Community//

What a hacker conference teaches us about inclusivity

I went to Def Con 26 for security takeaways. I left with a lesson in inclusion.

Maker of hat wifi router next to curious non-coder

Though the number of women in cybersecurity has hovered stubbornly at 11 percent since 2013, Def Con’s open mingle experience holds the key for growing the pipeline in the sector with lessons for the larger society. Its learning track for kids is roughly at gender parity, showing the power of community access for unlocking participation.

With an estimated 36,000 attendees packing into Caesars Convention Center for Def Con 26, the AC had gave up by 10 am, when I stepped off the escalator. Unlike my usual sessions-focus at conferences, a dearth of free time made it near impossible to map out sessions. So, I explored organically, striking up conversations wherever the unstructured moment took me — in the Villages, contest areas, food court, taxi line, airport bar, and on the return flight.

Biohacking Village helped me understand that despite pacemaker and insulin pump hacks, IoT is the future of healthcare for good reason. In the case of IV dispensers, mobile connectivity allows them to move with the patient or be redeployed elsewhere. It’s easy to see those advantages apply across other medical devices. Alleviating some of my security fears, V3ga, the station guide showed me the disclosure form at the hacking table for Becton Dickinson’s IV dispensers. It was blank three conference days in.

In Crypto and Privacy Village, I watched a UK university student create alchemy with ink on paper — deciphering seemingly random x, y axis numbers into color blocks that gradually would spell a hidden message. She explained that the numbers formed a Sudoku puzzle of which she had decoded one, maybe two letters, enough to show she was on the right track but tantalizingly far from giving away the message.

Over an old-fashioned and a dirty martini, pen-tester “Christopher” showed me his acquisition from vendor row that powered the Samsung tv in the bar on and off. It was a reminder of the constant tinkering at the Con, like the wifi jamming on the contest floor that created fits and starts for a team that was attempting to navigate robots through an obstacle course.

Then, there’s the biggest hack of all — social engineering — places the human front and center. Lunch time at the convention food court and the tables are packed. I plunked down in one of the few open seats across from “Michael,” whose large, gray-blue eyes peered innocently at you from behind owl-round glasses. He told me, the crutches cut him a sympathetic figure. People want to open doors for him, forget to check his credentials. The other luncher at the table explained: wanting to help is a human condition. And it’s this human condition that adversaries exploit as a gateway to breach IT and IP. The sentient being between the chair and the computer screen is a literal representation for a man-in-the-middle.

By embracing the spontaneous moment, I found an intimacy with the conference, an energy I missed at 22. It sank in why the general admissions badge over the years is labeled “human.” It’s why the hallways teemed with an assortment of attire from casual to carnivalesque. Why I walked three hotels in gold Jimmy Choo stilettos.

The Con is a celebration for and of the attendees whose interactions, planned or spontaneous, reshape the security community on the fly. The explicit purpose for coming together is to revel in the razor’s edge of hacking techniques. But equally inspiring is the inclusive culture at the core of the Con’s community. It accepts the human for what each brings to the table, whatever color hat or no hat, and opens up opportunities to learn from fellow attendees. If curious, ask. The people I asked answered what for them were basic questions with genuine interest in imparting knowledge. Everyone seemed there to learn and share knowledge with strangers, mostly under a first name bases in keeping with the Con’s tradition of anonymity. An open camaraderie blooms, ends, and repeats.

As the community grows, a R00tz Asylum for non-technical adults could turn passive curiosity into active engagement. With more tourists (as we’re called) visiting the show each year, there’s a growing audience for learning cybersecurity skills. After all, these users — creating, accessing, sharing data across networks off and on premises — are the ultimate vulnerability for malicious actors to exploit. Arming non-techies with basic hacking techniques reinforces the weak leaks in the global computing network. It may even create a pipeline to shore up cybersecurity’s worsening workforce deficit, on track to hit 3.5 million jobs by 2021. At the baseline, a R00tz for adults offers another space for diverse collaboration — in keeping with the Con’s inclusive culture. Isn’t that alone intriguing enough to be worth a try?

The Thrive Global Community welcomes voices from many spheres. We publish pieces written by outside contributors with a wide range of opinions, which don’t necessarily reflect our own. Learn more or join us as a community member!
Share your comments below. Please read our commenting guidelines before posting. If you have a concern about a comment, report it here.

Sign up for the Thrive Global newsletter

Will be used in accordance with our privacy policy.

Thrive Global
People look for retreats for themselves, in the country, by the coast, or in the hills . . . There is nowhere that a person can find a more peaceful and trouble-free retreat than in his own mind. . . . So constantly give yourself this retreat, and renew yourself.

- MARCUS AURELIUS

We use cookies on our site to give you the best experience possible. By continuing to browse the site, you agree to this use. For more information on how we use cookies, see our Privacy Policy.