HITB now out to hack the conference experience

By A. Asohan October 20, 2014

New GSEC conference allows attendees to determine content, more ‘social’
HITBSecConf will carry on as usual, includes a ‘startup village’ for first time

HITB now out to hack the conference experience

AFTER pioneering the space locally and globalising its homegrown security conference, the Hack In The Box (HITB) crew is now planning its next big ‘hack’ – transforming the concept of how conferences are run.

At the end of its popular HITB Security Conference (HITBSecConf) last week – which it had already announced would be its last in Kuala Lumpur (KL) – HITB founder and chief executive officer Dhillon Andrew Kannabhiran laid out plans for its new conference, HITB GSEC.

“When we started on the idea, the ‘G’ was meant to be ‘government,’ but now it has morphed into something completely different,” he told an enthusiastic crowd of hackers and security professionals at the closing ceremony of HITBSecConf 2014 in KL.

“Why a new conference now? Because we can, I guess. But it’s also time to try something new – we’ve been around in Malaysia for about 12 years now, while the Amsterdam event has grown and matured to the point that we can experiment a bit with Asia,” he said.

HITBSecConf has been running in KL since 2003-2004, and in Amsterdam since 2010. It ran once in Bahrain in 2005, and in Dubai from 2007-2010.

“We think we can create a better conference experience – we want to try something that hopefully will create a better conference experience, mainly because we think there are gaps to be filled,” Dhillon said.

One of these gaps is the social and networking aspects of the conference experience; the other is to allow the conferences attendees to have a say in the content, via a controlled crowdsourcing method.

The event will also be smaller – unlike the nearly 400 participants at HITBSecConf KL this year, the crew is aiming for 100-111 attendees. It will include days of training, but the conference proper will be a single-track three-day conference that will feature three keynote speakers and 15 invited speakers.

Instead of an annual event, it will be held more frequently, perhaps every six to eight months.

And it will be regional. The first HITB GSEC will be held in Singapore in October 2015, followed by Hong Kong in July, 2016, then back to Singapore again in October that year, although Dhillon – after raucous suggestions from the floor for a Bangkok event – said HITB was open to suggestions on other cities GSEC can be rolled out to.

Admittedly, it’s the ‘crowdsourcing’ element of HITB GSEC that’s most interesting. After the call for papers goes out, the HITB review panel will vet the submissions and shortlist the most interesting ones.

Under the new concept, interested attendees who have registered for the conference can then each vote for three papers. Papers that get eight to 10 votes will be confirmed and removed from the voting process, until all slots are filled.

“We will reverse-fill the agenda, so the first talk that gets 10 votes will become the last talk on Day 3.

“Above all else, we want you to decide the content,” Dhillon told HITBSecConf participants. “Since you’re paying to attend, you should really have a say in what the conference is about.”

For the speakers, “we will send you the list of attendees who actually voted for your talk, so that you can adjust your content to suit your audience and drive your message home,” he added.

As for the ‘social’ element, HITB would then arrange networking sessions between the speakers and those who voted for their papers.

“Let’s face it, as hackers, we really suck at being social – we’re very comfortable behind our keyboards and we say anything on the Internet, but face-to-face, we’re not very good at meeting people.

“We will try and put the people who voted similarly in contact with each other – people with similar interests,” said Dhillon, a Digital News Asia (DNA) Digerati50.

“Even if you say you don’t want to be networked, we will still know who you voted for, and because it’s only 100–111 people, we can do sit-down lunches with the speakers. Hopefully, this would open the conversation a bit more – you won’t have to ask about the weather,” he chuckled.

New elements in Amsterdam
HITB now out to hack the conference experience
When asked if the HITBSecConf Amsterdam would be tweaked this way too if the GSEC concept proves successful enough, Dhillon (pic) said, “Probably not.”

“HITBSecConf and the HITB Haxpo in the Netherlands are both doing well on their own, and HITBSecConf has its own following and flavour – as will HITB GSEC eventually – and that’s the whole point,” he told DNA via email.

Haxpo or the Hackers Exposition was introduced at the Amsterdam conference in May this year. The three-day technology, security and IT exhibition for ‘hackers, makers, builders and breakers’ featuring 3D printing and security technologies, ran alongside the main HITBSecConf event.

Other elements of HITBSecConf will be retained, such as the Capture the Flag (CTF) battle, HackWEEKDAY developer hackathon, the lock-picking area, and so on.

“We’re not forcing round pegs into square holes, but giving different geographic audiences what they want,” said Dhillon.

“In EU (the European Union), there's a whole hacker/ maker/ builder culture and a security research-focused community that’s more than thriving.

“In Asia, the maker movement is barely starting out and if you talk about the security space, almost everyone is more consultancy- and services-focused,” he added.

At next year’s Amsterdam conference, HITB also said it would be introducing another new element: A ‘Startup Village.’

“We already had some startups at Haxpo this year and the plan for 2015 is to house more of these guys – and not just startups in the security space – in a common area of the exhibition space, thus creating a ‘startup village’ similar to our ‘hackerspaces village.’

Startups are a hot space, but one doesn’t hear much about security startups. Would HITB also matchmake such startups with the investment community?

“There are security startups working on a bunch of different things, but security is always less sexy and more a ‘geek thing’ compared with the ‘next’ Facebook, Oculus Rift or Google Glass, so perhaps they’re just not reported on as often by the media,” Dhillon said.

“We might eventually look into the matchmaking aspect – in fact, we’ve already been asked about this possibility from a couple of San Francisco venture capitalists – but we would like to focus on getting the quality of the event locked in before we get carried away adding in too many new elements,” he added.