0:00:05 Emily Wearmouth: Hello and welcome to another edition of the Security Visionaries podcast. I'm Emily Mout, one of the hosts, and I've got a really great episode for you today. My guest is Samantha Swift, whose LinkedIn will tell you is a disaster junkie, a revolutionary, and a top 30 female cybersecurity leader. She's my kind of woman, if I'm honest, for the purposes of this conversation. Alongside all of that, she's also one of the organizing team for BSides, Newcastle, BSides [00:00:30] Leads and BSides Lancashire. And she was also one of the volunteers who was involved in Seasides, whose inaugural event took place just three days ago in Western Super mayor in the uk. And we're going to find out a little bit more about that one as we chat. I think some of our listeners may be familiar with BSides, but perhaps less so with Seasides. Welcome to the podcast, Sam.
0:00:49 Samantha Swift: Thank you Emily. It's lovely to be here.
0:00:51 Emily Wearmouth: So I'm going to start us off. Can you give us a bit of a one minute pitch on BSides? First of all, what is BSides?
0:00:58 Samantha Swift: We'll start with Las Vegas [00:01:00] because why not? So BSides came about because during what's lovingly known as Hacker Summer Camp, which is Black Cat and Defcon and lots of other side cons now, there were so many good talks submitted and not enough space and time to put them on. So some folks in the US decided that it was a good idea to have a B side to the A side like a record and BSides Vegas was born. And then from that, to call it a franchise would be probably too much. [00:01:30] But there is a whole community of these sizes around the world. There's been over a thousand now.
0:01:36 Emily Wearmouth: Really? A thousand events or a thousand locations?
0:01:39 Samantha Swift: A thousand events. Wow. So Vegas is the first one and still happens and is amazing. And then there are new ones popping up all the time. I think per capita. UK's probably got the most because we seem to have loads. But yeah, it's a community driven concept, really great talks aimed at all sorts of [00:02:00] levels. Low barrier to entry as well. It's not quite expensive to get in and it's funded mostly through sponsorship and a little bit through ticket sales, although some of them are completely free, but mostly most do charge some sort of fee on top. But it's great, a really good way to get people interested in cyber to help people cross train to up your skills and you see everyone there from students to CISOs and everything in between.
0:02:25 Emily Wearmouth: Right, okay. Well, very much people in the industry or looking to get into the industry
0:02:30 Samantha Swift: And people coming in. I mean, we had people, I've just recently done B besides Newcastle and we had people just bringing their friends along who were kind of cyber curious I guess, which is good. Yeah, there's always a bit of everything for everyone really. When people come and they say it's my first time, there's generally villages, so little areas where you can go and learn things the hands-on for the most part. And there tends to be lock picking quite a lot of them. So if you dunno what to do at BSides, first thing everyone says is go and learn to pick a look [00:03:00] and maybe learn how to get out of handcuffs for reasons.
0:03:04 Emily Wearmouth: This cyber curious is sounding more and more niche, but keep talking. And now what about CSIDES? Because Seasides is a little bit different, isn't it? Yes.
0:03:15 Samantha Swift: I don't sound like I feel like a fraud. Talking about CSIDES. I've been involved in the background. I wasn't at the event, which I'm sad about because
0:03:23 Emily Wearmouth: Tell the listeners, Sam, why you weren't at the event.
0:03:26 Samantha Swift: I lived miles away for a start and I've just started a new job. So I have my two for not [00:03:30] being there, but I spent my very, very small youth on the beach at Weston-super-Mare, which is where the first CSIDES is, was CSIDES is awesome. So Hazel, Gem, Nick, there's loads of people on that team who have been spearheading this movement. The idea behind it is to bring cybersecurity knowledge, careers and more to coastal towns. So the first one's been in Weston-super-Mare, but there are absolutely plans to take it on tour [00:04:00] and not be the same people every time doing it. So it was a one day event. It was on Weston-super-Mare Pier, which again, my little me has spent loads of time on. It's very sad that she missed. But yeah, lots of different types of talks, things for small businesses, things for people looking, getting into cyber for a career, even cyber's got talent and I think they also had some of the rides on the pier for an hour as well that were just for CSIDES, which is very cool and amazing badges.
0:04:28 Emily Wearmouth: I heard about the [00:04:30] badges. Tell us about the badges.
