Image

"It’s a natural evolution of hacker groups from the ‘70’s and ‘80’s where a group of like-minded individuals meet up and share knowledge without vendor pitches, egos, or strict rules," said Martin-Vegue.That is not to say that vendors and corporate forces are absent from BSides events. But they do take on a different role, as Richard De Vere, principal consultant for AntiSocial Engineer Ltd, rightly points out. "Whilst the need for funding is unavoidable, the corporates hang back at this grassroots event. It seems to be a place of simply geeks being geeks." When people with a passion for security come together and are allowed to be themselves, they can do some amazing things. BSides understands this reality and translates it in such a way that benefits the larger security community, such as by encouraging more experienced infosec experts to mentor younger professionals who are just starting out in the field or who are seeking to find their voice as conference presenters. Cheryl Biswas, InfoSec I.T. Coordinator and Senior Writer at JIG Technologies, remembers her time as a mentee at a BSides event with fondness. "My first experience with BSidesLV was truly rewarding, both as a speaker in their Proving Grounds track and as a volunteer," recalls Biswas. "Proving Grounds mentors inexperienced or first-time speakers with someone seasoned who knows the ropes. My mentor was fun to work with, supportive, and steered me clear of pitfalls as we worked on my presentation. When I stepped up to the podium, I was more excited than nervous to give the talk I had always wanted to deliver. I watched other new speakers deliver their talks with confidence and skill, setting them on course to go on and do more in the field." Additionally, as each BSides event is smaller and cheaper to organize than an iteration of Black Hat or DEF CON, conferences under the BSides umbrella can be held all over the world at numerous times throughout the year, thereby exposing more and more people to the world of security networking. "BSides has meant an entry into the world of security conferences for many people and places," explains Martijn Grooten, editor of Virus Bulletin. "As a concept, it has provided opportunity to speak on the side of big conferences for many people who might not have felt ready for 'the big thing.' The concept has also made it easy for people to organise security conferences in places that hadn’t yet been served by the global circus of conferences." Such exposure naturally translates into security professionals finding new ways and new opportunities to engage the community to which they belong. Benjamin Watson, mobile application security practice lead at GuidePoint Security, couldn't agree more with this statement. "Obviously the BSides events across the world may not boast the same attendance numbers such as DEF CON or Black Hat, but they have a homegrown appeal and provide a level of hacker intimacy where those noob to leet can come to learn and grow without the glitz and glamour," explains Watson. "I think BSides is a great introduction into the different facets and people of the information security community." With access to further reaches of the security community, new ideas and research are never far behind. "The folks who attend these conferences tend to be geared towards learning something new," reflects Irfahn Khimji, senior information security engineer at Tripwire. "As a result, they always ask great questions." J Wolfgang Goerlich, strategist with CBI and an organizer of BSides Detroit, shares Irfahn's thoughts on BSides' learning potential: "The movement has become a staple of the security industry. It has made it easier than ever for the local communities to come together, share and commiserate, and learn what is working and what is coming next. BSides also provides a platform for new speakers and new content, filling a vital role in developing talent." Mentorships, new people, and new ideas--that is just some of what BSides has to offer. In summarizing her thoughts on the field of information security, Cheryl Biswas offers the following: "Security grows when those within the community probe and question beyond the obvious, pushing us toward the next 'big' thing, so that when it happens, we were already looking for it." As security professionals, it is important for us to stay on top of hot issues in the field, such as car hacking and zero-day vulnerabilities. However, as people with a passion for security, we must go beyond these constraints and dream of the world tomorrow that will need our protection. Fortunately, BSides offers us this innovative space where we as a security community can learn, exchange, and grow. Together. Title image courtesy of ShutterStock