Tips to Get the Most Out of the Show

I won't be going to Black Hat/Defcon in Las Vegas this year because of a scheduling conflict, but I have been to several of them over the years. Since my mission at these events has been to find the big news stories and write them fast, I know how hard it can be to cut through all the noise and zero in on what's most important.

And so, to prove I'll be there in spirit [CSO bloggers Robert McMillan, Steve Fox and Ivan Arce will be there to write about various points of interest], here's a guide to navigate the proceedings. Hopefully, it'll help attendees get the most bang out of the conference so they can leave Vegas with some knowledge that'll help them improve IT security back home.

1. Resist the dramaOne of the most disappointing things about Black Hat -- for me, anyway -- is that people tend to get caught up in one big dramatic event that ends up overshadowing the rest of the schedule. As a result, the tech media in particular can spend so much time one noisy item that they miss some sessions that would be more valuable to their readers in the long run.

Exhibit A: In 2005, a lot of presentations were overshadowed by a big stink Cisco made over researcher Michael Lynn's plans to unveil a vulnerability in Cisco's routers that, if exploited, could have theoretically done serious harm to the Internet. That one controversy was practically all the tech media would focus on, and, nearly four years later, the digital underground has yet to bring down the Internet with that particular flaw.

Exhibit B: At the 2007 Defcon event, which typically takes place in a different Vegas venue after Black Hat, all else was overshadowed by the public outing of a Dateline NBC reporter who was undercover at the hacker gathering with a hidden video-camera to see if she could out an undercover federal agent at Defcon and make a story out of the perceived sinister deeds that transpire there.

That's not to say some of these items weren't worth some attention. The biggest noise last year surrounded a Domain Name System (DNS) flaw researcher Dan Kaminsky presented on. The flaw, one of the genuine big ones that galvanized a variety of vendors to collectively release software updates to fix the problem, was worth the hype because it affected one of the Internet's underlying protocols.

The key is to remember that at an event like this, the herd mentality is alive and well. Watch the stampeded from a comfortable distance, then be sure to check out some of the other sessions.

2. Drink with purposeYou're probably going to consume a lot of alcohol while you're there. You are in Vegas, after all. But that's okay. There's value to be found at the bar.

Networking is just as important as the sessions at this event. Each night of the conference bars up and down the strip will be teeming with Black Hat/Defcon attendees. They are smart and are fighting many of the same battles you're fighting back home. Share some war stories over a beer or two and chances are good you'll come up with ideas to solve some pressing problems. If that doesn't happen, you'll at least find comfort in knowing there are others besides you who struggle back home with clueless users, short-sighted executives and badly configured networks.

Of course, if you drink too much you'll likely forget any conversations you had, and that wouldn't be very productive, would it? At the 2006 event one industry friend of mine lost an entire day in his hotel room recovering from a night of drinking and poker. I made fun of him for some time after that. If you're collapsed in your room most of the time, is that money well spent?

3. Seek out the side eventsIn recent years, attendees have put together some excellent side events that make for some excellent networking opportunities.

This year two come to mind: Security B-Sides and Neighborcon.

Security B-Sides is an ad-hoc gathering of information security practitioners who want to share and learn in an open environment. There are discussions, demos, food and drink. According to the B-Sides Community Wiki, the proceedings were "born out of number of rejections to the CFP for Black Hat USA 2009. A number of quality speakers were rejected, not due to lack of quality but lack of space and time. Any constrained system must operate within the bounds to which it has defined itself. Conferences constrain themselves to the eight hours a day for however many days they run. Our goal is to provide people with options by removing those barriers and providing more options of speakers, topics, and events."

Neighborcon is similar in nature and speakers will include Sandy "Mouse" Clark, Joshua "Belt Buckle" Gourneau, and Dan Kaminsky's "Outie" Belly-button, and Josh "Buttery Nipple" Marlow. Games will include the SCADA Conference Drinking Game, Mystery Black Hat Theater 3000 and a few other "neighborly" activities.

Another event that's sure to prove valuable for networking (and sobering up!) is the Securosis/Threatpost Disaster Recovery Breakfast Thursday from 8-11 a.m. at Café Lago. Securosis frontman Rich Mogull held a similar event during RSA and it was a big success.

Hope some of this helps guide you through the Black Hat/Defcon maze. Be safe, be well and enjoy!

Bill Brenner is senior editor of CSOonline and CSO Magazine. E-mail him at any time.

This story, "Tips to Get the Most Out of the Show" was originally published by CSO.

Copyright © 2009 IDG Communications, Inc.

Shop Tech Products at Amazon