Recommendation: curate a list of speaking engagements

Something I learned from HalvarFlake in 2019 that it can be quite painful to remember what conference one spoke in the past.

Giving a talk at a conference, event or appearing on a podcast is a big service for the community, who can learn from your experience. At the same time it is a testament to your impact and something to be proud of. It is cool to look back where you spoke 5 years ago and what topics you found relevant back then.

Such a list can be useful when trying to get a new job or to get more attention from hiring managers. It can serve to show your expertise in a specific field. Last but not least it can help future program committees in a paper review process to see your speaking abilities (if the review is not done blindly).

It also can prevent or reduce the risk of burnout. Seeing how much you spoke in the past gives you the ability to reflect the workload, additional workload added by preparing a talk which is usually forgotten when agreeing to speak. If you felt comfortable giving 5 talks a year, you might be well off giving 6. Agreeing on 15 however might be a big step up and should be done very carefully.

Since then I capture my speaking at a page of my page. I recommend you do the same every 6 months.

Items I recommend to capture:

  • Date of talk / podcast
  • Conference title
  • Talk title
  • Link to slides if available
  • Link to a recording if available
  • Link to blogpost from others covering your talk

#FIRSTCTI22 FIRST CTI Event Berlin 2022 Review

It is November 9th 2022 and I had a few days to digest and think about the FIRST CTI event taking place in Berlin from 2022-11-01 to 2022-11-03.

You can find more direct feedback and impressions on Twitter with the hashtag #FIRSTCTI22 where I also shared stuff.

The program is published at https://www.first.org/events/symposium/berlin2022/program. So let’s dive into my thoughts.

To give some context, I participated in the first FIRST CTI, called FIRST Technical Colloquium on Threat Intelligence, hosted by Siemens in 2016. Back then the topic was very new (remember STIX/CybOX, Mantis). But some topics were relevant already back then like how to operationalize Threat Intelligence and how to evaluate information. It was great then and I was excited to see what has changed since then.

Training

As I only arrived on Tuesday, I had to skip the trainings, but I was able to talk to participants with mixed impression, which is no surprise given the different roles / background of the participants (more on that later) so I hope many of them provide feedback to the event team so they can extract the right learnings on which training is best suited for the audience.

Wednesday

I had the honor to moderate the Wednesday, so while I was able to hear all talks, I had to also focus on logistics, take time and have some questions ready for the speakers. To my surprise the audience did not take that much advantage of the fact that we were all in one room and asked very few questions. Maybe this is something which we need to re-learn after the pandemic?

I really liked the talk from James Chappell „Ten Years of Cyber Threat Intelligence: Retrospectives“. It was a perfect entry and set the stage for the two following days and for sure James is a veteran in the field, so there were several observations that stuck with me.

Next up was another highlight for me: „Crossing the Cyber Sad Gap“ from Jake Nicastro. Jake went into the risk of our jobs and how it can affect the mental health and offered some points to take home and address in your team, very eye opening and I am sad that this talk will not be made available to the public.

Another thing I want to highlight is the mixture at the event between practitioners and academia, Clemens Sauerwein from the University of Innsbruck, Department of Computer Science, AT presented on stage and there were several delegates who were really interested in conversation with industry and public sector people.

Obviously I was nervous giving my own talk together with tomchop, but I think it went really well.

Overall Wednesday was a really pleasant mixture of topics.

Audience

Overall the audience was a little over 330 delegates. From conversations I would assume around 40 % with a DFIR background, 40 % from CTI related roles and 20 % either a mixture or something else, but I guess the organizers have better stats on this.

The size of the audience felt ideal for me as well. There were enough people to run into random people to start a conversation but it was not too large to get lost, I think sub 400 is ideal.

There were delegates from all kinds of regions, with a majority coming from Europe, which is not a surprise given the event location. To build a reputation I would like to see the event happen again in Berlin, if there is demand to have something similar in other regions like AMER or APAC, I would suggest building local forks vs. Rotating over the planet like FIRST does for the annual conference. That should also make it easier for the planning team to figure out logistics, but again is my personal opinion and there are also advantages for changing locations.

Length

Personally I prefer events under three days. Longer events make me tired and come with too much social toll for me. Two days still enable follow up and enough opportunities to have conversations going a little deeper then „hey my name is John Doe, I work at XYZ, nice to meet you“ and then never see that person again.