0:04:32 Samantha Swift: Badges are super cool. So a big shout out to punk security. Simon and Melissa who are big supporters of community events, they have provided badges for a bunch of events recently. Last year we had them for Newcastle on this year, CSIDES got a crab. Very cool. And they generally have some sort of interactivity going on, so there's a puzzle to do or some sort of, I mean a capture the flag type thing. But yeah, there's [00:05:00] always something you can do with the badge other than just hang it around your neck and write your name on it. Actually I'm going to grab my BSides Newcastle badge behind me. If you're listening.
0:05:09 Emily Wearmouth: I can see it flashing.
0:05:11 Samantha Swift: It is flashing.
0:05:12 Emily Wearmouth: So describe, it's sort of a disc hanging on a purple lanyard and I think it looks like a picture of a satellite and there's some flashing lights. Is that right?
0:05:23 Samantha Swift: It's the Angel of the North as a Satellite.
0:05:23 Emily Wearmouth: Yes, I can see it now.
0:05:25 Samantha Swift: Yeah. And this one had a morse code puzzle in it. It's on the back, there is a [00:05:30] button and you have to tap in things with morse code to unlock the badge and then different light patterns would happen and then by the end of it it was all flashing like Piccadily Circus. So very, very cool.
0:05:40 Emily Wearmouth: That's very cool. Very nice.
0:05:41 Samantha Swift: Yes, I love that. Love a good badge and they lot space to write names. Well simple.
0:05:45 Emily Wearmouth: When I said tell the listeners why you weren't there, what I was getting at was the fact that Sam and I were talking before we hit the record button about the fact that we do live in the uk but we live in the most landlocked counties. So CSIDES is almost distressingly distant from our landlocked [00:06:00] counties. But we will get to one, we'll get to another one in future, won't we?
0:06:06 Samantha Swift: Yes, very much. I am pretty two and a half hours from any beach.
0:05:45 Emily Wearmouth: Isn't it? So you obviously, I mean three northern BSides that you're heavily involved in and clearly behind the scenes in other things. Why are you spending your time on this? You are a very busy lady with a job. What do you get out of spending your time on these events?
0:06:28 Samantha Swift: I love it. I'm a serial volunteer as well, [00:06:30] so even events, I'm not organizing, I can't just go to something. It feels really weird. I generally get confused and either run away to the pub or I dunno.
0:06:39 Emily Wearmouth: Organizing the coffee cups on the table. Yeah,
0:06:41 Samantha Swift: Trying to figure out what we're doing next. I'll get pulled into helping that's happened before as well. Oh, while you're here, can you just, yeah, I love it. I think being able to inspire people, help them learn, provide. It's a really good environment for people to network, to make new friends and to get [00:07:00] involved or improve what they can do in this industry that I love so much.
0:07:03 Emily Wearmouth: Does it have any professional benefits for you?
0:07:07 Samantha Swift: I think the skills I can take from my career, which has been very weird and wonderful that have kind of moved into this just in general organization stuff, I've been heavily involved, especially with Newcastle and Leeds to a point on the call for paper side.
0:07:24 Samantha Swift: For Newcastle, I own that and then for lead to be kind, just do it altogether and same for Langs. [00:07:30] So I love that part of it as well. It's like done just reviewing the talks that come in. We've got slightly different guidelines depending on which event it is as to how that all works. But being able to promote diversity across all the different streams of diversity within those events is a real joy and I think that's a good way to help inspire people because there's a whole, you can't be what you can't see idea. It's important to demonstrate not just [00:08:00] great talks and great content, but amazing people and give people opportunities to come and speak as well. So we offer mentorship as part of that too. So if people do have something they want to talk about but they're terrified of getting on a stage, we can help them get to where they need to be.
0:08:15 Emily Wearmouth: That's very cool. I'm just wondering, when I compare BSides alongside other events, RSA, GITEX, InfoSec and they've all got call for papers speakers, you might not see yourselves as competing [00:08:30] with them, but if I've got money for a ticket, arguably you are. Why would someone come to a BSides instead of those?
0:08:38 Samantha Swift: It's the community feel is the first piece. They're super friendly. We've had people turn up who are brand new and there's a lot of neurodiversity in cyber as well, I think. So for people to walk into a gigantic event like an RSA or something, it's super overwhelming. So A, we're smaller, so there's that. People are super [00:09:00] friendly, it is done out of love. No one does a BSides for profit. We just do it because we want to. So that's super important. You're not going to have a million vendors trying to jump down your throat as well, which is nice.
