Announcement

Collapse
No announcement yet.

HACKERSUMMERCAMP2019, by Najla Lindsay , DEF CON 27

Collapse
X
Collapse
  •  

  • HACKERSUMMERCAMP2019, by Najla Lindsay , DEF CON 27

    URL1=https://www.forensicsandinfosec.tech...summercamp2019

    Originally posted by URL1
    October 7, 2019
    By Najla Lindsay (https://www.forensicsandinfosec.tech...463d00018933e4)

    #HACKERSUMMERCAMP2019

    WELLLLLLL HELLLLLOOOOOO #HACKERSUMMERCAMP2019, Let’s take a walk down memory lane. TL;DR ::::: First time in Vegas, First time at DEFCON, First INFOSEC Speaking Engagement at the BioHacking Village, Blacks In Cyber Meetup warmed my heart, Met some awesome people that I interact with on Twitter, and enjoyed a night out at one of the popular venues. Various achievements unlocked. Keep reading for details.

    PRE- #HACKERSUMMERCAMP
    I got the AWESOME opportunity to attend my first coveted information security industry conference. Which one you say?
    DEFCON. That is what I say. DEFCON runs along with other conferences in a week span.
    Blackhat, BSides Las Vegas, DEFCON, Diana Initiative, QueerCon = #HackerSummerCamp
    HOW did I get to attend?
    I submitted an application for the Women in Security and Privacy (WISP) scholarship that was posted on Twitter thanks to one of my #YaYas, @StephAndSec ‘s tweet back in April.


    Thank you to WISP for this amazing opportunity to be one of 92 scholarship recipients.

    LEVEL 1 of unlocking achievements.

    Level 2-5 of unlocking achievements came shortly after the submission of my application to WISP.

    Since I am a career transitioner into the Information Security industry, someone tweeted me about #Toxicology and recommended that I look into the #BioHackingVillage.

    You see, DEFCON is NOT just about the keynotes that occur over a 3 day span. There are several smaller “villages” that focuses on certain areas of hacking, such as but DEFINITELY not limited to, medical devices, automobiles, aviation, application security, cloud security and drone security. It is here in those villages where you definitely can learn about those working on challenges, political issues (think voter machine) and an enormous amount of other information that will fill your spirit.

    The #BioHackingVillage works to bring the health, education ans security communities together in close spaces to create real world solutions that will allow the innovators, researchers, entrepreneurs and such to hear various perspectives as we make an impact on global health. I spoke with the Executive Director of the Village and she convinced me, unbeknownst to her, that I should submit my “talk” for consideration at the village. Guess what, I had NO IDEA what I wanted to talk about, let alone a “talk” even prepared such an event so large. So that night, with a glass of wine and while I laughed to myself, I wrote an abstract briefly about my talk.


    Title of Submission: Forensic Science and Information Security: Lifetime Lovers, Part-time Friends

    Abstract: Forensic Science and Information Security are very parallel fields. They are both methodical in nature and often one area builds succinctly on top of the other. With the ability to have a specialty in various areas, it is interesting that the two do not often merge together and share policies and procedures. You see Forensic Scientists often are called in at the “endpoint.” Usually, it is at the scene of a crime, only giving the final “product” and must work backwards to build a story for what initially happened. In Information Security, with the rapid growth of exposure to data, specifically PHI, it is evident that it would be beneficial for both communities to work together. With my area of extended knowledge and expertise in Forensic and Clinical Toxicology, I am often met with various attempts to “social engineer” me out of patient results to having sent incorrect reports to clients (not on purpose of course). In a Toxicology lab, whether government (local, state or federal) or private, PHI is the utmost important issue. Scientists adhere to the policies and procedures of the SCIENTIFIC aspect of the organization, but not always to the INFORMATION SECURITY aspect of the organization. Let’s chat a little about how to make both industries more aware how they are really Lifetime Lovers and Part-time Friends.

    On Sunday, June 23, I got the email that my talk had been accepted. HOLY. FREAKING. SMOKES.

    LEVEL 2 of unlocking achievements.

    “When you do good by people, people do good by you.”

    Now it was time to book my hotel. Well a friend of a friend knew I had not decided on my accommodations yet and let someone know that I may be interested in a room. Welp, in a nutshell, I was afforded the opportunity to have my room COMPLETELY paid for and I only had to worry about incidentals, which is not an issue, because I do not have incidents. I was a little concerned with the security policy of the hotel because it was a Ceasar’s property but I graciously and thankfully accepted. I had NO ISSUES whatsoever.

    LEVEL 3 of unlocking achievements.

    AT-#HACKERSUMMERCAMP

    All set and ready to go!

    First Time in Vegas!! First Time at DEFCON!! First Time giving a talk to SECURITY PROFESSIONALS!!
    BRIEF INTERMISSION
    I was set to arrive to Vegas, first time by the way, on Wednesday but instead, my flight was cancelled by American (INSERT EYE ROLL) because of rain. I was busy doing other stuff that I did not even realize that my flight was cancelled until I was literally in the car en route to the airport. I almost freaked out and thought my hotel would be cancelled and disaster would ensue, BUT I returned home and enjoyed family time.
    I arrived on Thursday but my luggage did not make it with me on my connecting flight from Phoenix. I personally wanted to freshen up before meeting people because well, traveling and weather changes can contribute to increased sweating. And being sweaty IS NOT lady like and I am ALWAYS A LADY. :-)
    END INTERMISSION
    I had finally arrived. I met up with StephandSec for lunch, ran into Ca$sie briefly and then IsVixjoined us for lunch. I grabbed my badge and scholarship money from the WISP leaders afterwards. Is_Vix, another lady and myself went to the DEFCON 101 panel to support Magen_Wu because she is an infosec veteran and is very knowledgeable.


