tag:blogger.com,1999:blog-5388115022531534533.post2814995783335422045..comments2024-03-07T21:21:45.209+11:00Comments on /dev/null - ramblings of an infosec professional: AusCERT 2010 in ReviewJarrodhttp://www.blogger.com/profile/09705073585945953338noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-5388115022531534533.post-9258622250702161832010-05-28T09:50:38.564+10:002010-05-28T09:50:38.564+10:00Hi Jarrod,
Thanks for the feedback on the 'bo...Hi Jarrod,<br /><br />Thanks for the feedback on the 'booze'.. :-)<br /><br />I'll definitely mention what the speaker gifts are next time... so at least the speakers know. <br /><br />Truth be known; for speakers who appeared more than once at AusCERT2010, we gave additional presents beyond the wallet, including: A very nice writing pen, a computer toolkit, a also bottles of Wine. :-)<br /><br />Cheers,<br />Mark :)Marknoreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-35785453594214488112010-05-26T22:40:33.058+10:002010-05-26T22:40:33.058+10:00Hi Mark,
Thanks for the FYI on the RFID blocking ...Hi Mark,<br /><br />Thanks for the FYI on the RFID blocking wallets - I certainly didn't know that. I should point out that neither did at least two of the speakers I sat next to as they opened them.<br /><br />Suppose it was appropriate contextually - however I do believe in prior years books (and booze even!) seems to have been more appreciated.<br /><br />- J.Jarrodhttps://www.blogger.com/profile/09705073585945953338noreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-84194227268366846032010-05-26T14:27:19.068+10:002010-05-26T14:27:19.068+10:00Hi Jarrod,
Thanks for the post on the conferenc...Hi Jarrod, <br /><br />Thanks for the post on the conference. All feedback (good and bad) is appreciated.. One thing I thought I should point out though is in regard to the speaker gifts... I'm afraid that you may have the wrong end of the stick there... <br /><br />IMHO we didn't shaft the speakers...<br /><br />The "very crappy looking metal wallets" were in fact "RFID Blocking Passport Billfold" wallets from ThinkGeek URL: http://www.thinkgeek.com/gadgets/security/910f/ <br /><br />We had to ship them in from the USA; and they cost us around AUS $50 each (not including the printing). My feedback from the presenters I asked was that they thought they were a pretty appropriate gift for a security conference - especially for those speakers who traveled a lot; needing to protect their RFID-chip embedded passports in airports where nasty identity thieves were out to get their data using a concealed RFID reader..<br /><br />We actually took quite a bit of time deciding on the primary speaker gifts this time around - perhaps we should have mentioned what they were to the audience..?<br /><br />Cheers, MarkMarknoreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-26923280822986080372010-05-24T16:29:37.245+10:002010-05-24T16:29:37.245+10:00There is a significant cost to an organisation in ...There is a significant cost to an organisation in delivering a presentation, I didn't realise it until recently looking back on an Dimension Data presentation I am working on.<br /><br />If it is done on company time, the time spent on researching and preparing the presentation is a effectively absorbed by the employer. The justification from a marketing viewpoint is that it is building/maintaining the company brand and ensuring they have visibility in the marketplace. This is a reputational boost that is something of an intangible (with some methods of measurement however). The issue is whether or not a given employer will allow support. From a technical viewpoint, research is how you maintain staff interest and build intellectual property, skills and internal training without "spending" money (albeit not earning/billing if this is done during business hours). Generally, most organisations will "sponsor" the employee but will expect them to do it on their own time. <br /><br />I can certainly appreciate why some organisations (particularly smaller ones) may not afford the luxury of time on this. However, this is digressing from my original point (with regards to presentation selection). <br /><br />It would be interesting to see how this fares next year. Hopefully it will be more impartial, but looking back on years prior, I remain skeptical.<br /><br />- J.Jarrodhttps://www.blogger.com/profile/09705073585945953338noreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-40271926319309353402010-05-24T16:10:12.743+10:002010-05-24T16:10:12.743+10:00Yes, this is the classic 'equal opportunity...Yes, this is the classic 'equal opportunity' dilemma. Should you choose a weaker presentation from an under-represented organisation/group, or a stronger presentation from an over-representated organisation/group. There are arguments for and against each approach. <br /><br />The other thing to keep in mind is that while as a speaker you get a free plane ride, hotel, and conference registration, you're not getting paid to present, so it actually does have a 'cost' to your organisation, if only in terms of opportunity cost (ie you could be working on something else). Lots of organisations probably don't put forward staff at this time of year because everyone is flat out busy coming up to EOFY. If it was moved to later in the year, you may get a different selection of speakers.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-47669431469636688482010-05-22T15:42:13.464+10:002010-05-22T15:42:13.464+10:00Good points anon. Maybe they should have said some...Good points anon. Maybe they should have said something or actually approached more local organisations. I know a few that gave up submitting talks a long time ago because no matter how good they were, they were not getting accepted. Shame but is AusCert really in touch with the local industry? I say not.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5388115022531534533.post-65866369513749796572010-05-22T10:49:24.753+10:002010-05-22T10:49:24.753+10:00Hi Jarrod,
Great post and I think most of your co...Hi Jarrod,<br /><br />Great post and I think most of your comments were dead on. I would like to touch on one point though around sponsorship and speaking slots because I think what you saw was actually a symptom of AusCERT getting this right this year.<br /><br />I work for an organisation that in previous years would regularly submit at least 3 papers. Each year only one would get chosen no matter the quality of other submissions. In fact, some years we were downright upset because amazing presentation were rejected, seemingly based on the policy of accepting only 1 submission from each company.<br /><br />This year stratsec submitted a lot of papers, and from talking to some of the submissions panel, in general their submissions were of high quality and so many were chosen. Unfortunately, what was a great change in acceptance policy looks like a horrible change.<br /><br />Just my 2c.Anonymousnoreply@blogger.com