0:09:17 Samantha Swift: The support we get from sponsors is hugely important. And there's different reasons that people sponsor BSides. Can be that they're looking to hire people can be, they just want to give back to the community. It can be that [00:09:30] they're looking for brand awareness within the community. It can be that they just know that those events are really, really good. And actually they'll have better conversations with people who know that their details aren't being sold on just by virtue of them turning up. If you want to give your details over to a vendor where you're there, you can, but it's not, oh, I've turned up now I'm going to get bombarded with a million emails a second I set my foot outside the door. So yeah, there's lots of reasons and good swag is always another as well.
0:09:58 Emily Wearmouth: The swag does seem [00:10:00] enviable to say I'm jealous of the swag. Now while we're talking about other events, I've got a decent S size network in Australia. I used to work over there and I've watched over the last couple of weeks a little bit of a kerfuffle on LinkedIn around South by Southwest Sydney. And the criticism, I guess that's being leveled at the event is it gets quite a lot of public sector funding, government funding because the plan is building a community within Australia [00:10:30] that is around innovation and creativity and technology and helping that community meet each other and innovate. But it's a for-profit company with extremely high ticket prices and the argument is being made that actually it's presence and its huge brand is driving some of the smaller events that are being run and founded by local Australian community members are being pushed to the sidelines. I know you're not in Australia and this isn't about your events, but does anything in that [00:11:00] resonate for you as to how you see where B-side sits?
0:11:03 Samantha Swift: Yeah, my immediate reaction is visceral. I'm not going to lie. I remember when South by Southwest did one in London fairly recently as well and I was like, okay, that looks cool because the Austin one, I've got friends who've been to that and they're like, oh, it's amazing.
0:11:18 Emily Wearmouth: it definitely looks cool.
0:11:19 Samantha Swift: It does it really cool, but it's really expensive and that goes against the whole kind of community ethos, especially they're getting government money as well. Yeah, [00:11:30] I'm making my skin crawl, frankly, that's a shame because yeah, in some cases your business might sponsor you to go for example, and that's cool, but then if your company's sponsoring you to go, you've already got a job.
0:11:44 Emily Wearmouth: That's fair. Yeah.
0:11:45 Samantha Swift: What about the people who are curious? What about the people who work for small businesses who can't afford the ticket prices that they charge? No, it doesn't sit right with me at all.
0:11:57 Emily Wearmouth: So what can events do to, you're going to have [00:12:00] a ticket price, there's certain costs you want to cover also, we were talking a little bit earlier if it doesn't have a value, if there is no price on that ticket, then you were saying you tend to get more dropouts and that there needs to be some sort of price threshold to stop that happening.
0:12:14 Samantha Swift: Yeah, we charge very little for the BSides I'm involved with, I mean like 10, 15 pounds.
0:11:57 Emily Wearmouth: Okay. Very little. Yeah, my train ticket will cost a whole lot more
0:12:24 Samantha Swift: Exactly for that. Generally you get food thrown in, you'll get some sort of swag was [00:12:30] generally a t-shirt or something. We've done a manner of wild and wonderful things at BSides Newcastle. We had aprons one year it was the shopkeepers convention. It was very cool. Was the food very
0:12:42 Emily Wearmouth: Messy that year? Was that
0:12:45 Samantha Swift: We went down that route, but I very cool flying enough in my kitchen, so they go, no, good slide stays in your kitchen. But yeah, you generally get some stuff you'll get fed for the most part and very, very commonly like [00:13:00] student tickets are free, so there'd be a limited number of student tickets, but if everything's free and we found this happened before is that people won't tell you they're not going to come because I haven't spent any money. It doesn't really matter, whatever. Oh no. Things happen. I mean for people who work in cybersecurity,
0:13:18 Emily Wearmouth: Things happen
0:13:19 Samantha Swift: Things happen all the time as well. So that's without life stuff getting in the way. But if you've charged, I we've run a refund policy up to a week before because there's [00:13:30] certain things we have to order in food things, last minute numbers. But if you can't come and even then there's case by case basis for a lot of them anyway, then you are going to let the event know and if there's a wait list running, which is common, they are for Leeds. We had a huge wait list this
0:13:45 Emily Wearmouth: Year. What was the capacity for Leeds and how oversubscribed were you?
0:13:49 Samantha Swift: I feel like we're 250, 300. I don't want to get smacked by the health safety police. But yeah, we have a really nice building that we've used every year and it's [00:14:00] part of the university, so it's a nice old building. The wait list was up about a hundred I think at one point last year. Wow. Crazy. So it's always good. I think generally if you're not going to go to an event, it's good to let people know you're not coming. . People tend to do that more if they at least parted with something.
