London calling to the faraway towns
Now war is declared and battle come down
London calling to the underworld
Come out of the cupboard, you boys and girls
London calling, now don’t look to us
Phony Beatlemania has bitten the dust
London calling, see we ain’t got no swing
‘Cept for the reign of that truncheon thing
The ice age is coming, the sun’s zooming in
Meltdown expected, the wheat is growing thin
Engines stop running, but I have no fear
‘Cause London is drowning, and I live by the river
(London calling – The Clash)
London was calling European Infosec professionals last week, and they came in droves. Infosec 2014 proved a very successful event, at least in my eyes. A nice mix of new and established exhibitors, a great program and outstanding attendance contributed to what is arguably Europe’s most prominent information security event. Here are my takes from the event:
A Very British Event
This event was very British in spirit, and that was a good thing! Other than showing the Americans that they are not the only ones doing cyber security (albeit all the large U.S. vendors were represented), there was a more relaxed, courteous vibe than at U.S. events such as the RSA, and it seemed that everyone took it less seriously, with a good dose of British humor (perhaps the smiling faces were due to the fact that come four o’clock many exhibitors offered free beer). Registration and entry to the event was smooth and swift, and the exhibition hall, though large, was nothing like the two huge halls that hosted the hundreds of vendors at RSA, making orientation and navigation easy. The weather throughout most of the week was untypically warm and sunny, but the last day reminded us that we were in London with drizzling rain, bleak skies and cold – just how they like it there.
I was very impressed with the educational agenda of the event. In addition to being complementary (for both the exhibition and the conference) the organizers put together a very comprehensive and impressive program that catered to professionals and ordinary people alike. Two notable keynotes were “What’s New in Cybercrime?”- a panel hosted by Graham Cluley, and, and “Actionable Intelligence: Building a Holistic Security Threat Intelligence Capability,” hosted by Brian Honan.
The vendors seemed to play along with this theme and instead of hosting very sales-oriented sessions at their booths, they appeared to offer more educational content. I attended a talk at the Sophos booth by Chester Wisniewski that was both entertaining and educational (he uses his wife’s credit card to demonstrate how cyber crooks can steal credit card details using uncomplicated means).
I had the privilege of attending the European Bloggers meetup and awards ceremony, held at a pub not far from the conference venue. In addition to the great English pub experience (with complementary drinks), it was a chance to meet and talk with some of the industry’s top media stars. Unlike the Bloggers awards at RSA, Brian Krebs (not sure what the qualification criteria was as this was designated a European bloggers award) did not take all the awards, but he did win the Most Educational Blog . Read all about the winners at: http://blogs.infosec.co.uk/european-blogger-awards-2014-winners/
The event organizers allocated substantial space for new exhibitors, and allowed many vendors to showcase their products for the first time in the U.K. This was a nice contrast to the established players, who erected huge booths at the central area of the hall and offered lots of freebies, iPad raffles and candy. For me, it showed that the industry is both hungry for innovation and many entrepreneurs are stepping up with new solutions and services that are likely to be snatched up by the larger vendors very soon.
Industry not Stepping Up to the Challenge
The event was marred by one very unfortunate event – a massive Tube strike that took place on two of the three days of the event. This meant that instead of a leisurely ride to the station adjacent to the event site, visitors had to fight their way through Overground trains, buses and taxies in peak London traffic. Not a pleasant experience and I suspect that had better transportation been available, there would have been many more local, non-industry visitors. On a personal note, I find it kind of disappointing that none of the participating vendors – some of whom invested quite heavily in fancy booths (and booth babes) offered a remedy to this. I would love to have ridden the “Vendor-X” sponsored bus back to the city. It would have been a great opportunity to beat the traffic and mingle with like-minded professionals. Sadly no-one seemed to stand up to the challenge, which is symbolic to our industry. When the rain comes down (as it does in London) almost everyone ducks for cover, and very few stand up and try to fight it (you would have imagined that after the Target breach security vendors would offer complimentary security checkups to firms and individuals, to show that the industry is capable of providing decent security to its customers.) Sadly no one did.
Overall – a terrific event. I will definitely mark my calendar for next year’s event.