First Impressions RSA Conference

Well yesterday was a big day for me. It was my first time attending RSA Conference in the US. I have attended RSA Europe many times and was looking forward to seeing how different the US conference is to the European one.

All I can say is that everything is BIG, and when I say big I really mean big. Firstly the Moscone centre is absolutely huge, I have got lost a number of times going from talk to talk. Then the number of delegates is astounding. At RSA Europe there is normally between 1,000 to 2,000 delegates. Here there are approximately 15,000 delegates. The social element of RSA US is astounding too, nearly every vendor is hosting a party of some kind.

Speaking of vendors the exhibition hall is huge. I went onto the floor at 11:30 to simply walk from stand to stand to see if there was anything that was cool or innovative and it was not until 2:15 that I finished my exploration. Unfortunately I did not see anything too cool or innovative. In fact I found it telling that the most exciting technology that I came across was an original Enigma machine displayed on the at Thales stand. To think that a technology that is now over seventy years old creates more excitement and buzz than many modern solutions is a sad indictment of where we are in the security industry today.

Finally the theme for the event is BIG and by that I mean it seems most vendors and talks are all focusing on Big Data and its implications for security. I would say though that big data is not what we need to focus on but rather big information. Data without context is just that, data, and is something we cannot act or work with. Data with context is information and that is something that we need to identify threats, incidents and trends so we can better secure our systems.

So far RSA Conference has been very enjoyable with the chance to meet many people I know online in real life and to meet and talk with vendors directly. I am looking forward to seeing what the next few days bring.

Upcoming Speaking Engagements

Tech-Security.jpgThe new year is now upon us and it already looks to be a busy one here at BH Consulting.  I wish you all a very prosperous, happy and secure 2013.

This post is simply to highlight some of the upcoming speaking engagements that I am involved in.  Hopefully I will get a chance to meet and talk to some of you at some of these events.

Information Security Magazine Patch Management Webinar

Information Security Magazine will be hosting a webinar on Thursday the 10th of January to discuss issues relating to the latest Microsoft patch releases but also on patch management issues in general.  I will be one of the panel discussing these topics.

Chartered Accountants Practitioner Technology Seminars 2013

I will be addressing both of the Dublin and Cork seminars to be held on the 16th and 17th of January respectively.  I will be talking to attendees on “Securing Business in the 21st Century – Security, Device Management (incorporatingoffice mobility) and Data Protection”

Irish Computer Society Data Protection Conference

I am delighted to say that the Irish Computer Society have asked me back to address the 5th Annual Data Protection Conference to be held on the 21st of February.

RSA Conference USA 

One of my lifetime ambitions has been to attend the RSA Conference in the USA, this year not only do I get to attend but I am also a speaker at it. I will be taking part in a panel discussion called “Mayans, Mayhem and Malware”.

Secure Computing Forum

On March 7th I will be one of the speakers at the Secure Computing Forum  2013 at the Gibson Hotel, Dublin is hosted by DataSolutions and Check Point

There may be other events coming up soon so keep an eye on the blog for those updates. If you are planning to host an event yourself and would like someone to address the event on matters relating to protection key business assets then don’t hesitate to contact us or to visit our events page for more information.

Upcoming Information Security Events in Ireland

As the spring season starts to kick in so too does the events calendar for information security meetings.  Many of the larger conferences will start to happen over the coming months.  But there are many local events that are equally as informative and worth looking into more.

There are a number of worthwhile events coming up in Ireland over the coming weeks;

There is a lot of hype in various media outlets about the bigger security conferences however I often find that local chapter meetings can provide a lot more benefit as it gives you the chance to meet and discuss issues with your peers, while at the same time listening to some excellent talks.  Do take the time to attend some of the above meetings it will be well worth your investment in time.

Upcoming Information Security Events in Dublin

A few years ago it was difficult to find any major conferences on information security in Ireland.  There would be a number of seminars run by various vendors and resellers with the ISSA and IISF running monthly meetings to keep their members informed of latest trends and issues.

This year is proving to be very exciting as there are quite a number of excellent conferences coming up over the coming weeks.  These are

ISSA Ireland National Conference

On May the 11th and 12th the Irish Chapter of the Information Systems Security Association (ISSA) will be hosting their first national conference at the Royal College of Physicians of Ireland (Kildare Street, Dublin 2).  There is quite an exciting lineup of speakers for the event and it promises to also be an excellent networking opportunity.  Details of the conference are available at

SEPG Europe 2011

Carnegie Mellon’s Software Engineering Institute will host the 16th annual SEPG Europe conference from the 7th to the 9th of June in the Burlington Hotel in Dublin.  This promises to be an exciting event where experts from around the world will discuss the issues surrounding improving the security and quality of software and systems.  On June the 6th there will also be opportunity to attend one of the following tutorials;

  • Cyber Response and Analysis Challenge
  • Forensics for Law Enforcement
  • Introduction to CMMI Accelerated Improvement Method (AIM)
  • Managing Risk and Resilience: The CERT Resilience Management Model (RMM)
  • Software Engineers as Insider Threats: Actual Attacks and their Consequences

To register for the above tutorials or the conference itself please go to the following

OWASP AppSec  Europe 2011

OWASP will be hosting their Appsec Europe 2011 Conference in Dublin from the 7th until the 10th of June in the grounds of Trinity College Dublin.  This conference will focus on issues surrounding application security, which has been very topical with recent headlines highlighting where poor application security has led to significant security breaches.  More details on the conference and how to register are available at

Of course later on in the year we will have the IRISSCERT  Cyber Conference, which will again be free to attend this year.  Planning for that is already underway and I will update the blog as they become available.

