.:Computer Defense:.

I guess it's time for that post SecTOR write-up. Time to share every little thing I can remember... which, luckily for you, isn't much. I'm going to divide this up in sections to make it easier to organize my thoughts (or for you to skip parts).

Canadian Information Security Awards

Kudos to the organizers for attempting this, but it was a bust. I don't think it should be abandoned though. I just think we need improvements for next year. So few products are limited to one country for contribution that I wonder if a lot of people didn't vote because they didn't know what counted. I'd like to suggest new categories for next year:

• Best Canadian Security Blog
• Most Innovative Canadian Security Research
• Canadian Information Security Professional of the Year

Those are things I'd be interested in voting on and I think the prize of a netbook is much better suited as an individual award.

Speakers

Once again SecTOR had top notch speakers, some returning and some new. I have to admit though, that I didn't see nearly as many talks as I wanted to... I spent to much time chatting with people in the vendor area, keynote hall and hallways. I took in three talks the first day and that was the extent of it. I saw Raf's Web 2.0 talk... I love the look on people's faces when he mentions Native Client. I also took in RSnake and Hoff's sessions. I had intended to see two or three more sessions but other commitments kept me away from those. From what I heard, everyone enjoyed what they saw... and the complaints were few and far between, if they existed at all.

I definitely enjoyed being able to meet up and chat with a few of the speakers, at the speakers dinner and sitting around the bar afterward. I was able to share some stories and hear some at the same time. While Toronto has a strong security community, it's nice to expand the contact list and network until you can't even hold your beer, and even then you can simply pass over the business card as you fumble with your pint.

Reception & Speakers Dinner

While I preferred the reception in previous years with the open bar in the keynote hall, I was fairly impressed with the reception at Joe Badali's. The food was good and the drinks were free. We filled tables and chatted and had a great time.

Even though I'm in Toronto, I had never been to Joe Badali's before so I wasn't sure what to expect from dinner. I was surprised by how good the food was. I opted for the vegetarian option (pasta) and it was incredible. I will say that the last thing I expected to see at the speakers dinner was a lap dance... but at least it was good for a laugh (video I recorded coming later).

Vendors

Vendors are great because their money helps keep your ticket price down. I had the opportunity to chat with a number of vendors this year and while the talks were interesting... everyone's always interested in the swag, so let's give a run down of that.

In the 'best geek swag' category, eSentire had password keeper Post Its at their booth, unfortunately I didn't stop by and get any... they were pretty cool looking though but beyond the humor not overly useful.

In the 'best over all' category, I want to give it to nCircle, but people might call me biased. We had the only t-shirt give away and the slogan was my idea... so I need to vote for it We also had caffeinated chocolates that were mighty tasty.

Beyond that, most of my swag didn't even make it home... I've got a ForeScout stress cube that survived and I gave away my Tripwire flashlight because someone asked for it (always a nice offering, although when I first saw it I was hopeful for a laser pointer).  I took a couple of pens, which weren't bad but unfortunately there were limited offerings of notepads and papers, one of my favourite conference take aways... I did manage to snag some Post Its from Rapid7 but that was about it.

In the, 'I thought it would be cool but it wasn't' category is the travel alarm clock from Sentry Metrics. They had mentioned to me that the clocks were a rush order, so they can't be held responsible but the company that was peddling the clocks originally definitely had a horrid product. I actually have pictures from a table at Lonestar with the clock spread out in pieces. The hinge came out of the box broken, the open button worked once and the instructions reminded me that "PM is displayed in the afternoon". It was good for a laugh over beer and that was about it.

Socializing

The best part of SecTOR was the social scene... just like it usually is. Whether it was chatting at the con, or afterward at the bar, it was a great time. I got to put faces to names that I've chatted with and never met but also gather with people that I don't get to see often enough. We had some great conversations, some ideas for interesting concepts/research to put together and a whole lot of fun.

I'm already counting the days until SecTOR 2010, it'll be a great time!

Tomorrow is SecTor and I'm rather excited. There are so many talks I want to take in that I, unfortunately, can't see them all. On top of that the speakers dinner and meet-up at the Loose Moose should be awesome.

nCircle will have a booth this year and will be giving away T-Shirts and chocolate. So stop by and say hey to everyone there. I'll be floating around but I still haven't finalized my schedule (too many good talks, too many people to see, the conference needs a third day to fit everything in).

