It was a nice spring evening in Edinburgh and I was casually exploring the Twitterverse looking for some inspiring computer security accounts (yes, that’s how I pursue my interests), when I stumbled upon something that immediately felt too good to be true. A computer security conference (good). A computer security conference in my hometown, where I’m planning to spend the summer (good). A computer security conference which has a general knowledge track for people who are just getting into the field. And finally, a conference that’s looking for “angels” who will help with all things organisation and tidying up afterwards in exchange for free entry (so so so good!).
And they reduced ticket prices for women by 50% for Women’s Day. Seriously, I freaking loved CONFidence at that point already.
As “angels” (volunteer helpers), we were encouraged to make the most of attending the conference. The tasks we were given, for example handling microphones during Q&A sessions or reminding people of talks that would start shortly, only enhanced the conference experience and meeting people. We had a very cool and varied group of angels, coming from a range of different backgrounds, which is always a refreshing experience.
Talks-wise, unsurprisingly the one that made the biggest impression on me was the “State of the Net” by Mikko Hypponen. The talk was beginner-friendly and a great starting point to start exploring cyber security on an introductory level.
First thing after the conference, I found and watched all Mikko’s TED talks:
- “Fighting viruses, defending the net” – a comprehensive overview about various aspects of malware: the infrastructure, a bit of history, etc.
- “Three types of online attack” – “Do we blindly trust any future government? Because any right we give away, we give away for good.”
- “How the NSA betrayed the world’s trust – time to act” – a very interesting perspective on how the dominance of American web services poses a serious privacy threat.
Mikko also published a whitepaper on The Dukes, who are “a well-resourced, highly dedicated and organized cyberespionage group”. The paper provides an overview of their activities as well as accessibly described technical details of the tools created by them. It’s definitely worth reading, or at least skimming through, even if not everything in the paper is understandable. You can find it here: “The Dukes. 7 years of Russian cyberespionage”
“Niebezpieczni prawnicy” (English: “Dangerous lawyers”), given by Piotr Konieczny (you can hear him introduce himself and his company here), funnily portrayed where security specialists meet the lawyers. If I ever see the talk somewhere online, I will definitely link it here as it’s both informative and entertaining, and provides a good insight in what a security expert job encompasses, especially for such newbies as myself. What’s also worth mentioning, Piotr is the founder of Niebezpiecznik.pl, a must-read blog about cyber security for all Polish speakers.
EDIT: Actually, the slides of all talks from this conference were uploaded online. You can find them here.
All in all, I really enjoyed CONFidence and hope that I’ll be able to attend next year as well. It was a great experience to find such a community back home and I hope to stay part of it, even remotely from Scotland 😉
Wanna learn more about CONFidence? Go on their website or check out their Twitter and Facebook profiles.
Kinga Kieczkowska // #tech #dfir #infosec 
One thought on “CONFidence 2016”