Some time ago I attended BruCON. For those unfamiliar with it, BruCON is a security conference where everybody with an interest in security can share their views and findings. As always, it was a great mixture of technology, philosophy, personal opinions and hands-on workshops.
This time, however, I noticed a certain pattern in some of the talks. Chris Nickerson gave a presentation about "how to make a pentester's life hell" based on experience, Shyma Rose shared her views on risk management, Mark Hillick showed us how the security was improved at Riot Games and David Kennedy provided his opinion on the state of the information security industry nowadays. All four of them basically told pieces of the same tale from a different perspective and I will try to provide my viewpoint on the matter in this blog.