Exploring Information Security - Exploring Information Security

How BSides St Louis Can Help Take The Next Step in Cybersecurity

Summary:Timothy De Block and Ben Miller discuss the upcoming BSides St. Louis conference. Ben shares the mission behind the event: to provide a low-cost, high-value conference for beginners and those new to the security community. They cover the importance of community-building, the value of professional skills alongside technical ones, and the power of networking at local events.Key Takeaways:BSides St. Louis Mission: Ben and his co-founders created BSides St. Louis in 2015 as a "passion project" with the motto, "bringing the interested to the connected". The goal is to offer a free or low-cost conference to make cybersecurity knowledge accessible to beginners and career-changers who can't afford larger, more expensive events.Cost and Accessibility: This year's conference operates on a donation basis, with a recommended $25 charge to help estimate food and t-shirt orders. Ben clarifies that no one will be turned away for an inability to pay, and the organization is a 501(c)(3) charity.Networking and Career Growth: Both Ben and Timothy stress that attending local conferences like BSides on a Saturday demonstrates a commitment to learning that employers value. Networking at these events can lead to job opportunities and valuable professional connections.Professional Skills Over Hard Skills: Ben argues that professional skills—such as public speaking, running effective meetings, and communicating politely—are more crucial for career longevity than hard technical skills. He shares a personal story about how a poorly chosen phrase accidentally hurt a colleague and taught him the importance of careful communication.Encouraging New Speakers: BSides St. Louis actively seeks out first-time speakers. Ben looks for people who have never given a talk before because the audience is forgiving and it helps them develop skills vital for interviewing and running meetings.Family-Friendly Environment: The conference is explicitly family-friendly, encouraging attendees to bring children and high school students to explore the campus and participate in activities like lockpicking and soldering. Ben views "hackers" as anyone who does "something in a way that wasn't intended to be done".Personal Philosophy: Ben shares his personal mission to help people "feel secure so they can sleep at night" and his belief that giving back through events like BSides is a way to help others who were not as fortunate as he was growing up.Notable Quotes:"Bringing the interested to the connected"."One con talk isn't going to make you an expert, but learning just enough to know what to Google, so that you can become an expert when you need to later... Huge. So helpful"."I can train somebody really easy to run NMAP... but telling somebody how to shut up in a meeting and listen way harder"."Don't self-select yourself out of opportunities"."My personal life goal is to help people feel secure so they can sleep at night".Connect with Ben Miller & BSides St. Louis:Website: bsidesstl.orgEvent Date: September 27thEvent Location: Washington University's McKelvey School of EngineeringSupport the Podcast:Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.Contact Information:Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn. Check out our services page and reach out if you see any services that fit your needs. Social Media Links:[RSS Feed] [iTunes] [LinkedIn][YouTube] Subscribe Sign up with your email address to receive news and updates. Email Address Sign Up We respect your privacy. Thank you!

[RERELEASE] What it's like in the SECTF sound booth

In this on a whim episode of the Exploring Information Security podcast, Michelle joins me to discuss here time participating in the SECTF.Michelle (@MlleLicious) was one of the contestants who competed on Friday in the Social Engineering Capture The Flag (SECTF). This year the SECTF focused on video game companies and Michelle (happily) pulled Disney. Getting up on stage in front of hundreds of people is already a nerve racking proposition. Now add in that you have to interact with another human being to try and get them to divulge information for points. As you'll hear this was Michelle's first year at DEFCON. She dove right in to the event and walked away from the even with an amazing experience.In this episode we discuss:What is the SECTFWhy apply to the competitionWhat was her preparation for the contestWhere could she have improved [RSS Feed] [iTunes]

[RERELEASE] How to network in information security - part 2

In this edition of the Exploring Information Security podcast, I discuss with Johnny Xmas how to network in information security.Johnny (@J0hnnyXm4s) is a penetration tester for Redlegg and an accomplished speaker at security conferences around the United States and Iceland. One of Johnny's more recent talks is titled "That's not my RJ45 Jack" which covers, among other topics, how to interact with people. I saw this talk in April when I went to BSides Nashville and it has a lot of good information that can be applied to networking with people in general.In part two we discuss:Resources for getting better at networkingSome of the challenges of learning to network [RSS Feed] [iTunes]

[RERELEASE] How to network in information security - part 1

In this edition of the Exploring Information Security podcast, I discuss with Johnny Xmas how to network in information security.Johnny (@J0hnnyXm4s) is a penetration tester for Redlegg and an accomplished speaker at security conferences around the United States and Iceland. One of Johnny's more recent talks is titled "That's not my RJ45 Jack" which covers, among other topics, how to interact with people. I saw this talk in April when I went to BSides Nashville and it has a lot of good information that can be applied to networking with people in general.In part one we discuss:What is networking?How can Twitter be leverage to strengthen and improve your network? [RSS Feed] [iTunes]

[RERELEASE] What are BEC attacks?

In this phishy edition of the Exploring Information Security podcast, Steve Ragan of CSO joins me to discuss business email compromise (BEC) attacks.Steve (@SteveD3) has been covering BEC types of attacks for the past year at CSO. These types of attacks are increasing. It may get worse with GDPR requirements next month. This ended up being one of the more difficult podcasts to get scheduled. Steve and I had to cancel on each other a few times because of phishing related stuff.In this episode we discuss:What are BEC types of attacks?Who is performing BEC attacks?How are people falling for them?What can people do protect against this type of attack? [RSS Feed] [iTunes] Subscribe Sign up with your email address to receive news and updates. Email Address Sign Up We respect your privacy. Thank you!