A Reason to Visit Stockholm in September?

The SEC-T security conference was held in Stockholm last week. This event which is now in its 3rd year is a major reason to visit the city at this time of year.

SEC-T may be a newcomer compared to some of the more established events but it has nothing to fear from them as the high quality of the talks has proven over the past three years. This year heralded a new venue on the city’s Southern Island of Södermalm which provided a cosy and relaxing atmosphere to talk shop with some of the World’s finest security professionals.

This is the second year that MWR InfoSecurity have presented at the event and to make up for not speaking last year there were two talks and three members of the team at the conference. After a rigorous selection process the talks that were selected by the organisers were on Deployment Solutions and Physical Security Penetration Testing and Social Engineering. Both talks combined frontline research performed by MWR Labs with real world experience and enabled the audience to understand how findings from the lab can be used to assess security in the field.

Luke talked about the risks of deployment solutions and provided plenty of evidence about why they need to be considered by every organisation that uses them. He did this by combining results from his own research with demonstrations of the techniques that are used on testing engagements to compromise the security of these solutions. If you still aren’t considering these risks just think what the impact would be on your business if someone gained unauthorised access to your entire network by attacking only one system. Whilst some of Luke’s research has been completed in our labs the results are not just theoretical attacks but as demonstrated in his talk are real, practical and within the reach of attackers.

Ranjit and Rafa’s innovative and entertaining presentation was based on the experience gained from physical security engagements and placed the audience in control of a real world physical security test. They were responsible for controlling Ranjit’s actions as he tested the physical security of Vulnerable Systems Ltd. This enabled the audience to get as close as possible to the decision making that is required on a real test. It also helped to convey the emotions that are experienced on a test in a manner that has not been seen before. The presentation demonstrated how engaging with an audience can help to deliver information security awareness and put them in the thick of the action without them ever leaving their seat. The audience was therefore a participant in what was effectively a security awareness training session but had more fun than any other session they have ever been in and as a result took much more away from it. Therefore, the talk was an informative session on the methodology used to perform physical security testing and social engineering, an action adventure and an opportunity to talk with World Leaders in the field in the bar afterwards. What more could you want from a security conference!

It is not possible to mention all the talks that were presented at SEC-T in this article but they were very interesting and the feedback from the attendees was that they had a great time and learned a lot. So when the time comes to plan the security conferences and events you will be attending next year make sure you consider Stockholm in September. SEC-T is definitely a “must go” security conference that is great value for money and has quality talks in an excellent atmosphere. Make sure you are there next year as we certainly will be!

For more information check out the SEC-T website.