Thursday

Started with another excellent talk about the human aspect of our industry „Why Your Security Analysts Are Leaving and What You Can Do to Retain Them“ by Thomas Kinsella, I highly recommend this talk.

I skipped one talk that was pre-recorded and instead spent my time networking with delegates, as I hope to see the talk afterwards on YouTube instead.

It is always nice to see new tools announced at events, same here, when „ORKL: Building an Archive for Threat Intelligence History“ was covered by Robert Haist. Solid talk and I recommend checking out the project web page and reaching out to Robert if you want to help the project.

The rest of the talks were all solid but I do not want to bother you with all my thoughts, I have provided feedback to the events team and I recommend you doing the same (check your mails for the survey).

The program committee did an excellent job setting up a program that catered for technical and strategic folks. Kudos: @thomasschreck_ , @adulau , @asfakian, James Chappell and Dr. Morton Swimmer.

Dinner

An important aspect of such events for me is to meet with old friends but also make new connections and introduce new people to the community. This time I tried to execute something I learned from Kate.

I made (or asked someone to make one) reservation in a restaurant nearby for 6-8 people, asked 2-4 people I already know and want to see again and added people I wanted to meet for a long time and or folks who asked to be introduced.

The result: a great combination of nice food, excellent group sizes to have different topics to talk about but not too large that it would go nowhere or someone would feel lost (at least I hope).

The absolute highlight for me was going to C-Base, if you have never heard about it, make sure to check it out, I will not spoil it here. Thanks Y.W. For your hospitality my friend.

Wish

If I had one wish for the future of that event, I would hope to have a more diverse audience and speakers. We as the community need to push more and improve.

Disclaimer

I have not been involved in the planning of the event other than setting a draft budget in November / December 2021 as part of the normal FIRST budgeting process. And above is purely my personal opinion on things.

Photocredit: Kamil Bojarski

36c3 Day 1

So day 1, I arrived around 11 AM and got myself in a queue which was surprisingly well organised and fast-moving. There is even a page to show waiting times for the last few years.

Once passing the entry area I was a little overwhelmed, lights, people, noise everywhere and the space seems simply large…

At some assembly, I met a good friend and long-time CCC / C-Base hang around who introduced me to some people and within a blink, 3 hours of conversation were gone.

Along the way, I learnt stuff about Freifunk, open firmware, and many more, but the most important thing – very good conversations and friendly people.

An aspect that is not covered much in blog posts or wikis is food. I was not sure how to prepare for the long days in regards to food and drinks. Turns out there are a lot of bars serving Mate (of course), beer, cola and other stuff and there are a lot of food places, so no a problem there (not vouching for the quality…)

Hacker Jeopardy was something I was curious but watched back in the hotel.

36c3 part 1

For many years I wanted to go to a CCC and this year because of different reasons I was finally able to go, this blog post is going to cover my planning and following posts will hopefully follow.

Preparing

There is a log of coverage already how to prepare for a congress. Obviously, you need a ticket. I got my ticket thanks to a co-worker who is a pretty active member of a local chaos group, so was fairly easy (thx stean)

So after getting a ticket, a place to stay needs to be found. In most cases, I run with AirBnB, this time I was unable to find a cosy place nearby so I ended up doing a hotel reservation and I hope this was a good choice.

And last but not least, transportation. The way to go here for me is using german railway services, Deutsche Bahn. There is even a special page from Deutsche Bahn to get a special ticket for a lower price.

Stuff

Of course, going to a conference you need your basic stuff as for every conference/travel, so I will not go into that too much. Especially for the congress, I tagged most of my gear that I plan to bring to the venue with my twitter handle and my domain so that it is easy to find the owner.

In addition to my normal list I packed the following items:

  • permanent markers (white/black) – maybe I can help with those
  • Magic ties (Amazon link) – I love those things
  • Stickers (mostly for FIRST)
  • batteries (AA+AAA) because why not.

A water bottle, because @c3himmel asked for it:

Tech

The tech also needs some extra time, in particular, updating every service/application running is critical. As I do not trust the wifi (as with any other wifi) VPN and a backup VPN was tested/updated.

To be able to work on stuff I also freed up some space on the devices, just in case.

Power up batteries, external power supplies and co. I do not want to run out of power.

Further reading