I have many opportunities to discuss the issues of the day. I have noticed many common patterns and themes during the course of my discussions, but one subject in particular stands out. The amount of bad information, misinformation, biased information, hype, FUD, etc., that exists is overwhelming.

The message I hear day after day is that it is hard to sift through the noise, difficult to navigate the hype, and nearly impossible to reconcile the misinformation. Bear in mind that this is coming from security professionals. Imagine what this landscape looks like to business leaders who are likely not security professionals, but nonetheless have security as a top priority.

Dare I say that the point of climbing on stage is to add to the collective knowledge of the security community? In other words, if there is no new thinking, actionable knowledge, or operationalizable information in a talk, was it really a good use of the stage?

Security professionals, and particularly security leaders, want to and need to focus on vision, strategy, risk mitigation, security operations, incident response, staffing, and any of the many other challenges they face. When rock stars use their platforms to harp on populist issues or bring attention to themselves or their agendas, it comes at the expense of all of these challenges by distracting people from what’s truly important. In my view, this does not help advance the state of security. In fact, it impedes it, sadly.

If someone finds that he or she has attained access to a stage, that access should bring with it a tremendous amount of humility and responsibility. That responsibility should be to the very security community that put that person on that stage. And as members of the security community, we should demand better from our speakers.

Anyone can create another stage upon which to present. Bringing value to the security dialogue and adding to the collective discussion is something else entirely. All the world may indeed be a stage, but that doesn’t mean I shouldn’t yearn for more than that.

Related Content:

 

 

Josh (Twitter: @ananalytical) is an experienced information security leader with broad experience building and running Security Operations Centers (SOCs). Josh is currently co-founder and chief product officer at IDRRA and also serves as security advisor to ExtraHop. Prior to ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.