Stepping Out of the Echo Chamber
The phrase “echo chamber” is often associated with politics, but I promise that this is NOT a political post. I recently had an experience that got me thinking that our echo chambers can go beyond politics and social networking platforms. The industries in which we work, for example, are their own type of echo chambers. Whatever our industry, we work with people who share the same professional interests, use the same technical lingo, read the same blogs, and follow the same experts on twitter.
Often, our industrial echo chambers can be beneficial to our professional lives. I have participated in a number of security and hacking conferences, and they provide opportunities to exchange ideas with like-minded security experts. I return from these conferences energized (well, once I physically recover) and excited about the future of cyber security. However, there’s no escaping the truth that I see many of the same people at these conferences speaking on similar themes.
Fortunately, this past January, I had the opportunity to step outside my cybersecurity echo chamber when I was asked to take part in a security panel at the Air Cargo Conference in Nashville. It was my first conference where I was not surrounded by other hackers or security professionals, and throughout the weekend, I noted some key differences between your average hacker con and the Air Cargo Conference.
1. Dress Code
Hacking attracts people who question the rules. This rebellious attitude is often reflected in our provocative wardrobe choices. “Hacker-Chic” might include a black t-shirt boasting a subtle computer nerd joke worn with jeans; you might even see a kilt. Tattoos are optional, but be prepared to find an array of colorful ink, piercings, and hairstyles at a hacker conference. By contrast, the dress code at the Air Cargo Conference was a bit more conservative. Attendees donned polo shirts with their companies’ logos or sported a more business-casual look. Several attendees were even wearing suits and ties.
Because hackers and security experts are aware of the vulnerability of our online data, we tend to be vigilant protectors of even seemingly trivial information. Familiar with phishing scams and penetration tests, we’re a group of people wary of sharing information with strangers. The attendees and speakers at the Air Cargo Conference, by contrast, tended to be approachable and sociable, ready to discuss the most recent workshop or trade stories about their weekend. It was refreshing to chat with a stranger without one or both parties suspicious of being social-engineered. I found myself having to lower my guard to avoid seeming a bit paranoid.
3. There’s an App for That…But Do You Want It?
The Air Cargo Conference offered an application that allowed attendees to easily see what workshops were offered and where they were located and receive updates from conference organizers. To install the app on my phone, I had to register with my email address. Once registered, I had access to the email addresses of every attendee at the conference…and they had mine. Based on the targeted emails I received after the conference, I suspect that the conference vendors had access to this information, too. I can’t imagine an application like this going over very well at a hacker con.
While I expect to hear the national anthem before watching my beloved Georgia Tech Yellow Jackets take the court, I was caught off-guard to hear the Star-Spangled Banner kick off the Air Cargo Conference. This is neither a condemnation nor an endorsement; it’s simply an observation of a difference. I have never been to a hacker conference that opened with the national anthem. While patriotic in their own right, hackers tend to be a contrarian group of people who question tradition and eschew absolute allegiance to anything. After all, we are the people who, when faced with “Do you accept the cookies used on our site?” messages, never just click “accept.”
5. Early Start
Hacker cons tend to get started a little later in the morning, around 10:00 am. Attendees have breakfast and coffee on their own, usually grabbing something at a coffee shop on the way to the conference center. (My go-to: the sous vide eggs from Starbucks.) At the Air Cargo Conference, not only was breakfast included as part of the scheduled events, it started at 7:00 am, followed by the President’s welcome at 8:15. You can pack a lot into a conference that starts with the rising sun.
6. The After Party
You would think that as a consequence of such an early start, attendees and speakers wouldn’t stay out late, perhaps only sharing a nice dinner at a local restaurant and then heading straight back to the hotel to get ready for the next day. You’d be wrong.
Air Cargo Conference goers knew how to have a good time, and the opportunity to check out the Nashville nightlife was too much of a temptation to resist, 7:15 breakfast be damned. I did note that while hacker conference attendees tend to socialize only with other conference goers, the Air Cargo Conference crowd was more likely to engage with even non-conference folks at the bar.
Have you ever sat next to friends who were chatting about a series that you never watched? Like, maybe you never got into Game of Thrones, but your friends were debating the merits of the last season and throwing around words like “Wargs” and “Wights” and “Greyscale,” and you just sat there, twiddling your thumbs, knowing it was too late to catch up on 63.5 hours of television?
At times, my experience crashing the Air Cargo Conference was a bit like that, reminding me that I was, in a sense, an outsider. I’m sure if the situation were reversed and an Air Cargo Conference attendee wandered into a cybersecurity conference, they might feel the same way faced with acronyms like OSINT, SE, and DHCP. It struck me that we tend to think we know what other industries are all about, forgetting that every industry is as complicated and nuanced as our own. Tucked into our own offices and enveloped by colleagues who speak the same technical jargon, it’s easy to forget that not only do we work inside an echo chamber, but also the existence of the dozens of other echo chambers around us.
8. The Universality of Data Breaches
My last observation does not remark on a contrast between hacker cons and professional conferences. Instead, it’s an observation that warmed my cybersecurity nerd heart. Everyone I spoke to at the conference, once they learned what I do for a living, would inevitably share with me their personal experience with data breaches. While obviously I’m not thrilled that security incidents are so prevalent, it is encouraging that so many people are aware of the threat and that companies are becoming increasingly proactive in protecting data. We live in a time where it is no longer just cutting edge technology companies and die-hard security enthusiasts who recognize the importance of cybersecurity. And that’s a good thing.
We are often encouraged to “get out of our echo chambers” as if there really is an outside, “chamber-less” option. While we may not break out of our chambers entirely, we can intentionally seek opportunities to peek inside someone else’s echo chamber, both personally and professionally.
I appreciated the opportunity to gain insight into an industry different from my own at the Air Cargo Conference. In fact, I hope to pursue more experiences like this one. With that in mind, if you know of any upcoming events in your industry that would benefit from my expertise or if your team would be interested in hearing from a cybersecurity expert, please reach out. I’d like to get to know your echo chamber and understand your particular cybersecurity related concerns.
Additional benefit to stepping outside our echo chamber at the Air Cargo Conference in Nashville: we got to meet Tesla, the amazing bomb-sniffing dog!