We are currently finalizing our new event in Summer 2012, focusing on Security Intelligence. Security Intelligence is one the newest disciplines in the IT security zoo and not yet fully defined (e.g. there is no Wikipedia article or rich bibliography of works dealing with the topic).
We have been monitoring the Security Intelligence scene now for more than 3 years and found many different approaches, ranging from standard security advisories and alerts to deep insight into the current threat landscape. While some organizations (mostly network equipment vendors) seem to view Security Intelligence just as a new buzz-word for marketing others do a more thorough job:
Especially software and anti-virus vendors like Microsoft, McAfee, IBM, Symantec and some ISPs like Verizon and AT&T provide valuable intelligence to the community. Also voluntary groups, free-of-charge spin-offs from consulting companies and open source projects contribute to Security Intelligence like shadowserver.org, Team Cymru, SANS Institute with DShield and many others. And there are of course many professional consulting companies which provide their services and products to commercial customers like iDefense (now part of Verisign/Symantec), Damballa, Q1 Labs (now part of IBM) and others.
The latter is, what we are looking at: robust and thorough information about the current threat landscape to improve our security strategies and align our countermeasures efficiently with the actual risk – without over-doing it and without neglecting minimum required effort.
After a long time of preparation, collecting background information and talking to many of our friends, supporters and conference guests we are now confident that our format will meet the requirements of of a high-end Security Intelligence event. We want to provide an environment, where information can be freely exchanged between cooperating and trusted dialogue partners in a secure environment. To achieve this we have a completely new format, which can be best described as a “conclave congress”.
The main characteristics will be:
- Single track, two day event: stay focused, no missing of a talk in the other track.
- Outside of Vienna, we currently have identified a few venues like a castle south of Vienna, a manor house near Salzburg or something like that, again to stay focused for two days without the temptation of a big City.
- Limited and controlled enrollment on an invitation/recommendation basis. We want to present sensitive information which requires a more restrictive policy compared to our DeepSec conference.
- No video recordings of the presentations for the same reasons as above. Presentations will be provided by the speakers on their own discretion but not published like the DeepSec talks.
- Limited seats, we currently look at 50 participants plus speakers as a maximum.
- Target audience: Public and national CERTs, government organizations, respected academic researchers, critical infrastructure and finance sector as well as recommended participants from one the mentioned organizations.
- All-inclusive event, covering conference fee, accommodation and all meals and beverages (non-alcoholic).
- All the venues we have in mind will offer a very reasonable on-top charge if you want to bring your significant other and we will organize a side-program and excursions into the vicinity of the venue.
The details, our CfP, dates and venue will be published in the next one or two weeks.
In the meantime please give it a thought whether you can contribute as a speaker or if you can reserve two days in the last week of August, resp. first week of September in 2012.
Please give us your feedback via (encrypted) e-mail: email@example.com (or posting blog comments) concerning anything about Security Intelligence, our event format or anything we might have forgot. Security events are all about collaboration, you know. ☺