What’s the longest activity or project you’ve been doing consistently over the last decade?
How does it make you feel when you look back on your experience and the stories tied to it?
DefCamp is this experience for us.
It has challenged us, changed us, and rewarded us in so many unexpected and wonderful ways that we can safely say we wouldn’t be the same people without it.
We went from a small get together in Bran to 1800+ attendees in 2018!
The reason we wanted to share what we learned along the way is that the DefCamp story is closely tied to how the cybersecurity community in Romania and in the CEE region evolved in the last decade.
When we started, we had no idea where this path will take us. DefCamp was born out of own need to connect with like-minded people so together we can figure out the whys and how tos of information security.
This leads up to the first lesson we learned.
1. Be ready to adapt and be surprised.
No matter the size, organizing events requires the ability to adjust to unforeseen things and do it FAST. Event planning and infosec have a lot in common and this is one of those things.
As it also happens in cybersecurity, there’s a lot of action going on behind the curtains.
Here are just a few stories that made our palms sweat when they happened but make us smile now that they’re behind us.
We once had a speaker who flew to Bucharest but never made it in the airport because they wouldn’t let him.
Another speaker lost his backpack with ALL his documents in it. The DefCamp team pulled a miracle and found it exactly 2h before his flight was supposed to take off.
Two years ago, while the Hack the Bank organizers were on stage, Walter went into the Hacking Village and lock-picked the ATM in a matter of seconds. (Talk about surprises!)
And these are just some of the stories we can publicly share. 🙂
However, it’s no secret that DefCamp started out of passion. The event continues to grow every year at a pace that defies our own expectations for it and we strongly believe it’s because people pool together their energy and drive.
We do have targets in terms of attendees and presentations but every year the unexpected happens: during the last week before the conference the number of attendees explodes and everything needs to be supplemented.
This is how we’ve learned to happily embrace the unpredictable and work with what we have to create an awesome experience for everyone who joins us.
Although you may see us run around the venue, our favorite moment of the year is meeting everyone who comes to the event and catching up.
It’s a bit like infosec Xmas!
2. People matter the most in infosec.
The way cybersecurity is reflected beyond the industry may give off the impression that infosec is all about technology.
But the closer you look, the more you realize that it’s all about the people.
The forward momentum that the DefCamp conference has gained is fueled by all the people who put their trust in us and counted on us to do our best and show how cybersecurity approachable and exciting cybersecurity can be.
Community members, speakers, and infosec and business leaders supported us as we came up with new ways to make DefCamp a powerful and helpful experience.
We can definitely state that DefCamp is what it is today due to the smart and dedicated people we always strive to have around us.
3. Building bridges is difficult but SO worth it!
Over the years, the biggest challenge for us has been to maintain the delicate balance between the presentations and activities destined for highly technical attendees and those for participants with key roles in critical domains and large companies.
We know that cybersecurity programs succeed when the infosec and business worlds meet and collaborate and facilitating this connection is part of our mission.
With DefCamp, we experienced first-hand the value of building bridges between the business and the security culture, and between different mindsets and backgrounds.
Choosing the right topics, presentations, and people and creating the context for this dialogue – this is our bread and butter, although it’s much more challenging than it seems.
Cybersecurity may be a mainstream topic but we still have a long way to go. Good thing we’re in it for the long run. 🙂
4. Your support is essential (even when you don’t realize it)
The team behind DefCamp was and is always too small for what needs to be done every year.
That’s why each and every speaker, partner, attendee and infosec enthusiast who spread the word about what we do at DefCamp played an important part in developing this amazing community.
Each time you talk about DefCamp, you open a door for others to discover the fascinating world of infosec, even if they have no relation to the field. When someone’s guiding principles match the community’s, that’s when great things happen.
Call us idealistic but we’ve seen so many wonderful connections develop during the conference and after it that it wouldn’t be far-fetched to call them life-changing.
We’re lucky be surrounded by people who make us bring our A-game each time. When you buy a ticket, we take it as a responsibility to give you the best experience we can build.
We never planned or fully envisioned where we’d be today, but we went one step at a time and always listened to you and the rest of the DefCamp community. We hope you’ll continue to give us feedback for many years to come!
5. Cybersecurity education is crucial for digital literacy
When the first DefCamp conference unfolded, cybersecurity was a rather obscure topic in Romania and even in the region. Back then, there very few companies were aware of the importance of infosec and even fewer were keen to support such initiatives.