0:14:17 Emily Wearmouth: Yeah, yeah. That's interesting how you price it, but so you subsidize students to come and join you.
0:14:24 Samantha Swift: Yeah, and we have a pay it forward scheme as well.
0:14:27 Emily Wearmouth: Which is what's that?
0:14:28 Samantha Swift: So people can buy a ticket for someone [00:14:30] else. They dunno who this is.
0:14:31 Emily Wearmouth: Oh, I like that. I like that. It's like in cafes you can buy a coffee for the next person that comes in and things, can't you? Yeah.
0:14:37 Samantha Swift: See that have more and more Hack Glasgow as well. They do a really nice pay it forward scheme. So BSides you do see it more often as well. So it is a nice thing because not everybody's in a position where they can afford it. They might not be a student, but they might be between jobs and might have other stuff going on. So keeping that barrier to entry really low is super important. [00:15:00] So most of it is funded through sponsors for us, but then a ticket price thing, not everything gets covered. Especially BSides Newcastle, we run on a shoestring of shoestrings.
0:15:10 Emily Wearmouth: You can tie a bow with such a short piece of string.
0:15:13 Samantha Swift: How much stuff from Costco can go in my car?
0:15:17 Emily Wearmouth: It works. I'm just thinking, I've been mentoring a woman in tech based out in India recently and one of the things that we were trying to help her with is building a network for herself [00:15:30] and what didn't help were big annual massive exhibition conference types events. But what it feels like might help her is this sort of thing where it's very hyper-local I guess you'd say, and designed for building personal networks. It's more a personalized experience rather than just you rock up and you're the audience. Is that an accurate assessment of how the event could be useful?
0:15:56 Samantha Swift: Yeah, massively. So a lot of the events will have some sort [00:16:00] of ongoing way of communicating as well. A lot of people will use Discord as an example, so you can stay connected throughout the year and it's not just you turn up, there's a bunch of people that you see, you might say hello to a few people and you might do some linking in, but then that's it and then you might see 'em again next year. So there's ongoing chatter, which is good. But yeah, a hundred percent. I mean walking into even somewhere like InfoSec, which is not anywhere near as big as an RSA, it's still [00:16:30] a lot. And if the first thing you see is vendors jumping out at you, being very lovely and friendly and I've worked in vendors my whole life,
0:16:40 Emily Wearmouth: Very lovely and friendly
0:16:41 Samantha Swift: Part of the problem. But yeah, if you're very new to it and you just want to meet some people, it's hard to do that if there isn't somewhere where you can go and sit and learn. And that's why the villages are always really good. You can go and get hands-on and Defcon has, which is a big, big, big, like the biggest hacker [00:17:00] conference in the world, they run on, there's a load of villages. It's one big conference but it's loads of mini conferences within itself as well.
0:17:09 Emily Wearmouth: Like Milton Keynes, our British listeners will understand the Milton Keynes reference. It might not play internet, A town made of many villages.
0:17:17 Samantha Swift: I think we need more roundabouts then at Defcon. I'm going to suggest that because I've enough to do I also, it's called, I'm giggling because Gen Z have appropriated the word I [00:17:30] goon a defcon.
0:17:32 Emily Wearmouth: I don't even want to know what Gen Z, I'm going to say Zed have done with that word, but tell me what it means to you.
0:17:38 Samantha Swift: It's a volunteer. So I'm on the SOC team. So basically we're responsible for the physical safety security side of people at DEF com. So I work on
0:17:48 Emily Wearmouth: And that's a volunteer team?
0:17:50 Samantha Swift: Yes. Yeah, there's a lot of volunteers at work behind the scenes at Defcon, there's hundreds of us.
0:17:57 Emily Wearmouth: How fascinating.
0:17:58 Samantha Swift: It's a team that I work on basically when [00:18:00] everyone's in the evening going out and having fun at the parties and stuff that happen within the event, we make sure that they're having fun and they find their friends and if anything goes wrong then we can get 'em some help.
0:18:11 Emily Wearmouth: Wow,That's very cool. I hadn't even thought about
0:18:13 Samantha Swift: That stops me going full Vegas as well.
