A short note on a regional BCS gathering in Edinburgh last weekend. The first conference of 2002, in line with my commitment to attend more this year.
The event
A one-day affair. About 40 attendees, a mix of academics from Edinburgh University and practitioners from various Scottish firms. The format was four talks plus a panel discussion plus generous time for unstructured conversation.
The academic-practitioner mix was unusual — most UK gatherings are one or the other. The mix produced different conversations than my previous events. Academics asking practitioners about operational realities; practitioners asking academics about research directions. The cross-pollination was useful.
The talks
Four talks I will remember:
A piece on the Honeynet Project's recent paper that combined data from multiple operators. The cumulative-analysis approach is genuinely informative; the methodology is reasonable; the conclusions match my own observations.
A talk on Trustworthy Computing by an attendee who has worked closely with Microsoft. The detail was substantial; the speaker was measured. They do not believe Microsoft will achieve everything they have committed to but believe the trajectory is real.
A presentation on phishing-defence research by an Edinburgh academic. The research is in early stages; the focus on user-side detection (rather than infrastructure-side) is pragmatic.
A panel on the impact of the past year's worms with three operators describing their experiences. The conversation was honest about the cost — including the burnout I wrote about last month. Several panellists explicitly mentioned the operational tempo as unsustainable.
The conversations
Three I will remember:
A long discussion with one of the academics about formal verification and its applicability to network protocols. The conversation went deep; we exchanged contact details and have continued the discussion by email. This is the kind of cross-domain conversation that conferences uniquely produce.
A short chat with someone running security for a Scottish bank. Their phishing response is more mature than I had expected; the two-factor authentication work is further advanced than the public reporting suggests. They cannot say more publicly; the conversation was useful.
A conversation with a younger attendee asking about getting into the field. Similar to last year's Manchester conversation; the question is no easier to answer well. The barriers to entry continue to be higher than they look.
What I am taking from this
The community is, on balance, in good health. People are tired but still doing the work. The conferences continue to be the most efficient way to maintain the connections.
For my own writing: the academic-practitioner gap is an interesting one. My notebook sits awkwardly in the middle — too practical for academics, too theoretical for some practitioners. The audience overlap with both, however, is real.
Calibration
From my 2002 list: six conferences attended; one done. Five to go in nine months — should be achievable.
More as the year develops.