I had the honor and privilege of speaking at the Cyber InfoSec Conference in Helena, MT, last week. Overall, I had a great time. My own talks went very well, and I was somewhat surprised by the high caliber of speakers at what is, honestly, a small regional event (by design). This event is run by Brad "the Nurse" Smith, a fixture on the national speaking circuit, including being one of only a very few paid employees of the Black Hat conference in Vegas. He's been around for ages, knows a ton about the industry, and more importantly knows how to put on a high quality show at a reasonable price (which is perfect for the region).
For my part, I flew up on Monday (9/14) just in time to catch the opening presentation by Dr Dennis Moreau, which was very, very good. It demonstrated that things I've been talking about for nearly a decade are now mainstream, which I found very reinforcing. Plus, he actually made it look and sound good! :) After his keynote, I then spoke on a panel titled "Threat Outlook" with Dr Moreau and Michael Unquera from Parsec in Billings (a startup colo/hosting/MSP provider). We were each given an opportunity to briefly speculate about where we thought things were going to go in the next year. My prediction was that 2010 will be the beginning of the age of infosec lawyers. We're already starting to see lawyers getting more involved in the industry, and the notion of legal defensibility seemed to strongly resound with the audience.
Day 1 ended with the Cyber Combat Exercise, which was done very well. Brad setup 2 rooms next to each other: 1 for competition, 1 for observing the attacks via various sniffing and investigation tools. It was again very well done.
Day 2 started early with my first presentation of the conference. Brad had asked my to talk about, while stressing his rule of "no bullets". So, I used 3 slides, the first of which outlined the talk and used check marks (haha). It was all good, though. You can find my talk here: "It's About Time" - A talk on the importance of time synchronization and the pitfalls of NTP.
I spent the rest of Day 2 sitting in on other presentations. The two that stick it in my mind were from Kevin Winegardner from the State of MT, and Michael Unquera from Parsec. Kevin spoke about his (successful) use of the NIST Risk Management Framework to promote a risk-oriented, requirements-based agenda within the State. Michael spoke about the inside threat and how it has evolved and is not going away anytime soon. Both of these talks were very good.
The last two days were for-pay training in the style of Black Hat. My two talks were:
* "Total Enterprise Assurance" - A full-day training session based on the upcoming release of version 2 of the TEAM Model, blends Survivability with Assurance Management. It provides a roadmap for flexibly structuring the assurance management program while achieving the goals of defensibility and recoverability. See additional references here.
* "Practical Key Management" - A half-day session on managing cryptographic key materials, including a look at different vendors and use models available today.
Again, overall, the event was awesome. If you're ever looking for an opportunity to get some speaking experience in, perhaps to test new material, but outside the mainstream events with a perhaps gentler audience, then this is a highly recommended venue. Going forward, Brad is discussing ways to reinvent the conference in order to make it even more affordable (for example, we discussed moving the "briefings" to a B-Sides format and then letting people only pay for the additional bits they want, such as the Cyber Combat Exercise and related trainings). It will be very interesting to see how this conference reinvents itself in the future. Whatever they end up doing, it will inevitably be representative of future trends in the mainstream conferences, too.