0:18:16 Emily Wearmouth: Always a good thing. True wise, I know that there's a lot of CISOs that come to these events and very senior execs. How do you work at the different level, the different things [00:18:30] people are looking for If you're a student or cyber curious and you're a CISO and then you are everyone in between, surely what they're looking to get out of the event is very diverse. How do you cater to all of those crowds and how if you are listening in your a security leader, why would you feel that this is for you and not something just for your team? I shouldn't have said just for your team because for your team is hugely valuable, but you know what I mean.
0:18:54 Samantha Swift: And a lot of CISOs make a big effort to send their teams as well, which is great. They know the value behind it. So you get them, you many [00:19:00] different people, you get CISOs who've always had their hand in technically and they will be coming along to learn stuff amongst other things. Sometimes it's networking, sometimes they're looking for the next hires. But when you're trying to get the agenda and the kind of program together of the different things, getting the balance right of the different kind of technical levels, the topics, because everyone, a lot of students when you talk to them, they want to go and be [00:19:30] penetration testers, they want to break stuff for money and not often is it explained the full variety of careers that are available within cybers. So many. So when we do the call for papers, that's one part of putting the agenda together. It's not just the agenda for the ones that I work on. We also invite in keynote speakers. So we've been really lucky with some of the ones I've done. We've had amazing speakers come over from the states. [00:20:00] We've had great people from the uk. Jenny Radcliffe opened our first, BSides Newcastle,
0:20:06 Samantha Swift: Which was in a skate park. So Jenny Radcliffe in a half pipe was just, it was quite something. And then Ian Thornton Trump closed it down. By that point we'd lost all lighting and it was in the dark. So from Jenny Radcliffe in the morning, Ian Thornton Trump at night in the dark in a half-pipe in the dark.
0:20:26 Emily Wearmouth: I mean we all learn as we go.
0:20:27 Samantha Swift: Yeah, totally normal.
0:20:30 Emily Wearmouth: For those who don't know, Jenny Radcliffe is the burglar for hire or social engineer. She's known as the People Hacker. Ian Thornton Trump is a CISO and he's a talking head who appears at a lot of events representing our industry.
0:20:43 Samantha Swift: So I mean for these BSides Newcastle, we had a lovely friend of mine, Cat Fitzgerald came over, it's the second time she's come over and done a keynote for us talking about cloud security. But she's also done stuff about home labs and about just general career stuff. So [00:21:00] she's done lots of different talks, but it is absolutely getting that balance. We had a lot of AI related submissions this year for obvious reasons.
0:21:08 Emily Wearmouth: Did you get any that weren't out of interest?
0:21:10 Samantha Swift: Yes, we did.
0:21:13 Emily Wearmouth: I was given top billing to whoever managed to do their submission without using AI references at any point.
0:21:19 Samantha Swift: There was a lot, there was some really good ones as well, but we had everything from a guy talking about how money laundering works behind the scenes. Not that you should get involved in money laundering, but how that sits [00:21:30] and funds a lot of cybercrime is one part of a wider criminal enterprise in a lot of cases. So it's talking about that. We had a guy come and do a Lego serious play workshop, which how cool is that?
0:21:45 Emily Wearmouth: You had me at Lego, is there an objective to a Lego serious play workshop or is it just we are going to play?
0:21:51 Samantha Swift: It was so cool. So a guy called Phil V, so thank you Phil for coming over. We had a really good prep call. He talked about he's not a cybersecurity person at all. He's a Lego [00:22:00] serious play person and you have to be certified to come do this stuff. It turns up the giant box of Lego. We'd worked through some kind of scenarios for him to talk to people about, they take out all of the mini figures to start with. So you have to build, you can't just put people in this situation and he will come up with things like you're basically building something that talks to a perfect security operations team and then you've got to build that, but [00:22:30] you haven't got people to build it with.
0:22:33 Emily Wearmouth: I've found a trap, Sam, you've removed the people and don't, cybersecurity experts get criticized for not putting people's center when it comes to building. And you've done that, you've removed the mini figures
0:22:48 Samantha Swift: We have. They could still build people, but they have to make them themselves. That's true harder. Think about the people you're building,
0:22:53 Emily Wearmouth: The seventies and eighties Lego mini figures that you had to actually build yourself.
0:22:59 Samantha Swift: But things like [00:23:00] that are really cool. So that again, you don't need to be able to understand reams of code to be able to go to that session.
0:23:05 Emily Wearmouth: Yeah, it sounds like a really good value. You could spend an awful lot of effort building a training day for your team or you could just send them to this and it sounds very holistic in the different skills and opportunities that they can pick up.
