Hats off to the organisers of the "Play Secure Online Conference" (25th to 28th March
https://playsecure.mssconference.com/) as this was one heck of a thought provoking conference. A conference that affected the 'deep ways' in which the processes the brain tick. You came away "thinking much differently" about Security and the Organisations you work in than you did before it. Spooky in many ways. It challenged, enlightened and gave stark warnings of how things could easily be if left to their own devices and not actively worked on. All teh above are marks of a good conference in my book (see below and link above, not online gambling but Internet Cyber Security with professionals engaging with the concept of "play" to harness creativity and ingenuity):
The takeaway is that Cyber Security "does not stand alone" and is far "too serious a level of risk" for it to be under the provenance of Certified Professionals Only, it's holistic thing easily compromised. The comfort zone for many is "not to think about it". Cyber Security is holistic and inclusive .. the alternative is a passive bunker mentality that is a "minimal spend (or rather a known unchallenged under-spend)" and a "let's hope it does not happen here". It is a scary thing to think about, however put a bit of fun into things and the creativity oozes out of people and it did so in buckets. No better example of teh power of creativity in that the unique Gather conferencing tool that had been configured to work like a video game - avatar and arrow key movement and bumping into people to say hello (see below, it was very retro '90s avatar in style.. I was one of many of the white snowmen (the most popular avatar) distinguished only by the wearing of a different coloured scarf [mine was green], others were friendly Snoopy style character avatars - note the snapshot of the empty room was taken while everybody was rushing to the main lecture hall without personal avatars names showing):
Kitsch and cool at the same time. The content of the conference was hard-core or put another way gold-dust (and very, very wargaming related). How "hacking" (in the original MIT sense of the word - of open exploration of the world) is critical to learning - people teach themselves far better than any other method known to date. Simple game concepts stimulate this such as: What's in the Box?; Escape Rooms; Capture the Flag; How do you Open a Lock without a Key?; How can you Destroy a Light Bulb in 10 Different Ways? The realisation that simple Social Engineering is the easiest (and perhaps the most deadly) but psychologically trickiest to spot Red Attack Tool. Importantly you learn (more, much more) from your failures rather your successes. Adversarial games stretch you more. It was also humbling to hear some of the back stories of some of the people and how they had overcome adversity, no more so than the programmer Peter Moore who was unfortunately taken hostage in Iraq. Throughout there was a hidden message of integrity. You have integrity if you are prepared to test yourself, test others (including 'systems') and accept the findings, the implied limitations and most importantly act. The most important message I took from the conference was "Never bend the knee" on a matter of principle that is critically important to who you are. Otherwise you become no better than a slave and regret it later as you will undoubtedly need to carry through actions with conviction. That was a very powerful message that certainly echoes back in time to the ancients in a more wargaming sense.
Once again many thanks to the organisers for a fantastic thought provoking conference. I really enjoyed all those conversations. It was also very good to see some of my Wargamer Developer friends from Connections UK and CoW there! I honestly believe there is a strong need for wargaming design concepts to be shared and adopted.