Anyways, ping me on twitter (@treguly) if you're floating around and want to meet up to chat or grab a drink. If I'm not around, it means I'm rushing to finalize my slides for the SSLFail.com panel.

Note: this was a series of posts following RSA but some personal issues delayed this and now I'm posting a single post on the subject.

This was my first year at RSA, and via the wonder of blogging, I had a press pass.  I also, unfortunately, had an exhibitor badge. That isn't to say I didn't want to be at the booth (I actually love being at the booth -- although, while many people walked by and loved our shirts, I wasn't a huge fan... just a huge pumpkin ), it just meant I had less time to use the press pass. I also didn't have a lot of time to post while at RSA, so now I'm doing my blog posts... based on a few notes and lots of foggy memories.

I have an interesting flight story to share, but I feel as thought it might be better sent to the consumerist, I'm not entirely sure yet.

Anyways, day one I met with a few interesting people. First I meant with some people from Commtouch to discuss their technology and what they do. It sounded rather interesting and I look forward to testing it out at some point in the future. Following that, I met with Michael Sutton from Zscaler, who'd I'd met once previously. I really enjoyed this discussion and think we'll see some really cool things out of Zscaler in the future.

I spent the morning at the nCircle booth and expected to see masses of peopel everywhere after hearing about the number of people last year. I later heard it discussed that there were fewer people, so that might explain it. Working the booth is something I really enjoy. Being an engineer leaves you with few chances to interact with customers, something I love doing. The booth over the three days that I was there lead to some very interesting discussions with intriguing contacts.

Tuesday afternoon was spent walking the booths. A few vendors said they'd send me samples of their hardware to play with and review, however I've had no contact from them yet. This is disappointing because I was really looking forward to seeing some of the hardware in action.

Wednesday was the day that I was really looking forward to. The Securosis breakfast, the WASC meetup and the Security Bloggers Meetup. All three of these were amazing and they gave me a chance to finally meet up with the people that I talk to and hadn't be able to connect with at past conferences. I also had the opportunity to do a video interview with Martin McKeay, which I'm eager to see... I just hope it was shot in wide screen so that Martin can fit in the frame next to me .

Thursday brought more of the same with booth duty and visits to other booths. It also brought dinner at Basil Thai which was incredible. Ever since I was in San Francisco last year, I'd looked forward to returning to eat at Chevy's (which I just learned is a chain), which I managed to do twice but Basil Thai was even better. I'm already excited about my next trip to San Francisco just to go back.

Friday was my final day in San Francisco (I was flying back on the red-eye). Friday also held the highlight of the week -- the Mythbusters. It was incredible and my only complaint was that the moderator was too chatty.

Anyways, shorter than I wanted it to be but I had to mention that I did enjoy RSA and I'm eager to attend again next year.

Q. What is your role at $vendor?
A. Director Product Management

Q. What got you into IT/IS?
A. started programming in 5th grade on a Commodore Pet, got an Atari 800, self-taught assembly...many yrs later studied CS and went into a startup in early client-server out of college.

Q. What do you do outside of IT/IS?
A. 6yr+4-yr old twins...Reminisce about free time. Think about education reform and getting rid of incompetent politicians.

Q. What are  you most looking forward to / what did you most enjoy about RSA this year?
A. Low expectations. Most enjoyed meeting up with past colleagues.

Q. Was this your first time at RSA? Will you return?
A. 3rd or 4th. Will return.

Q. What will you be doing at your both?
A. usual booth duty, fishing for real customers amidst the noise of vendors/partners/exhibitors.

Q. Is there any swag available at your booth?
A. yeah, come take a look. cheap stuff if you're a vendor/partner/exhibitor. Good stuff if you have budget.

Q. If people wanted to chat with you when could they stop by the booth?
A. anytime

Q. Prediction for the future of IT/IS during 2009 and into 2010?
A. Budget cuts, heavy emphasis on quick, real ROI. Small companies go away.

Q. Any comments?

I've arrived!

