What to expect from DeepINTEL
Preliminary schedule soon (CFP is still open)
DeepINTEL will be a conference about security intelligence on September 3rd and 4th 2012 in the heart of Europe.
We have prepared this project for a long time and we were monitoring the security intelligence landscape for quite a while. During the last year we had many chances to discuss different approaches and talk to many people involved in security intelligence, either on the provider, research or customer side.
Our vision is now clear and here are some details which might have been covered here and here or which might be new:
Our understanding of security intelligence
We know quite well that security intelligence isn’t defined very clearly. Methods and tools differ as wildly as expectations and goals do. We find almost as many approaches as we find people involved with this topic. We developed our view to embrace a variety as large as possible without sacrifying the original thought: Security Intelligence.
Security: As sad as is might be, there is no security. In the late 90’s etoys.com, the first cyber-mob observed to operate with a high impact, had a slogan: “The digital underground will attack everyone, everywhere. There is no security!”. They were right and because of this we call our mission “risk mitigation” or “risk management”. Anyhow we stick to this label, and in our context security can be translated to “Assessing the risk correctly and take the right measures to keep the risk at acceptable levels”.
Intelligence Yes, that’s exactly what it sounds like. Think about intelligence operations and agencies. No, not the stereotype with trench-coat and the brim of the hat deep into the face, rather think of an accounting clerk. Think about he real ones, which don’t care whether the martini is stirred or shaken. Intelligence is a dry and tedious task, sifting through data and information, data and information and even more data and information. Lather, rinse, and repeat. If you are done with that the real work starts: correlate, analyze, find connections, hints and similarities, rule out false positives and hope that you come to the right conclusions.
Assembling those two should be an easy task now, we leave it as a homework to anyone who has some spare time.
The format of DeepINTEL
We have decided to shape our event in a way that allows you to stay focused, to concentrate on security intelligence and we tried to eliminate distractions as much as possible while maintaining a comfortable environment. The conference will be:
- Single track, two days to stay focused
- Away from the large cities to avoid distractions and temptations
- In a 4-Star venue, operated by Hilton
- All inclusive package covering conference, hotel and all meals and beverages (non-alcoholic)
The topics
What we are looking for (and we already have received a lot of submissions) is what can be be described as “soft skills”:
- How to gather information about adversaries, techniques, tools, etc.
- How to evaluate capabilities of adversaries
- How to verify security information
- How to understand adversaries (jargon, slang, communication methods, etc.)
- How to align your assessments with the real world (e.g. probability of an incident or strength of your controls)
- How to understand geographic and cultural distribution of security related topics
- And whatever comes to your mind along these lines (our cfp is still open)