Breakthroughs at INsecurity 2017!

INsecurity did it right!  Over the years I have gone to countless cyber conferences around the globe.  In addition to the number and size of security conferences growing year over year, I personally feel the noise of vendors, sales meetings and never-ending problem-solving pitches has increased with no end in sight.  Along with this seemingly 'baseline,' I have seen the quality of interaction among attendees and speakers or experts notably decrease.  

After a long while, I believe INsecurity 2017 is a welcome breakthrough in the well-known monotony of registration followed by countless one-way speaking sessions.  Starting with a compelling list of topics and speakers, the agenda spoke to current-day challenges of security, risk and privacy practitioners.  The format was well organized to maximize actual dialog, authentic thought perspectives from industry practitioners and still provide innovative vendors with an opportunity to share their solutions to a complex and breach-ridden landscape from the expo floor. 

Unique from other events, INsecurity achieved an intimate environment in which top security decision makers could comfortably discuss, share and exchange approaches on their cybersecurity challenges.  The Hot Topic sessions in particular encouraged dialog among all attendees versus just a chosen few across a 'roundtable'.  From CISOs that oversee F200 cyber strategies to highly skilled SOC Directors, to legal perspectives the diverse exchange of ideas resulted in highly engaging discussions and interactivity among the participants, which were moderated by domain experts.  There were also presentation sessions with extensive opportunities to engage with the speaker.  The open and flexible flow to lunch coinciding with a few theater sessions also enabled attendees to get the best of networking and information discovery in parallel. 

A few breakthrough moments for me included:

  • Learning the importance of changing default passwords from Keynote speaker Greg Touhill (@Cyxtera) through his reference to minute 52 of the 'Wrath of Khan'!
  • Hacking is a form of 'breaking through'; creative ways to defeat or defend boundaries as discussed with Matthew Wolf (@Skybox Security).  It starts with curiosity and tinkering on what you can do as I chatted with John Sawyer (@InGuardians).
  • Mock incident response exercises are eye-opening to help discover of controls and management gaps and therefore critical to your cyber strategy, courtesy of stellar session lead by Dmitri Alperovitch (@Crowdstrike)
  • More women are becoming practitioners and are being encouraged to participate in the cyber domain as evidenced by Dark Reading's warm welcome of  WIT's Cybersecurity and Technology Special Interest Group.  In addition to their attendance, the WIT Cybersecurity team co-sponsored a social networking session with Women Society of Cyberjutsu (WSC @WomenCyberjutsu) last Friday in Tyson's Corner which I attended.  I was impressed with a breakthrough number of women that showed up at the conference and this networking session from commercial and government agencies. Both non-profits work closely with industry professionals to grow technical competencies through hands-on workshops and administrative competencies of women through certification partnerships and security leadership programs.  

So kudos to the Dark Reading team for understanding the importance of relationship-building as a core element to cybersecurity and providing a conference that actually delivers on this.  I'm looking forward to 2018!

Jyoti (Jodi) Wadhwa
CISSP, HCISPP, MBA