Yesterday and today, I was at the Paranoia 2018 conference, one of the Nordic regions largest Info Sec conferences.
I got free tickets as a consequence of qualifying to the finals of the Paranoia Challenge, a kind of AI-powered gamified red team/blue team training environment.
As I just got home, I have yet to do a writeup of the experience of the challenge myself, but Bouvet (my employer) published a blog post (Norwegian) about it yesterday.
Here are my favourite talks of the conference:
Agile Security and Orchestrated Response
Bruce Schneier - Security Guru
Security guru Bruce Schneier talked about the state of the world, touching upon (mass) surveillance, the internet of things, the increased attack surface of an increasingly connected world and what constitutes appropriate responses when faced with security issues.
Bruce held a similar talk at SecTor 2017:
I also got a signed copy of his book Data and Goliath!
FC aka. Freaky Clown - Redacted Firm
This talk was mostly about Freaky Clown's dayjob, which entails breaching his clients (banks, multinational companies, etc.) - both in cyberspace and in meatspace. FC also touched upon what constitutes a good company culture with regards to security.
FC gets into some of the same stuff in this Devoxx 2017 talk:
Hacker Privilege: Securing Corporations one Dirty Look at a Time
A talk about how complicated the field of security and the threats within are. No real answer to the problems he identified was given – but hey, that's just how the world is sometimes; You've got to identify the problem before you can find a solution!