After almost being removed from the plane (due to a double booked seat), I've finally made it to SF. I visited Denny's and now I'm going to grab ~3 hours sleep before I kick off my day. I'll be blogging the conference, as well as mentioning it on twitter. You can follow treguly on twitter (that's me) or ncircletweets (my employer). Rumor has it that nCircle will be giving away a Kindle 2 to a random new follower of their twitter feed.

I also want to take a chance to mention the "At the Booth" series that I'm doing. So far I've had three participants (2 from nCircle) and I'd really like to do a large series of these posts, so I want to once again invite everyone to answer the questions (found here) and send them in.

Q. What is your role at nCircle?
A. I am the Chief Technology Officer.  In terms of responsibility, it means that I try to add value in technical areas of the company and stay out of areas where I don’t add value.  nCircle has a ‘whatever it takes’ culture and it keeps things fresh and new.  I’ve been here since 2001 and I am still having a great time and learning something new everyday.

Q. What got you into IT/IS?
A. My computer career began at Broderbund Software where I worked on audio (auditory display) for the games.  In those days, there was a very fine line on the BBS’s between the gamer community and the hacker community.  I immediately got into the design of online games and a prerequisite was to know IT infrastructure inside and out.  I saw my infrastructure as instrumentation of the game and at some point, I was hacking kernels, applications and routers more than I was doing audio game interfaces.

Q. What do you do outside of IT/IS?
A. No surprise here but I still spend a lot of my time playing games.  I see ‘play’ in general as the method by which I learn and make sense of the world.  If I can’t play with it, I cannot truly understand it.  Lately, I’ve been ranking up on the Gears of War 2 online play so if you are into that stuff, drop me a line.

Q. What are  you most looking forward to / what did you most enjoy about RSA this year?
A. RSA for me is all about conversations.  I plan on having at least a dozen incredible conversations with customers, other vendors, and peers who are passionate about their work.  Last year at RSA 2008 I did a talk on Game Theory and its application in defensive strategies.  This year, I’ll be spending more time hanging out with peers and having great discussions.

Q. Was this your first time at RSA? Will you return?
A. It is not my first time to RSA and I have lost count.   It is difficult to imagine being in the information security domain and not being at RSA in some capacity.

Q. What will you be doing at your both?
A. I have a presentation to deliver on Tuesday and Wednesday which you may find interesting.  It makes the assumption that your network is made up of a prey species and through a discipline called Biomimicry we explore the dominant strategies of prey and how they can survive in a hostile environment.  Other than that, I’ll be just looking to have a great conversation with visitors.

Q. Is there any swag available at your booth?
A. The remote controlled helicopters have been a hit and I think we have a contest for a Kindle 2.

Q. If people wanted to chat with you when could they stop by the booth?
A. 11am to 2pm on Tuesday and Wednesday.  That is the plan so far but this week is all about exception handling.

Q. Prediction for the future of IT/IS during 2009 and into 2010?
A. I’m not a big fan of predictions but I can tell you an area of interest that I hope to influence its outcome.  I would like to finally see multi-vendor interoperability at the semantic level for customers.  I’m not talking about syntax level sharing of content, I’m speaking of the sharing of data _in context_ – sharing data with sense-making models and ontologies.  Come by the booth and I will talk your ear off on this stuff.

Q. Any comments?
A. Game on!

Q. What is your role at $vendor?
A. VP Product Management at nCircle. My job is to make sure that nCircle continues to build the most effective and most competitive solutions to the most urgent customer security and compliance audit problems.

Q. What got you into IT/IS?
A. Actually, it was 1982 and I was just starting college. I had one elective and was trying to decide between Economics and Computer Science. I picked Computer Science because it sounded more interesting and because my mother had been programming mainframes for 10 years. My first job out of college was as a developer with AT&T Bell Labs and I just never left it. I’ve been associated with IT vendors for close to 25 years now.

Q. What do you do outside of IT/IS?
A. You know, I’ve been thinking I need some new hobbies. I have two young kids that take up most of my free time. I read…a lot. I also like to write, though I haven’t done it regularly in years. I had my own blog for about four years and I’d like to find time to get back to that again.