I still remember that the main topic then was to help the media report and discuss about cybersecurity objectively, clearly differentiating between the security research community and cyber security professionals (aka white hat hackers) and cyber criminals (aka black hat hackers).
In the following years, as everything got digitized, the need for infosec became vital. Industry leaders and executives sought out to educate themselves, either proactively, through events like DefCamp, or reactively, while trying to fix hacks against their companies, friends or families.
There is still a lot of work to be done on this front. It’s our belief that cybersecurity education is an essential part of digital literacy. Without understanding how the hardware and software we use and how our behavior and relationships make us vulnerable, adapting to a world powered by advanced tech becomes stressful and very difficult.
With such events like DefCamp, our goal is to bring together specialists and professionals so we can all exchange knowledge and learn from one another in a safe environment. If you’re with us, there’s no time like the present to let us know (by commenting on this post, sharing it, tweeting at us or whatever you prefer).
6. Practical experience sticks like no other
DefCamp made a big leap around 3 years ago, when we developed a more practical side of the conference: the Hacking Village.
The community got a well deserved boost, becoming more visible and attracting more and more people from a diversity of backgrounds and specialties.
In the following years, everything grew organically. We still can’t believe we managed to bring almost 2000 people from more than 40 countries together last year and 60+ speakers from all the continents.
When you take a step back and look at the big picture, it’s exhilarating!
The effect the Hacking Village had on DefCamp is an important reminder that nothing is as memorable as a practical hacking experience.
It took consistent work to find the most engaging hacking exercises but it was definitely worth it! Helping both infosec and non-technical people see how vulnerable the systems we use are triggered many a-ha! moments. We can only hope these turned into lasting behavior changes or commitments to help secure the world.
7. Meeting in person creates lasting relationships
We often get feedback from event attendees and, as much as we can, we embrace it and we try to bring it to life in the following editions.
One of the most frequent comments we get is that DefCamp excels at connecting people.
We know people who met at DefCamp and started to build a community together. Some founded their own companies after meeting here. Others moved abroad together and some simply became best friends.
Many solved their security issues with the help from attendees or companies they met at DefCamp.
It’s impressive to see that, even though we live so much of our lives online now, face to face encounters are still an incredibly important experience for people.
That’s why we always encourage everyone to get actively involved in anything that’s going on at the event and network as much as possible.
8. Nothing beats putting in the work
With our double-sided roles, as infosec professionals and event organizers, we know there’s nothing more important than putting in the work.
Consistency, ownership and showing up every time are crucial for any type of evolution. Most often, professional and personal development go hand in hand, which is why we emphasize the human aspect of cybersecurity so often.
No matter how (in)experienced you are, there’s always something you can learn from others or teach others. Just keep that in mind. We certainly do.
9. Diversity feeds the growth mindset
Many people in the infosec industry have a growth mindset. They’re most self-taught, naturally inclined to keep growing through hard work and by mindfully evaluating the feedback they get from others.
We know that diversity (of challenges, perspectives, abilities, etc.) appeals to them because it also appeals to us.
The plan for DefCamp going forward is to always bring something new and exciting on stage.
For 2019 we changed the venue and we can share that some important names will be on stage this year! Our main focus will be to increase the quality of the presentations as well as diversify the hacking competitions.
What’s more, we are experimenting with new, exciting activities throughout year, such as Ladies in Cyber Security. This event we did in March had a tremendous success, featuring an exclusively female speaker line-up and continuing our tradition of giving everyone a chance to share their knowledge of the field.
If there’s something important to you that you’d want to see debated at DefCamp, email us, send us a tweet or a message and you can count on us to listen and try to work it into the DefCamp experience.
10. Consistent work adds up to awesome results
Like many great things in life, this lesson may seem pretty standard but it packs a lot of effort and discipline.
We’ve seen the compound effect of hard work done consistently both in how DefCamp evolved and in what the conference speakers bring to the table.
Because things shift and change so fast in cybersecurity, you can’t afford to sit still.
The more you learn, the more you fuel your passion with exciting possibilities which end up creating opportunities to grow, have a bigger impact, and have a more rewarding career and life.
The more DefCamp grows, the more the community expands, we can’t help but take a moment to enjoy all of it – the struggle, the sleepless nights, the camaraderie, and the thrill of seeing it all come together.
We hope you’ll join us this year for an epic DefCamp event that we’re pouring ourselves into as you’re reading this!
If you’re looking to see how DefCamp has evolved over the last decade in terms of numbers and highlights, we assembled them in the shareable infographic below!
Did you know the first the conference happened in Bran, where the famous Dracula’s castle is?