An Open Recipe For A Better Security Conference - BSides
An open model powers a new way for security geeks to conference
By Alan Shimel on Tue, 07/27/10 - 12:55pm.
Today I want to tell you about a different kind of open source security conference. No, the conference is not about open source security (though there may be some of that), it is an open source modeled event on security. I am talking about the BSides series of security conferences. They have taken the Bar Camp approach towards creating a new kind of gathering. Lots of people are taking notice and it is really picking up steam.
I first became aware of the Security BSides conference with the initial event held last year about this time in Las Vegas. The event grew out of the frustration that some security researchers felt at not being chosen to present at the annual Black Hat conference. So rather than let great content go unpublished, a few folks organized a conference at a large house off of the strip. They provided shuttle service to and from and a great line up of presentations and sessions. I actually attended a session or two myself.
The event had an edgy, pushing the envelope kind of feel, but what I really liked about it was the openness. Everything was open. The entire event was organized via wiki. Anyone could log on and participate. Volunteers bought AV equipment, cooked food and served refreshments. There was lot of open space for discussion as well.
That initial BSides event was followed by other BSides events in San Fransisco around the RSA conference (I stopped by this one too), Austin, around SWSX and Boston around the Source Boston conference. By piggybacking on existing security conferences, a critical mass of potential attendees, presenters and volunteers were already in place.
Now BSides has expanded with a recent event in Denver and BSides planned for Atlanta, KC, Ottawa and DFW. These events will have sponsors and are not piggybacking off of other conferences.
The experience, knowledge and wisdom gained at each event is shared with everyone, so that the next event can use and improve on the formula. It is open source in action! Also because all details are out on the Wiki and mailing list, anyone who desires can know as much as anyone else about the event. Again the open model at work.
BSides seems to have struck a chord as well. The line up for this years event in Las Vegas (going on now) is quite prestigious. One of the volunteers and drivers of the BSides events, Jack Daniel (not that Jack Daniels) of Astaro (an open source based UTM), has a blog post with some of the sessions scheduled.
Though the security industry can be somewhat unique, I don't think the success of the BSides conferences will remain solely in security. This type of open source conference format is appealing to many technology types.
What about you? Would you like to see more open conferences that don't have exhibitors and booth babes? Where conversation and learning actually takes place? Maybe BSides is the place for you. The great thing is because it is open, there is nothing stopping you from getting involved.
- About Open Source Fact and Fiction
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.
Most Discussed Posts
- Blog Roll
-
Network World, Inc
The Connected Enterprise