Hopefully I will see some of you at one or more of the above.

Oh I do Like To Be At The Bsides

Next week sees the Infosecurity Europeshow in London.  It starts from the 19th until the 21st.  I find it a useful opportunity to see what the various vendors are bringing to the market.  Sometimes I have found some new companies with some exciting products to help secure client systems.  Most of all I enjoy Infosec as it allows me to meet up with some old friends and colleagues in the industry and to catch up.

What makes this year more exciting though is that Security BSides London will be held in parallel to Infosecurity Europe.  BSides is a community driven framework to run information security events for and by the information security community.  BSides allows for a very interactive environment for people to share their thoughts and ideas with their peers in a relaxed environment.  A number of BSides events have been held in other cities and this is the first time for a BSides event to be held in London.

What makes it even more exciting for me is that I have been selected to speak.  My talk is titled “Layer 8 Security – Securing the Nut Between the Keyboard and the Screen” and I will be discussing how we can better engage with users to raise their awareness and knowledge regarding information security.  There are also a number of great talks that I am looking forward to, in particular the talks by Chris John Riley, David Rook (aka SecurityNinja), Xavier Mertens, Stephen Bonner and Justin Clarke.

It should prove to be an exciting event and I am looking forward to it immensely.  If you are attending Security Bsides London do say hello.  If you cannot attend you can follow it on twitter using the hashtag #BSidesLondon.

Speaking at the Third Annual ICS Data Protection Conference

On Thursday I will be speaking at the Third Annual ICS Data Protection Conference which will be held in the Radison Blu hotel in Dublin’s Golden Lane.  This is one of the conferences I enjoy a lot as it brings in people from various different disciplines to discuss the issues of protecting the personal data of customers and employees.  There will be people from data protection roles, legal, business, information security, IT and many others.  I find it can lead to many an interesting conversation as people get to learn, not only from the excellent speaker line up, but from networking with others as to how best to address data protection issues in their organisation.

With the introduction of the Data Protection Commissioner’s Data Security Breach Code of Practise ensuring the appropriate steps are taken to protect personal data entrusted to an organisation is even more important.  I will be presenting on “Taking a Practical Approach to Securing Your Organisation”.

There are still places available, so if you have not registered by now then you should go the ICS website and do so.  If you do attend the conference do drop over and say hello.

Upcoming Speaking Engagements

Last year I spoke at a number of great events and 2011 looks like it is shaping up to be a busy year on the speaking front too.  Over the next few weeks I will be speaking at a number of events.

So if you are attending any of the above please do say hello.

I will be attending a number of other events during the year and will keep you updated when I have more information.

Speaking at the 2nd Annual Data Protection Conference

The Second Annual Data Protection Conference which is run by the Irish Computer Societywill be held this year on Thursday the 25th of March in the Radison BLU Hotel, Golden Lane, Dublin 8.  I will be speaking at the conference as will

  • Billy Hawkes – Data Protection Commissioner
  • Bruce Scheier – BT
  • Linda Ni Chualladh – An Post
  • Las Kelly – Bank of Ireland
  • Murieann O’Dea – BearingPoint

Registration for the event is now open and those who register before February 25th can avail of the early bird pricing which is €170 for members of the Irish Computer Society and €295 for non-members.  After February 25th the registration fee increases to the standard fee of €200 for members of the Irish Computer Society and €350 for non-members. 

For more information and to register please visit the ICS website.

Upcoming IRISS CERT Conference on Cyber Crime

The Irish Reporting and Information Security Service will be holding its first annual conference on Cyber Crime.  The event looks to be pretty interesting especially as attendance will be free.  The following is from IRISS CERT‘s website:

IRISS will hold its first annual conference on the 19th of November 2009 at the D4 Berkley Court hotel.  This all day conference will focus on providing you with an overview of the current cyber threats facing businesses in Ireland and what you can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security will share their thoughts and experiences with you while a number of panel sessions will provide you with the opportunity to discuss the issues that matter to you most.  There will be a number of expert speakers on cyber crime including representatives from;

In parallel to the above speaking sessions Ireland’s first Cyber Security Challenge, HackEire, will be held to identify Ireland’s top cyber security experts.  HackEire will see 10 teams, up to a maximum of four people per team, compete against each other in a controlled environment to see which team will be the first to exploit weaknesses in a number of systems and declare victory.  The purpose the HackEire competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

The conference will be open to anyone with the responsibility for securing their business information assets.  There is no charge for those who wish to attend.

The IRISS Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.

If you are interested in attending please register at

Next IISA Ireland Meeting To Be Held On September 3rd

The next meeting of the Irish chapter of the ISSAwill be held on September 3rd in the Westbury Hotel, Dublin. There are some great speakers lined up including;

  • Les Kelly – Head of IT Security with Bank of Ireland
  • Raj Samani – Consultant for Cap Gemini & acting as CSO for the UK’s NHS
  • Captain Kevin Sweeney – The Irish Defence Forces

The meeting will close with a session on “Hacking attack demonstrations and mitigation” followed by the traditional networking event in the bar.

To get more information and to register for the event please go to the ISSA Ireland website.

I hope to see you there.