Jack Daniel, technical product manager, Tenable Network Security

Share this article:
Jack Daniel, technical product manager, Tenable Network Security
Jack Daniel, technical product manager, Tenable Network Security

Tenable Network Security's Jack Daniel discusses Security B-Sides in San Francisco this year, as well as some topics he thinks will be prevalent at the event, in addition to RSA and TrustyCon.

What can you tell us about B-Sides this year?

BSides San Francisco is one of the biggest BSides events each year, and this fifth BSides San Francisco promises a lot of great conversations and content.  We are returning to DNA Lounge this year, it was a great venue last year and is a very "San Francisco" place for an unconventional gathering.  We will have presentations, lightning talks, locksport, and "I am the Cavalry" gatherings, and much more.  BSidesSF: Education! Collaboration! Community!

Why decide to make this a free event?

Most B-Sides are free or very low-cost. We try to keep the barrier to entry as low as possible.  A nominal or even refundable registration fee can help limit "no shows" and ease planning, but this year we are back at DNA Lounge and the venue's capacity makes it easy for us to just open the doors and let folks in.  If pre-registration is required some people are reluctant to drop in, even when we announce walk-in space available; we like spontaneous conversations and open doors can facilitate those.  And, it is a lot easier on the organizing team to skip the hassle of registration.

What do you anticipate from the sessions/speakers this year?

As always, we hope for a lot of good conversations, on a wide variety of topics. B-Sides allow speakers and participants to be candid and exchange ideas. The wide range of topics should help facilitate some great discussions and a few polite disagreements. 

What are some of the big issues attendees can look forward to hearing about?

There will be a wide range of topics again this year; privacy, government surveillance, application security, cloud and web reliability and scalability, malware and attack analysis, youth mentoring and threats to security research in light of crackdowns on "hackers" by people who don't understand security and technology.  The nature of B-Sides means that the presentations aren't the end of the discussions, they are the beginning. Conversations can continue in the chill-out space, at the bar, wherever interested folks gather.

Given the RSA/NSA news, what kind of impact do you feel this will have on B-Sides, if any, this year?

I don't expect it to have a significant impact.  Everyone in the B-Sides community is aware of the issues, and there certainly will be some conversations about Snowden, RSA, NSA and related topics. We offered to host any of the speakers who pulled out of RSA but still wanted to be heard, but the advent of TrustyCon gave a dedicated outlet for some of those speakers, and on a day which doesn't overlap with B-Sides.  There will be plenty of opportunities for people's opinions to be heard on the topic, in several venues, including B-Sides.


What are your thoughts on the industry's response to the leaked information?

As clich√© as the phrase "wake-up call" is, I think it fits here.  I see a few stories in this.  First, we've seen some very sensitive information lost by one of the most secretive agencies in the world, if they suffered such a catastrophic loss of data, anyone can (and that's scary).  Related, it appears that the NSA had some fundamental flaws in their execution of data protection. If they failed covering the basics, we all need to take a hard look at how well we are doing the fundamentals.  I do think that many organizations are more focused on things like the recent card data breaches, those issues have more readily understood technical countermeasures. In contrast, there aren't really effective technical solutions to political problems.

Will you be attending any of the other shows that week?

I'll be working the booth at RSA for Tenable, and attending several formal and informal gatherings throughout the week.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in Expert Q&A 2014

Steve Durbin, global vice president, Information Security Forum

Steve Durbin, global vice president, Information Security Forum

While he may not be attending the RSA Conference this year in San Francisco, the Information Security Forum's Steve Durbin hopes that there will be an emphasis on discussions that ...

Chris Valasek, director of security intelligence, IOActive

Chris Valasek, director of security intelligence, IOActive

Known for his work on car hacking in 2013, Chris Valasek, director of security intelligence at IOActive, will be sharing even more insight on automotive security at the RSA Conference ...

Paul Lipman, CEO, Total Defense

Paul Lipman, CEO, Total Defense

With endless amounts of talks taking place at the end of the month in San Francisco, we caught up with Paul Lipman, CEO of Total Defense, to see what's on ...