Over the past week (15-17th October) I attended the Australian Cyber Conference (CyberCon) in Melbourne. This was my first CyberCon, and also my first interstate travel since PAX Australia back in 2019.
Being my first trip in quite a while, and sitting on heaps of frequent flyer points, I treated myself to some business class travel. I really wish I hadn’t now, because I don’t know if I would ever want to fly economy again 🙂 Having the extra width and leg room was an absolute godsend, and it wasn’t until I was onboard that I learnt of all the other perks, including free wifi (normally paid), a half decent meal even for the short hop across Bass Strait, and access to the Virgin Australia lounge at Melbourne airport.
Accomodation
I had often wanted to stay at the IHG Crowne Plaza when PAX was on, which is just opposite MCEC, and with the conference-preferred Pan Pacific selling out literally as I was making the booking, this seemed a great choice.
Was pretty happy with the accomodation, with a quiet room overlooking the conference location. This proved extremely beneficial in order to come back and refresh for an hour in the afternoon before attending later sessions.
Other than that, there isn’t really more to say – it was a typical 4-star hotel experience with a comfortable king size bed and modest sized room with ensuite.
The Conference
It’s extremely difficult to describe the conference, with well over 300 sessions available to attend, workshops, vendor presentations and of course the exhibition hall there was no shortage of choice.
Being the introvert I am, I tended to lean into the presentation sessions more than interactive sessions, and they were a bit of a mixed bag. I made a point of trying to pick sessions that I wouldn’t normally choose – because picking sessions that I would naturally pick would mean I would not learn anything new.
The sessions I chose for my agenda included:
- Lessons from the Whitehouse, Theresa Payton (ex Whitehouse CIO)
- Breach Fatigue – The Human Cost of Cyber Crisis Response – Simon Hopkins
- Challenges of Cybersecurity and AI in healthcare – Andreas Christodoulou
- “PLEASE!!! god damn it! I hate this hacker crap!” OT Security 65 Million years in the making – Michale Murphy
- Keynote – Kari Byron
- The “S” in AI stands for Security – Keynote, Brian Krebs
- Homelabs for hackers: Breaking things at home so you don’t do it at work – Shreyans Jain
- Linux Forensics – the forgotten crime scene – Sean Sproul
- How to tell Security Stories – Panel
- Beyond the Breach – Tim Brown, Solarwinds
- Darcula’s path: Visualising the evolution of phishing service – Daniel McNamara
- In conversation with former NSA director Admiral Mike Rogers – Locknote
Admittedly some of these sessions were not what I expected – one such was the how to tell security stories, which I was hoping would be about how incident responders could create the incident story to present to executives – instead it was more about handling PR between a business and the public in a cyber incident event.
Like with most multi-day conferences it can tend to be information overload. The sessions that do stick in my head though were the ones on Breach Fatigue, Beyond the Breach and Darcula’s Path.
Although I wanted to be there, I was forced to miss the homelab session – it was just way too popular – the full room and wait line reminded me of lining up for a session at PAXAus (which had happened the weekend before).
Vendor Exhibition Floor
For those who have never visited MCEC, let me tell you that huge does not remotely begin to describe how big this space is. It is worth noting that in the 3 days we were there, there were also another 3 major events happening in other spaces in the facility, all with similar sized halls.
There were dozens of vendors, and pleasingly many of them I was already familiar with through previous interactions. It was also pretty great to talk to some vendors whose products I use, but had not met before – in this case being able to talk to Filligran and SOCRadar was fantastic.
The most “viral” stand though had to be the Wiz stand, with some rather interesting snacks on offer:
Block Party
The block party was fantastic, with much of south wharf outside MCEC and the DFO being closed to public, and essentially all the eateries and bars being open and free for conference attendees.
Everything was here from pizza and pasta, to greek lamb, Thai dumplings and slider burgers, along with as much wine or beer that you could handle.
As much as I liked the experience, I did not enjoy being crowded in shoulder-to-shoulder and the extremely loud atmosphere. I only managed to stay for about an hour before leaving, with my ears ringing.
Lessons Learned
As much as a reminder to myself, here was what I have learnt from my conference:
- Try to pick some workshops as well as presentations next time – the presentation heavy path I took this time led to burnout.
- Free conference lunches are ok, but only if you can find somewhere to sit – It would seem a common thing for conferences is they expect you to be able to eat plates full of food standing up, which is something I just cannot do. Three days of curries was pushing it too – on the last day I decided to go get something different for lunch away from the conference, and was much happier as a result.
- Bring a friend – It was pretty damn lonely to be honest with no close colleagues to talk to. I was extremely lucky to be close with a few people attending as exhibitors along with the Tasmanian cyber contingent – the Blue Thylacines – who helped me not be completely on my own.
- Travel light(er) – I thought I had done pretty well to keep my EDC stuff to a minimum, but carrying it around all day still took it’s toll – I learnt many of the things I just didn’t need to bring – and next time I won’t 🙂
- Find breakfast! – refusing to pay $40 for a breakfast buffet which seemed to be the only option at the hotel, there seemed to be no other places nearby to get breakfast! If you wanted a coffee you were set, but there was nowhere to grab any sort of light breakfast like an egg & bacon roll or some toast.
Conclusion
What a fantastic event. It had it’s up’s and down’s, and was definitely a learning experience, and I got to meet a lot of familiar and not so familiar faces (I might have a group photo with Kari Byron from Mythbusters!).
I am absolutely planning to go again next year and will pay my own way once more. All up I paid around $3000 for experience and it was worth every cent. I am however trying to put a strong case in that next time I need to bring a colleague.