0:23:22 Samantha Swift: There's so much, I mean there are people there showing their new call zero day they've put together and there's a lot of code done passed on a screen [00:23:30] and the good ones will tell you actually what you need to do about it at the end. Not just like I've written this go me. And then the next thing could be talking about building an insider threat program.
0:23:42 Emily Wearmouth: Is there, this sounds hugely useful and we know that for national security, organizational security is critical and there's a big drive by governments around the world to uplevel standards within organizations. Do events like this get any sort of interaction with governments and [00:24:00] policy makers? And I'm going to leave funding in very small text at the end of that sentence. I think the previous answers might be no. But is there any interaction with those big policy conversations?
0:24:14 Samantha Swift: Yes, yes and no. So some of them will have policy areas. So Defcon for instance has an entire policy village, which is really cool. And there are people within the community that get involved in policy. A lovely friend of mine, Jen Ellis, she does a lot with both the US government and the UK government. She did something called [00:24:30] Hackers in the House. There's Hackers on the Hill that happens in the US, Hackers in the House ish Last year it was freezing cold. It was just before Christmas where she got a bunch of people from the community, which Jen was the first person to take me to a BSides, dunno if she knows this. Yeah, I went to BSides. Well she does now. She knew everyone and I was a little bit terrified because it was very, they didn't seem like the cool kids, but it was the nerds and I'm like, I'm the person from the vendor and I don't know anything. And [00:25:00] everyone was lovely. It was amazing. That was literally the light bulb moment for me. Yeah, Jen does a lot with governments and policy makers, so she got a lot of people from the community to come and meet with them just before Christmas. And there's another one she's working on at the moment. So there are pockets for sure. There is some sponsorship that goes on and some linkage with governments or parts of governments, not like the government as a big capitalized thing. In Newcastle [00:25:30] we are involved with something called Cyber North, which is a much bigger initiative that run. They have a thing that runs through the whole of September and it covers so many different things.
0:25:42 Emily Wearmouth: These sorts of community events are filling a very useful purpose within the wider defense team for a nation.
0:25:53 Samantha Swift: Yeah, absolutely. And even on a granular local level as well, a lot of these events are held at universities, not all of them, [00:26:00] but the universities will help with discounted rates and things to help the events go off, which is good. So you can kind of call that sponsorship and we've had secret speakers come to a bunch of different events.
0:26:16 Emily Wearmouth: Do they like their martini shaken, not stirred? Is it that sort of speaker?
0:26:18 Samantha Swift: Very much speaker. I'm going to say that, yeah, absolutely. That's cool. And then one of them did the Conga. I was leading the Conga at lanx, which I was very pleased about.
0:26:29 Emily Wearmouth: It's a very different character to what I pictured [00:26:30] there.
0:26:31 Samantha Swift: But yeah, we do get speakers come in who have amazing jobs within government and just hugely fascinating to listen to, but they can't stick their name on an agenda because of who they are and what they do. So there is definite crossover and right up to the DEFCON events, there's absolutely tie in and people coming along. We've had all sorts of people turn up at Defcon. Elon Musk turned up one year.
0:26:55 Emily Wearmouth: Oh,
0:26:56 Samantha Swift: Unannounced.
0:26:56 Emily Wearmouth: Interesting. So was he not speaking, was he just a guest?
0:26:59 Samantha Swift: No, he just turned up in the car hacking village and stood on stage and basically went, I'll give you access to my code, come and hack it at wt. Oh wow. This is before he went full Elon. I think
0:27:12 Emily Wearmouth: Early Elon, I must said
0:27:14 Samantha Swift: What your opinion is of Elon Musk. He's a different man now. I feel, well maybe he's not that one.
0:27:18 Emily Wearmouth: Who knows. I have no personal experience to chime in with an opinion
0:27:22 Samantha Swift: And I was the wrong side of Defcon at that point and I couldn't get to it, but the rumor was like, my God, Elon Musk here. And then all of a sudden
0:27:28 Emily Wearmouth: It shows though that it's attracting [00:27:30] people who are right in the heart of the industry and making things happen.
0:27:35 Samantha Swift: Exactly, and we had Deadmau5 last year. Very similar.
0:27:39 Emily Wearmouth: I've got a question though. You said when you were talking about your first BSides that you were a little bit nervous that it might be cliquey and that was one of my fears I see a lot of these community events talked about on LinkedIn because there's clearly networks who people who already know each other and love it and it's always very wholesome and positive. But if you are on the outside [00:28:00] it can feel like I don't want to, but it doesn't matter how big the event is, walking into a room where everyone else already knows each other is very daunting. So is there anything that either you do at your events or anyone else who's hosting one of these events could think to do that would help make it more welcoming to the newbie?
