When it comes to cybersecurity conferences, DEF CON is one of the most daunting. It’s huge, busy, and filled with experts, many of whom already know each other. So when Laylee Olsen ventured there for the first time, she was understandably a little nervous.
It was the first ever cybersecurity conference for 30-year-old Olsen, a former business sales and marketing executive who wants to break into an infosecurity career.
Talking at the Toronto Security Area Klatch in August, Olsen described her trip to DEF CON and what she learned from attending a security conference for the first time.
One of the most important lessons she took away from the conference was not to be intimidated by her lack of knowledge or cybersecurity certifications. The best qualification for anyone attending a conference is an inquiring mind. “Everyone has their own pathway to infosec. There really is no one straight way to get in to this,” she says.
Olsen is a case in point. A relative newcomer to cybersecurity compared to many of DEF CON’s heavy hitters, she first became interested in technology after reading Ray Kurzweil’s Age of Spiritual Machines.
The book convinced her that tech would become increasingly pervasive and got her thinking about how important it will be to secure it. Inspired, she began taking math classes and joined the cybersecurity club at nearby Mohawk college.
“I found that I really enjoyed the challenge of constantly learning,” she says, adding that this is a requirement for cybersecurity professionals in an industry where the black hats never stand still.
Eager to take the next step, she made a four-day, 3,500km solo drive to DEF CON this summer, camping along the way. When she joined the throng entering the hotel on the conference’s first day, she recalls being overwhelmed.
“There was a lot of excitement, there were a lot of people, and there were a lot of lineups,” she recalls.
The frustrating thing about a conference like DEF CON is the sheer number of talks on offer, most of which will appeal to the average visitor. She learned early on to avoid the fear of missing out (FOMO), and accept that she can’t make it to everything.
She also learned that while a little planning is a good thing, it’s important not to let too much of it get in the way.
“Obviously, you have your maps ready and you have your schedules ready. But I think leaving room for exploration was the takeaway for me,” she says.
She didn’t fall into the trap of constantly running between talks. Instead, she wanted to leave room for new opportunities that don’t show up on any conference schedules.
Chance meetings would happen when she least expected them. While checking the conference schedule, she struck up a conversation with someone from Toronto who gave her some excellent advice on career pathways and became a valued contact
“Had I been rushing, I would have missed that opportunity. I would have missed that potential job offer at the end of my studies,” she says.
That’s another takeaway she learned from the conference: talk to everyone you can. It can be daunting when you’re alone at an event, especially if you don’t know anyone there. “But everyone was kind and willing to chat,” she says, adding that she learned an important social tool: When you join a group of people chatting, always leave a space for someone new to join after you. “That was well executed,” she recalls. “Everyone was welcome there.”
Another key lesson she learned at DEF CON was to be confident in your own ability to participate, even if you’re not as technically advanced as others in the room. When she attended her first talk — a guide to recovering data from burned-out hard drives — she realized that for a newcomer to tech she was technically out of her depth. It didn’t faze her, though.
“I realized in that moment that osmosis was a thing,” she recalls. “Maybe you’re not going to be able to understand absolutely everything you’re hearing. But it’s okay to go and challenge yourself and be a part of it.”
Using these techniques, she took away more than just technical knowledge from DEF CON. She made a useful selection of contacts, and even spoke to some of the speakers directly. She’s now emailing with them from back home in the GTA.
Attending DEF CON was just one step on the journey to an infosec career, says Olsen. She’s studying the fundamentals of networking with a CompTIA Network+ certification, and wants to get into cloud security infrastructure.
These techniques for navigating security conferences will stand hundreds of attendees in good stead when they attend SecTor next month. If you want to be among them, there’s still time to register — and if cloud security is your thing too, then you can register for our Cloud Security Hands On training course to take the next step in your own cloud security journey.