Thursday, October 10, 2013

First Local Security Conference Thoughts A+ For the Association

OK, today I attended my first North Carolina Banks Association information security meeting.
First off I was a little excited, I have been to CarolinaCon, DefCon, BlackHat and many more.  I knew this wasn't going to be just like those or anywhere close to them. 

I was just happy to get out of my office with and speak with others in my line of work and learn some new things.  I did, we had two or three speakers that made the whole time worth it. I would also to include the staff and such that put it together many thanks to you and your efforts for the chance to go.

What I am about to say has nothing to do with my employer or any representations of my work place.  Hell my boss drove me there, don’t tell him but I enjoyed his company.

I would like to say that 85% of the information that came out was good advice for keeping up with standards, new applications, even new tech to semi proactive subjects.

I would have to say most of us geeks get no time together and speak and reach out with other IT people in our field. You want us to come up with the solutions for the work place and be able to prevent the circumvent hackers/blackhats or at least have plans in place with policies to handle certain emergency’s. You know we are no different than your Sales, Management Teams, and etc. It just seems like we are last at the line for any gatherings to where we feel comfortable and can speak and dress like we want too in a relaxed environment to exchange ideas and new information.

IT is incorporated with Geeks, Nerds, Strangers, etc.  that have a strange understanding of technology that no one else does “No this is not a manifesto LOL” and I am fine with that. I am so lucky to have a work place that semi-understands this.  A real IT person that is in his/her prime that will take any mission on solo or not, they have gaming, brute forcing, and dropping honey boxes to see what happens when so to speak the Baking Soda hits the Vinegar, or builds a giant Tesla Coil just to watch what happens. 
It is the love of technology that drives us. Yes 50% of us are white hats trying to learn as much as we can. If you really want us at the top of the technology then help us by taking time to realize we might not make you cold hard cash, but we keep you losing billions.

I hope I get a chance next year to go; I would rather speak though for the simple reason of miss information on the latest technology and scams. I have several ideas on building of information sharing without everyone having to spend out a ton of money while we have up to date information at the same time.

One more thing I did not hear one thing about Fuzzing or the Crime Origination’s hiring black-hats selling software to create major SDK structures for selling on the black market just to take advantage of wires, ach’s or even id theft.  Heck they even left out Lulzsec. This was the damaging effort of the DDoS attacks for Op’s Operations via Occupy.  Also mention of Syslogging for free to see if someone is protecting your IDS/ASA/LDAP system which is free Open source projects.

Example, 1 Module New Business Plan for Organized Crime Industry.