0:28:20 Samantha Swift: Yeah, I think so. I mean it's funny it, I've been in cybersecurity for years at that point as well, but BSides was always this cool thing that was happening. It used to be London one was always on [00:28:30] the same time as InfoSec when InfoSec was over on the west side of London. It's changed now because InfoSec moved and now BSides London is December time.
0:28:40 Emily Wearmouth: I thought you can say the BSides crowd's too cool to go to xl,
0:28:45 Samantha Swift: Big lazy line. But yeah, I did assume everyone would know each other. I mean Jen knew everybody and then she introduced me to a bunch of people who were all lovely. So I mean it was lovely. Yeah, just take Jen with you I think is the answer.
0:28:57 Emily Wearmouth: That's the answer.
0:28:59 Samantha Swift: Yeah, we'll just fire [00:29:00] her out as a professional introducer to people.
0:29:03 Emily Wearmouth: Or have you seen someone walk into a room like that that doesn't know anybody and just done a absolutely perfect confident opener to join into a group conversation? Or what's your almost like pickup line I suppose that you would recommend walking into a BSides with?
0:29:19 Samantha Swift: So just to flip that round a minute, so you did this thing at Leeds and I dunno if this came from the previous Leeds team, there's been a couple of people that themes that have run leads and we call it, it's called the Pac Man, and [00:29:30] it's actually, we mention it in the slides and we mention it in the program as well. So as if you're stood in a circle of people leave a space. So it's basically like a Pac Man,
0:29:41 Emily Wearmouth: An invitation,
0:29:43 Samantha Swift: And that way there's room for someone to come in. Nice. And if someone does come in, you've got to leave more of a space and eventually you'll end up with a huge circle. But that's a really nice thought process. People do tend to be super friendly. So if I was going and I didn't know anybody, where would I go [00:30:00] other than panicking and go to the pub, go to Lock Picking always comes back to that. Often and there's other places you can go to as well. So a lot of times there's like a charity sticker store, which is good because InfoSec runs on stickers for sure. And then there's generally it's a charity that is something to do with either the local area or the people that run it. For instance, we did the Bubble Foundation at Newcastle this year, which is a charity for [00:30:30] families who have children with serious immune issues. So they basically go to this ward, one of the hospitals in Newcastle and have basically a bubble. And my daughter and my friend's daughter, who is one of the co organizers, basically sit on the sticker stall and flag people, the people want to come by stickers anyway and then they're trapped by children. So we raised nearly 1500 pounds, which is really cool. Kids [00:31:00] did it,
0:31:00 Emily Wearmouth: They're good. You could get them in sales and they'll go far
0:31:04 Samantha Swift: They should be. But yeah, this is the thing. There are always places I think you can go and sit down and talk to somebody. There was somebody who wants to show you something. It might be lock picking. We've had a retro village where there's loads of old games and stuff to play with. People bought their creaking eighties equipment along. There was one guy had a BBC, I think it was a BBC, I can't remember, a BCB maybe that he got, there [00:31:30] was a camera and he got it to load up like a picture of you that it took on the very old screen from the beginning of time.
0:31:38 Emily Wearmouth: Yeah. I was reminiscing about my school BBC computer the other day. Yeah.
0:31:44 Samantha Swift: So yeah, I think that's the thing is if you're not comfortable walking up and just starting to talk to somebody who's just stood there, who may also be thinking maybe someone will come and talk to me or I dunno how to go and start a conversation, then look towards the villages and see where you can go and sit down. And generally people [00:32:00] are there to explain to you whatever it is they're doing and then you can get chatting with people.
0:32:04 Emily Wearmouth: And I love the Pac Man thing. Sometimes it can work your advantage if you're the one already in the group when you're a bit stuck and if you just edge out to make a little space, then someone can come in and rescue you quite like that. I'm going to think about Pac Man next time. Well it sounds like I need to come to a BSides because confession listener, I've never been to a BSides. I've watched them on my LinkedIn and I've been worried about that cliqueness and that's like I'm [00:32:30] an outsider thing, so you've put my fears to rest and I'm going to get the train, the more expensive ticket. Oh, well if there's a London one that's even easier.
0:32:38 Samantha Swift: Yeah, it comes to London is it's 13th of December.
