Cloud Security Expo 2016 – ‘the big con’

This Tuesday and Wednesday, my work colleagues and I attended the Cloud Security Expo at the Excel Centre, London.

As ever, our main intention was to sit in on some of the great talks on offer while also making the most of the networking opportunities.

Unfortunately, and this is a failing of the venue, many of the talks were held in dark and dingy areas in which photography was almost impossible. Not only that, the sound systems weren’t great and the speaking locations were so close together that the voices of multiple separate speakers would often merge into one.

Unpeturbed, William Lau and I made the best of the ‘hallway track,’ both for taking pictures and for talking to some of the most recognisable people in the information security industry.


Eugene Kaspersky

First up, William and I collared Eugene Kasperky, founder and CEO of Kaspersky Lab.

After listening to him talk about the latest trends in cybercrime, in which he boasted that his native Russia produces “the best cyber engineers,” before going on to admit that his homeland was also responsible for “the best cyber criminals,” we caught up with him outside the hall.

Recognising me straight away, he instantly asked for a photo, mumbling something about social proofing his Twitter account.

I was happy to oblige.

Not one to be left out, William soon interjected.

Perhaps embarrassed by the sight of a grown man on his hands and knees, Eugene sportingly offered to be snapped with him too:


When, later in the day, the great man followed William on Twitter, those of us who have to work with him never got to hear the end of it!

After a quick stroll around the venue, during which much ice cream was eaten, many pens were pocketed and all the best of the conference swag ended up nestled in William’s bags, we made our way to what we hoped would be the next talk of interest.


The Big Con

Finding nothing remotely enticing, however, we settled for Quentin Taylor and a talk about the Internet of Coffee Pots instead.

Liking a bit of banter, and knowing by now what William is like at these events, I told him Quentin was famous and so a selfie duly followed.

I’m still laughing now.

Got him!


Next up, a special treat for me as I got to catch up with <censored>, someone I admire greatly, who has supported me immensely and is just an amazingly nice person.

I promised <censored> that I wouldn’t publish her photo.

So there.

Moving on, and indeed skipping a day, we had something new to look forward to – a talk by our illustrious leader who was helping out our friends at Twist and Shout, the company behind the Restricted Intelligence videos we all know and love.

Before that though, there was time for another couple of talks.


First off, it was Timothy Wallach, a Special Agent with the FBI.

I locked my iPhone and hid it away – you can never be too careful these days.

The big guy from US law enforcement stood up and gave an extremely low-level talk about cyber crime.

A competent speaker no doubt, ultimately he proved to be a little underwhelming as he took his time explaining topics such as two factor authentication – in great detail – to a room full of information security professionals.

Fortunately for us, the quality of the next speaker was guaranteed.


Mikko Hypponen

Mikko Hypponen, CRO at F-Secure, arrived with a gaggle of assistants.

After a vague introduction by the compere, Mikko took to the stage to give an excellent talk about the history of malware and cyber crime. Taking in The Malware Museum he has been so instrumental in creating, the main point he made was how, in the 30 years he has been in the business, everything has changed, and yet the key threats faced by businesses and individuals still look remarkably similar.

Immediately after his talk ended, William and I initiated a short conversation before he had to dash off to fulfill his media obligations.

Will even managed to grab a photo with the normally elusive Mr Hypponen:


A quick lunch, and much bragging (somebody please shut Will up!), later and the whole team was assembled.

As Thom psyched himself up for his talk, William, Garry, myself and another colleague, Tony, sat down and waited with baited breath.

Shortly afterwards, Thom was up and running, giving an excellent presentation about security awareness training.


Firstly, he highlighted the benefits of having such a programme in place in the first place, then he went on to explain why the majority of companies that do implement such training still fail.

The answer, Thom said, could be found in the way security awareness is delivered.

Compulsory and boring training would always be doomed to failure, but a delivery method that paid heed to the following interchangeable equation had a much better chance of success, he said:

Value + Story = Experience


As someone who has a professional interest in both awareness, and keeping Thom happy, I couldn’t agree more.

When Thom’s talk came to an end, it was time to depart and set off home, but not before we each picked up one last piece of conference swag…


… do you like my mouse mat?

Chocolate, teddy bears and pens – my experience of RANT Reloaded

Yesterday, I and a few of my work colleagues met up in London for a conference I had mixed feelings about – RANT Reloaded. Why mixed feelings? Because I’ve been to these events before and the first two were very good (read about them here and here) but last year’s sucked. Big time. But, hey, Simon and […]


Host Unknown – a humble apology

Back in April 2014 I wrote a scathing review of Host Unknown and its efforts to merge the worlds of InfoSec professionalism and rap culture. I said at the time that video expert and well-known superstar Javvad Malik was being held back by wannabes Thom Langford and Andrew Agnes whose hammy acting was probably best […]


You know you’re winning when…

My daughter (a young teen) has just sent me this: !!!! IPHONE USERS WARNING !!!! DO NOT ENTER YOUR PASSCODE IF YOU SEE THIS POP UP ON YOUR iPhone! This appeared on my phone this morning and I thought it was a bit suspicious. I googled it and there were a few instances of it […]


Man who owned for a minute receives reward, gives it all to charity

Last week I wrote an article for Nak Sec about Sanmay Ved, the ex-Google Display Specialist and Account Strategist who snapped up the domain for just $12. He may have only owned it for a minute but that was enough to get the soon-to-be-Alphabet to take notice. The Mountain View company realised its mistake […]