Security B-Sides 2013: What to expect

Security B-Sides San Francisco is today and tomorrow. Here's what to expect.

I'm waking up to my first morning in San Francisco for RSA Conference 2013. But first, I head over to one of my favorite events: BSidesSF.

I have a special fondness for B-Sides because of what it was designed to do: Give stage time to infosec practitioners who didn't make the RSA cut but still have a ton of valuable experience to share. It's an event that expanded fast and has suffered some growing pains in the last year. But the important part has remained intact: It's a great event for a more low-key discussion on the threats companies face and the tools to fight back.

My first experience with B-Sides was in San Francisco in 2010. Held in a cramped loft several blocks from the RSA conference, it had a laid back, underground feel I fell for immediately. I loved how talks were delivered free of the filter you run into at events like RSA. I wrote about it here as an anti-conference, a chance for people to discuss security without all the commercial hooey. A few years in, that spirit remains largely intact. So if you're already in San Francisco, I hope you'll check it out. Here's a partial look at today's agenda:

9AM - 10AM Coffee / Registration

9:50AM - 10AM Opening Remarks

10AM - 11AM

Name: Rohyt Belani @PhishMe, Brandon Dunlap @EnergySec

Talk: SCADA Protection: Imminent Phishing Attacks and The U.S. Cyber Strategy

11AM - 12PM

Name: Adam Kujawa @kujman5000, Jerome Segura @jeromesegura

Talk: “I want my PC back!”: An in-depth look at ransomware

Name: Jasper van Woudenberg

Talk: Why are we still vulnerable to side channel attacks? (and why should I care?)

12PM - 1PM Lunch

1PM - 2PM

Name: Dr. Jamo Limnéll

Talk: Strategic Cyber Security & Warfare: If We Don’t Get It Right, People Die

Name: Dan Hubbard CTO OpenDNS, Frank Denis, @thinkumbrella

Talk: Building a Security Graph

2PM - 3PM

Name: Christopher R. Lew, Ph.D

Talk: Chinese Advanced Persistent Threats: Corporate Cyber Espionage Processes and Organizations

Name: Kyle Adams, Chief Software Architect for Mykonos, Juniper Networks @kadams_sec

Talk: Sorry Your Princess is in Another Castle: Intrusion Deception to Protect the Web

3PM - 3:30PM

Name: headhntr (Twitter: @headhntr), Bill Marczak

Talk: Cash Rules Everything Around Me: The Commercialization of Online Spying

Name: Adam J Kujawa @kujman5000

Talk: Press Start: The basics of malware analysis

3:30PM - 4PM

Name: headhntr (Twitter: @headhntr)

Talk: Cash Rules Everything Around Me: The Commercialization of Online Spying

Name: Craig Young, nCircle VERT

Talk: Google-jacking: A review of Google’s 2-Factor Authentication

4PM - 5:00PM

Name: @backtracesec

Talk: RFID Credentials or (Cyber Pearl 9/11 Harbor of DOOM)

Name: chort @chort0

Talk: My First Incident Response Team: DFIR for Beginners

5:00PM - 7PM Keynote: Dan Kaminsky @dakami

Copyright © 2013 IDG Communications, Inc.

8 pitfalls that undermine security program success