    OKAY. Let’s stop here.
    DEFCON 101 panel was INTERESTING. I went with the expectation to get advice on "How to do DEFCON.” And we got some of that at the beginning. Then, it got REALLY AWKWARD and UNCOMFORTABLE. I think we stayed for about an hour before we headed out because there were inappropriate and overtly lots of sexual jokes being thrown around. We were not the only ones who also felt this way nor were we the only ones who left the panel early.
    After the panel, it was rest time and I needed to find out where my luggage was. I did not get my luggage until 6 pm. I got it and then I showered and got dressed for dinner. The Yayas Dinner.
    We ate and belly laughed for 3 hours. Would you believe it if I told you that this was our FIRST time meeting each other in person?!?!?


    FRIDAY at #HACKERSUMMERCAMP
    I got up, got breakfast via Keirsten’s tweet about Breakfast. Met a few more beautiful people and enjoyed a nice meetup. Btw, Keirsten is BOMB!!!


    and then met with Is_Vix and we went to various locations to see what the different villages were doing. We went to a talk about Car Hacking. We tried to go to a Cloud Security talk but were turned away because of capacity. :-/ We went to Bally’s and walked around the center. We grabbed LOTS of swag from vendors. It really was like a playground for adults who loved to learn and figure things out. I visited these areas: Drone Village, Aviation Village, Car Hacking Village, Blue Team Village, App Sec Village, Cloud Village, Hardware Hacking Village, Lock Pick Village. I met Mari of Women’s Society of Cyberjutsu and quite a few other people.
    Later in the day, I went to support StephandSec’s panels. She had one with Diana Initiative at the Westin and the other with WISP at Caesar’s. They were back to back so we had to dash really quickly.
    I met Lodrina in person, FINALLY, while attending Steph’s panel at Diana Initiative. She has been very supportive and offering me advice and just very open about getting into the industry. We hugged like we had not seen each other in a long time. Funny because this was our first time meeting in person.


    Afterwards, we attended a VERY great networking event put together by Blacks In Cyber. Let’s be real. You do not know nor see many BLACK information security professionals often and especially not in the HACKER scene. So this meetup was MAJOR and it made me smile IMMENSELY on the inside and outside because there was representation. New and seasoned professionals. Old and young WOMEN and MEN. Next year, there will be more. :-)
    THIS meetup was LEVEL 4 of unlocking achievements. Because COMMUNITY is important.


    SATURDAY aka MY SPEAKING DAY
    I admittedly went a little too hard last on Friday night and was tired. I got up and went to the WISP Scholarship Recipient Breakfast at 10am. I ate and then had to dash back to my room to calm my nerves and get ready for my talk at 11:45 am. I put on my outfit and walked over to Planet Hollywood.

    I presented. The room held about 75 people in total. I had about 60 people in attendance. I had 30 minutes to give my perspective and I did just that. I DELIVERED my first talk at a SECURITY CONFERENCE. It was recorded (which will be released at a later date). I WAS RELIEVED.
    I want to GIVE A MAJOR SHOUTOUT to these amazing people that I saw in attendance at my talk (if I forgot you, please charge it to my head and not my heart).
    Side Note: Yes, my talk was recorded. No, the video has not been released yet. Yes, I will update this post when the video is live and Yes, my slides are available for viewing.


    Afterwards, I had a couple hours to spare and this was part 1 of decompression. I grabbed some food but then I headed over to Diana Initiative again because Jai had a talk. She did a phenomenal job presenting her talk and it resonated with me. Her talk title, “Status Ready: Preparing for Your Next InfoSec Role” offered great tips for all levels of professionals in the field.

    Once Jai’s talk was done, LEVEL 5 achievement was unlocked.

    After all of the preparation, support, talks, and meeting various people in the industry, I decompressed and finally decided to let my hair down and go out. Had a night out with some folks (ya’ll know who you are). It was THEE best way to end a hectic start to going to Vegas. I would do it all over again and I plan to do so next year.



    Here are my personal tips for navigating DEFCON:
    1. Do some research before hand on the villages. There is valuable information at these places and you can always learn something new.
    2. The workshops sell out at the BLINK OF AN EYE. Keep an eye out these and when they go live. I missed the opportunity to snag one but I would definitely would have liked to attend. Will try next year.
    3. If a speaker is popular, chances are that there talk will have an extremely long line. If you absolutely want to hear their talk, I would prepare to get in line REALLY early in advance. Sometimes, the rooms are cleared for each talk and sometimes, they are not. Get there early if you know something interest you.
    4. RACK UP ON SWAG. RACK UP ON SWAG. RACK UP ON SWAG.
    5. Do not panic. Yes, it will be overwhelming but if you have a plan in mind with a little leeway, you should be fine and be able to navigate pretty easily.
    6. Register early for the vendor hosted parties and such. They fill up quickly.
    7. Have fun. Yes, you are there to meet new people, hear some talks and network. HOWEVER, take some of the pressure off of yourself and enjoy at least one night where you do something that you want to do. It will recharge you.
    Anyway, I know this was extremely long, but I wanted you to feel the experience as much as possible. I had a great time in Vegas and I will be back.

    Here is the link to my slides in case you are interested.

    Thanks for reading. See you back here soon!!!
      Posting comments is disabled.

    Article Tags

    Collapse

    Latest Articles

    Collapse

    Working...
    X