|
||
| DojoCon: Birth of a Conference |
| Blog |
Marcus Ranum of Tenable Network Security opens Dojocon with a discussion on The State of Information Security Matt Watchinski urges the community to avoid "silos", a phenomenon wherein managers cloister and stifle their security teams (sound familiar?) Busting shit open experts, Toool.us, gave an awesome presentation on lock picking. Turns out your house is insecure. Also probably your server room. This man is the president and CEO of White Wolf Security. He hacks charities. He says you should, too. 
Washington DC's own personal two-day miracle, Dojocon, kicks off today in a sugary puff of Dunkin Doughnuts and with a mildly dour keynote delivered by Marcus Ranum of Tenable Network Security. Elaborating on the theme of the conference, The State of Information Security, Ranum focused on predictions of corporate and software product consolidation, and painted a future dominated by lawyers in which IT security amounted to little more than a "click here to harden your system" router setting. Citing cases like ISS and IBM, Betrusted and Verizon, RSA and EMC2, he delved into corporate consolidation, especially in the context of small- to medium-sized security companies with "nowhere to go but up." Why so? Because Ranum points to open source security software as having cornered the market for small businesses with little additional capital to spend on security solutions, thus, he says, driving mid-sized pay-to-play companies in search of a buyout by a larger corporation, or trying to lock down their hold on their current customer base. It's hard not to exult a little hearing that, but I hesitate to do the FOSS macarena at the expense of security guys trying to make a buck on their skills. And so I wonder: is this a ramification of open source proliferation that we've been ignoring? Or maybe the scene has already gone over this and dismissed it, and I just missed the memo. Understanding that free-as-in-beer isn't the same as free-as-in-code, open source solutions tend to be cheaper than their proprietary counterparts. Aaanyway, I digress. The baby's second breath was brought to you by Matt Watchinski, Senior Director at Sourcefire VRT, who insisted - and I tend to agree - that "Technology Won't Save You, People Will", with a great talk on how to keep your team connected, your hackers happy, and your data protected. And a pre-lunch appetizer? Lock-picking. Yes please! So far we're seeing around 70-100 attendees, some feds, some managers - an audience tending towards experienced, mid-career professionals working in large-scale organizations. We're hoping to see something similar early next year with QuahogCon, another first-year security gathering scheduled for April 2010 in Providence, Rhode Island, though the QuahongCon crowd looks like it'll be mostly people from the other end of the monochrome hat spectrum. Stay tuned for more updates from DojoCon. |
If you've ever spent more than 10 minutes on the Discovery Channel, you'll know that the, um, "miracle of birth" is less miracle and more placenta. Watching an information security conference take its first squalling breath is another, way less gross, story - one that any event organizer can tell you is preternatural in its own right.