Building better defenses

Every day we’re barraged with inflammatory headlines and news stories about the latest breach, about the millions of consumers newly or once again at risk for identity theft, about the seemingly desperate state of security in the U.S. and abroad. Stories about hospitals forced to pay ransom to unlock their computers and keep treating patients, of home security cams hacked to post pictures of sleeping infants—these are the stories that get top billing.

As a security professional, you read these headlines too, all while rolling your eyes or shaking your head. You know the hype curve by heart and can recite today’s top 10 FUDdy headlines in plaintext or cryptocode, because you’ve heard them all a thousand times before. Flying under the radar is one of your super powers—you’re literally paid to keep secrets—but now it’s time to speak openly and pull the tribe together. Because all of the openness and interoperability you’ve forged in the systems you’ve built means that this race is no longer an “outrun the bear” problem; it’s a collective one. The best defense is not so much a good offense but just the best defense.

Focusing primarily on attacks, attackers, and the compromised misses a critical piece of the security solution set—that needs to change. That’s why we are launching O’Reilly Security Conference, the new conference focused on building better defenses, bringing together in-the-trenches security practitioners from organizations of every size, across a wide breadth of industries (not just technology), to open discourse. We are bringing defenders together with a common purpose and in a common location, to share concrete solutions. We invite you to join us October 31-November 2, 2016, in New York and November 9-11, 2016, in Amsterdam to have real conversations about security.

You are the protectors. You fend off targeted attacks; are prepared to recover quickly and effectively from a breach; help teams integrate new technology into your environment no matter how complex; secure your access controls (to data, network, or cloud) effectively at scale, all without losing your mind. Your work is critical to the safety of individuals and organizations on a daily basis, at a global scale, yet it is often almost invisible.

You struggle daily with the “defender’s dilemma” of what success really is—and there should be a place for you to discuss what you’re doing well, what you’ve learned from your failures, and how you’re making your organization and users more secure in response. At O’Reilly Security Conference, you can connect with other security professionals, exchange ideas with experts, and discuss how to build strong, resilient security teams. In three concentrated days of keynotes that bring clarity to thorny issues, immersive training courses and tutorials on critical topics and technologies, and technical sessions covering both practical and emerging issues, we’ll be focusing on:

• Bridging the gap between business and security–Discuss strategies for improving communication and making the business case that security is more than just a budget expense.

• Security tools and processes–Gain valuable insight on the best methods for improving security, particularly those that demand less development, maintenance, or monetary resources.

• Security in context–Discuss data, research methods, and data science in practice, from collection through analysis, to make improvements to security and operations.

• The human element–Discuss how to build and maintain a successful, responsive security culture at your company.

• Case studies–Learn from others’ successes and failures.

We know now that software is a team sport, which makes security an Olympic-caliber effort. “Success” in this complex, competitive, and relentless race requires continuous training, improvement, and evolution. Join us at O’Reilly Security Conference because openness and cooperation are qualities that benefit more than just systems. Because the adversaries and problems are collective and so are some of the solutions. Because the best defenses will not be built, maintained, and continuously adapted in an echo chamber. Because our adversaries will collaborate and build upon the success of others—and so should we.