For the past year or so, I’ve been thinking about the information security research space. Certainly, with the mega-proliferation of security conferences, research is Getting Done. But is it the right kind of research? And is it of the right quality?
This has recently become a hot topic, since .mudge tweeted on June 29:
Goodbye Google ATAP, it was a blast.
The White House asked if I would kindly create a #CyberUL, so here goes!
One week from today I’ll be presenting a talk at Black Hat. Black Hat! Wow. I’m still a little amazed at this turn of events, but am trying not to dwell on it for fear of slipping into a blind panic. :)
But I think I’m ready. I submitted a nice long white paper a couple of weeks ago, and sent in my presentation yesterday. I’m comfortable with the material. I (think) I’ll be able to intelligently field questions.
I don’t go to a lot of information security cons. I’ve been to all the ShmooCons (they’re local, after all), and to DEFCON 3 times (plus a couple of BlackHats back when the company was paying for the trip). So, really, like 2 a year. That was pretty much my world – and I knew there were a couple others, but didn’t really pay much attention.
Improving the echo chamber, with a focus on conference support and research.