Wednesday, May 29, 2013


My wife and I have three vehicles: two are red, two have manual transmissions, and two are diesels.  What is statistically significant about this?

Stumped? OK, more data: none of the vehicles has all three of the characteristics listed above.

Now it is obvious, isn’t it?  That’s right, the statistical significance of this is ABSOLUTELY FRIGGEN NOTHING.  Just because you can measure something doesn’t mean you should- and even if measurement makes sense, just piling numbers up doesn’t make the resultant mess informative or useful. 

Please, think before you math.

(Why yes, I have been reading so-called InfoSec “reports” and “studies” again, why do you ask?)



Thursday, May 2, 2013

You know stuff. Share it. We’ll help.

You know stuff, you’ve seen interesting things, done interesting research, have a unique perspective.  You also know that the ability to communicate effectively deliver your message to an audience is critical to professional success.  But you haven’t spoken at a major event, and you need some advice and encouragement.  Maybe you are intimidated by public speaking- that’s very common (there’s even a word for this common fear, glossophobia).  Well, we’re here for you.  By “we”, I mean the BSides community in general, and in this case BSides Las Vegas in particular.

BSides events have always encouraged new speakers, and some events have offered or are offering guidance, up to and including mentorship and coaching. This year we are continuing the Proving Ground track at BSides Las Vegas, a program which pairs those new to speaking, or at least new to speaking at a national event, with experienced speakers who will mentor, guide, and encourage you through developing, tuning, and presenting your talk at BSides Las Vegas.

From the website:

One of our tracks is “Proving Ground” and the main criteria to get a slot in this track will be being a first time conference speaker. As we all know how hard it can be to find your voice, or even to just translate data into talking points that won’t lose your audience, we’re looking to pair each of the Proving Ground applicants up with a mid to high profile mentor, with a solid track record of public speaking, who will work with them from CFP to podium.

If this program sounds like something you’d be interested in, please review the BSLV Mentorship Program Information.

I sometimes use this image in “how to give better presentations” talks, because I think it shows what is wrong with talks at a lot of conferences- the focus is on the speaker, not on the audience where it belongs.  In the Proving Ground track our mentors put the focus on you, the new speaker- this gives you the support you need to focus on your message, and your audience.


Time is running out to submit for this opportunity, please review the information on the website, and submit if you can join us for BSides Las Vegas.

What if you are a more experienced speaker, but know you can do better?  Would a workshop with other speakers, sharing ideas and constructive criticism interest you?  Well then- let me know, and stay tuned.  And watch James Arlen’s talk on the topic if you get the chance whenever he’s giving it again.



Wednesday, May 1, 2013

The envelopes please…

I had a great time in London last week, I finally got to BSides London, had a good show at InfoSecurity Europe, and talked to partners and customers- and I got to co-host the second annual (we can call it that after only two, right?) Security Bloggers Meetup and first European Security Bloggers awards.  The blogger gathering was great, I got to meet and catch up with a lot of folks I don’t often see, and there were a lot of great conversations throughout the evening.

About those awards- the winners were:

Congrats to all the winners.

Big thanks again to Brian Honan for the heavy lifting in organizing the event and awards, to my coworkers and employer, Tenable Network Security, for sponsoring and arranging the food, drink, and venue, and to Qualys for sponsoring the awards.

We’ve already started planning for next year- the venue was great, so Tenable has again reserved the Prince of Teck pub for the evening of Tuesday, 29th of April 2014 for the next European Security Bloggers Meetup and Awards.