0:32:43 Emily Wearmouth: Okie doke. I'll get it in my diary.
0:32:45 Samantha Swift: Yes, come along. But yeah, there are so many. If you Google security BSides, there's a centralized website, but it's got them all on there and all over the world. So no matter where you are listening right now or indeed watching, there will be a B-side somewhere in [00:33:00] your vicinity and if there's not, you can start one. There's details on how you can start your own as well, which is really cool.
0:33:06 Emily Wearmouth: Fabulous. And just to cover then, not-for-profit or is there a not for profit? Not-for-profit. Marvelous.
0:33:12 Samantha Swift: With a small amount of rules you have to adhere to. You basically go and talk to central command. It's not the actual name of it, but we'll call it that. Sounds cool. So basically you go and you say when you want to do it, it's ideal that you don't cross over with one that's nearby. So that's why it's good to be able to see the list and then yeah, there [00:33:30] are some rules around how to do it. Some help there if you do have problems. There has been a few times where we've had to talk back to Central BSides to just ask them for advice on things. They're amazing. But yeah, so I mean BSides Alaska did one fairly recently and I think they had, I'm going to get the numbers wrong, I think it's something like 47 speakers and 18 attendees beyond that and that was their first one. Oh
0:33:51 Emily Wearmouth: Wow. Wow.
0:33:52 Samantha Swift: Yeah. You don't have to think you're going to run a 3000 people conference.
0:33:57 Emily Wearmouth: Do you know what I like about that is why do we feel like there [00:34:00] needs to be more attendees than speakers? If you've got a flaw that everybody's adding value to, arguably you could have the same number as attendees, as speakers, and that's the most valuable event ever. Everybody gets to share their knowledge. Yeah, yeah.
0:34:12 Samantha Swift: Speakers do tend to, they're there to learn as well. So they go talk each other's talks, go to everyone's talks, people want to, often you get grabbed as you come off stage and people want to have a chat. So yeah, it's not to say you come and you do your talk and you leave. Community is key.
0:34:28 Emily Wearmouth: Brilliant. And we, we've talked more about beer besides and CSIDES [00:34:30] because obviously we've been behind the scenes but didn't get to go to the Seasides event. But I think widely it's probably worth saying there are, BSides is one flavor of a whole load of different community events that can benefit from the cybersecurity industry and also benefit the cybersecurity industry. And it's well worth having a look to see what you've got. My big thing is in your local area that you can build a network actually where you live. We don't all live in London, all the big cities anymore and lots of other people live [00:35:00] in our random little towns and villages as well.
0:35:02 Samantha Swift: Yes. As the person who lives in the middle of the country and helps organize three northern BSides.
0:35:08 Emily Wearmouth: Bit odd. We'll let that one go. Awesome. Well is there anything else that I haven't asked you about that you wanted to share or mention?
0:35:15 Samantha Swift: No, I think, I mean the big thing is this, if you can't find one, build one is the huge thing. And the more we work together, the better we are as an industry ultimately. So those networks are so [00:35:30] important and if you are worried about going and think, my God, it's going to be full of tricky people or I have to know 15 different flavors of code or have been in the industry for my whole life and before I was born, I don't worry about it. There will be lovely people there who want to meet you, want you to have a nice time and you'll get great stickers and swag and possibly harassed to by my child
0:35:52 Emily Wearmouth: I love the idea of cyber curious though. That's my main takeaway from this conversation. And [00:36:00] cyber curious is where all of our next hires are currently sitting because we all need to think slightly more laterally when we are looking at making hires
0:36:08 Samantha Swift: Not just students, not just students. I love hearing stories from people where they've come in from other industries
0:36:13 Emily Wearmouth: Yeah
0:36:14 Samantha Swift: There's definitely a lot of skills that you can bring in and there are things that you can learn. So curiosity is key.
0:36:20 Emily Wearmouth: Excellent. Well thank you ever so much for joining us on the podcast today. Listeners watchers, you've been listening and watching the Security Visionaries podcast. I've been your host, Emily [00:36:30] Wearmouth, and if you've enjoyed this conversation and I have loved this conversation, we've got whole loads in your back catalog that you will enjoy. So go and have a rummage around last month's episode. We're celebrating 30th anniversary of the movie Hackers looking at how hackers were depicted in Hollywood. And that one is well worth a catch up. So I will catch you next time. Thank you for joining us. Thank you, Sam. Thank you.
){kind=icon}
