Impressions of CRESTCon & IISP Congress 2014

CRESTCon & IISP Congress 2014 was a great opportunity for our CEO, Ian Whiting, to catch up with industry friends, meet lots of attendees who are keen advocates of our products, as well as speaking to several exhibitors who are also users of our software including HP, Ernst & Young, Nettitude, GDS and BT.

The exhibition was a good opportunity for us to provide inofsec professionals with a preview of some new major features soon to be releases in Nipper Studio. Our stress ball giveaway also proved quite popular with the pentesters – it seems they are a stressed bunch, who would've thought?

But instead of just giving you our own opinion of how the show went, this post brings together the views of those who attended, exhibited and kindly expressed themselves via the live news stream – Twitter. 

...Quite!

Andrea Simmons from HP also highlights in her presentation the amusing results of a much-debated 'study' by VoucherCloud: 

Adrian Davis (ISC2) makes a valid point about insider threats. Morrison's breach was indeed caused by a disaffected member of staff.

Selex ES steered people towards 'their very own' Robin Frewster security expert:

... and here's the consensus.

The Nettitude team

'Fuzzing' with Andy Davis of NCC Group:

Simon Clow puts it into context...

... and PwC agrees...

... while introducing James Campbell's stories on threat detection and response.

Finally, our own team - Ian Whiting below - shares a word, and a stress ball, with Gotham Digital Science

Hope this has inspired you to book tickets for next year's event. The CRESTCon & IISP Congress is definitely the right place to be for any infosec professional; whether beginners or more experienced, the conference has something to offer everyone.

What Makes CRESTCon & IISP 2014 The Must-Attend Event For Every Infosec Professional?

Source: crestcon.co.uk

The Exhibition

The exhibition brings tools and information to the hands of the visitors, with the chance to experience the products live, try the demos and clarify any questions directly with the providers. 

Source: CRESTCon 2013 via flickr.com

The Conference

The thing that sets CRESTCon apart from other trade shows is that it addresses different audiences via two streams. 

Stream 1 is targeting security consultants, researchers and those directly involved in testing or defending information systems. 

What's the talk of the town?

Some of the security experts presenting will be sinking their teeth in a few new topics. The audience will hear about security cameras and the security risk they can pose if infiltrated by bad actors, from Mike Sloss from Thales. Andy Davis, Research Director at the NCC Group will talk about Zulu, an intuitive and flexible fuzzing tool. 

Point of interest: Simon Clow from Context discusses iLO (Integrated Lights-Out management) and the security considerations for remote management interfaces. 

The rest of the talks are centered around the evolution of cyber crime with consistent provisions of case studies and research repositories.

Source: CRESTCon 2013 via flickr.com

Stream 2 is aimed at the wider public in the infosec community, including management representatives and risk and compliance officers, while featuring talks on career development opportunities. 

What about the career focus?

Ray Stanton (BT) sounds interesting:  "You may not like all that you hear, but Ray will stimulate thought and invoke critical debate". Andrea Simmons, from HP talks about the importance of understanding the breadth and depth of the infosec industry. Undermining it, she emphasises, could pose real risks to the community. 

The evolution of threats, incident-response, security awareness, the talent pool, tips on engaging at board-level and employer perspectives are among other topics. 

Point of interest: Rob Carolina, legal expert with the Origin law firm, tackles the ethical debate stirred in light of the Snowden scandal. 

The great thing about these presentations is that they take a pragmatic approach to security issues, and the speakers talk about their own experience as opposed to theoretical concepts of security. 

The Catch-up

It's nice to be out of the office once in a while, but it's even nicer when you get to meet old acquaintances, people who were colleagues at university, people you worked with, people you shared a beer and a hacking tip with a while back. Industry events are a great way to combine work with a friendly catch up. 

Source: CRESTCon 2013 via flickr.com

Titania's CEO, Ian Whiting and Andy Williams, Head of International Development are getting ready to attend the CRESTCon & IISP Congress on the 19th of March. They can be found in the exhibiting area, so if you are attending, drop by, say hello and watch a demo of our award-winning products Nipper Studio and Paws Studio. 

Titania is a proud sponsor of the 2014 edition of CRESTCon & IISP.

Source: crestcon.co.uk

Hope to see you there!