Q. What are  you most looking forward to / what did you most enjoy about RSA this year?
A. I’m interested in seeing how the flavor of the show changes. For me, RSA is about economic trends – large scale swings in the market place. RSA has always been half-marketing/half-business development. This year, I suspect attendance will be down and we’ll see a larger percentage of the traffic representing companies trying to sell themselves. It’s a bizdev show in a buyers’ market right now.

Q. Was this your first time at RSA? Will you return?
A. Not my first show, no. (My first technology tradeshow was one of the early Interops in the 1980s where the protocol stacks were all so different. The main point of the show was to ensure interoperability and every vendor had to have a 10 Mbps (fast at the time) drop into the booth that they had to connect to successfully. Things have come a long way.)
I don’t know how many RSAs I’ve been to. I’ll definitely be back, if only for the annual ISS reunion that takes place each year.

Q. What will you be doing at your both?
A. Trying not to look too out of shape in my orange t-shirt?
Seriously, I’ve got booth duty as an “executive” plus there are a couple of 15-minute presentations I’m giving. Plus, it’s a great place to do market research if you’re a product manager. I have a couple of projects in the works that I’d like to bounce off the right personas, if I can I find them.

Q. Is there any swag available at your booth?
A. We have those cool tiny battery-powered helicopters for presentation attendees and we’re giving away a Kindle 2 to a random person who begins following us @ncircletweets.

Q. If people wanted to chat with you when could they stop by the booth?
A. Monday after 6:00 pm; Tuesday after 2:00 pm; Wednesday after 2:00 pm. Or just tweet me @markwood.

Q. Prediction for the future of IT/IS during 2009 and into 2010?
A. Security and compliance spending will rebound faster and earlier than the general economy. Virtualization is fundamentally changing the nature of our IT world and it’s going to result in customers getting a lot more choices when it comes to security and compliance solutions. That said, the drive to consolidate vendors will not abate in 2009 and may actually accelerate in 2010. It will, therefore, be critical to be a strategic vendor to your customers.

Q. Any comments?
A. I have always thought I could make a killing at RSA by having my own Dr. Scholl’s booth.

Q. What is your role at $vendor?
A. PCI QSA at TW.  or Payment Card Industry Qualified Security Assessor at RSA

Q. What got you into IT/IS?
A. Innate geekiness.  Been playing with computers since the Ti99/4a

Q. What do you do outside of IT/IS?
A. There's a life outside of IT/IS?  When I'm not on the computer, I'm spending time with my wife and kids.  God help me when the kids get old enough to IM, tweet and play Halo.

Q. What are  you most looking forward to / what did you most enjoy about RSA this year?
A. The Security Bloggers Meetup.  I'm hosting it with Rich Mogull; I'd have to say that even if it wasn't true.

Q. Was this your first time at RSA? Will you return?
A. 4th RSA, and I'll be back as long as they'll let me return.

Q. What will you be doing at your both?
A. Good question.  No one's told me yet.  Seriously.

Q. Is there any swag available at your booth?
A. Another good question.

Q. If people wanted to chat with you when could they stop by the booth?
A. Tuesday, 1-4 or Thursday 11-1.  I may have to leave early on Tuesday to participate in the "Avoiding Security Groundhog Day" panel.

Q. Prediction for the future of IT/IS during 2009 and into 2010?
A. PCI is going to continue to be a big driver in the security market.  Unless the federal government decides they can do better, then all bets are off.

Q. Any comments?
A. Who's bringing the economy size bottle of Tylenol?

So I was trying to think of something different that I could do in my blogging about RSA. After some humming and hawing I decided to do a blog series that I'm calling RSA "At the Booth". This is open to anyone working a booth at RSA. Simply send me an email to rsa [at] <thisdomain>. The questions are:

1. What is your role at $vendor?
2. What got you into IT/IS?
3. What do you do outside of IT/IS?
4. What are  you most looking forward to / what did you most enjoy about RSA this year?
5. Was this your first time at RSA? Will you return?
6. What will you be doing at your both?
7. Is there any swag available at your booth?
8. If people wanted to chat with you when could they stop by the booth?
9. Prediction for the future of IT/IS during 2009 and into 2010?
10. Any comments?

The post titles will follow the format - "RSA - At the Booth with $name of $vendor". It may be interesting to some people who want to a) talk to a particular person or b) find someone with a similar interest.