Context: LASCON 2013, Austin, Texas

Subject: A tale of two keynotes: Nick Galbraith (@NGalbreath) and Robert Hansen (@RSnake)

The recent Lone Star Application Security Conference (LASCON) 2013 featured keynotes that took a holistic approach to information security.

This reflects a growing trend where information security leaders reflect on the state of the industry, help you manifest your full potential, as well as impart the latest technical advances from the good guys as well as the bad.

Galbraith’s keynote, “The Origins of Insecurity,” opened the conference. The slides are available on Speaker Deck. His tips included, “Next year bring someone from operations or development.” On a positive note, he stated, “everything ‘leaked’ indicates the mathematics is sound.” This means encryption is working, factoring those primes is still a computational hurdle. It was not all positive and uplifting though. He revisited the problem of Random Number Generators, RNGs, and for my fellow math majors, you will agree, a computer is good at following instructions, but terrible at doing truly random number generation.

Hansen’s keynote, “Blindspots,” was a mastery of human psychology, experiential learning and deep insight into the state of information security. We all have blindsposts. Hansen took us for a tour, including guided imagery with audience eyes closed, to clearly demonstrate the fact that not everyone understands how the internet in general, or security in particular, really works. One clear take-away, and example of a blindspot, is the information security professional who travels without taking appropriate security measures. There were many nods in the room during this section. Read Hansen’s Blindspot  blog entries on the WhiteHat Security website for more on this topic.

Bottom line: these were outstanding talks because they provided actionable intelligence for the individual as a total human being, as well as technologist. The next time you are at a conference, look for these information security luminaries. Their talks are not to be missed.