Cybersecurity conference becomes tech magnet for industry professionals

Cyber cop central

If your computer’s data files have been held to ransom, Dhillon Andrew Kannabhiran knows the techno-geeks you need.

When Dhillon Andrew Kannabhiran first conceived of his cybersecurity conference series more than a decade ago, the topic was still very much confined to the world of techno-geeks and amateur hackers. Now, cyberattacks are front-page news.

Crime syndicates and even nation states are launching attacks against corporate and government targets and causing damage running into the tens of millions of dollars. Small businesses and individuals have fallen prey to identity theft or having data on their computers encrypted and held to ransom.

Malaysia-based Kannabhiran had been the chief IT officer for a local telecommunications company, but his interest in cybersecurity saw him launch the Hack In The Box information portal in 2000.

“Consumer-facing technology is now connected to the internet and making the attack surface much wider.”

Things stepped up in 2002 when he decided to stage his first cybersecurity conference. Back then the benchmark for cybersecurity conferences was the Las Vegas-based DEF CON, but Kannabhiran wanted to hold something local, and the HITBSecCon (Hack In The Box Security Conference) was born.

“The price to attend was always a big consideration, and then you had to factor in the flights and everything else,” says Kannabhiran. “So we decided to try to bring the price down to something that was a bit more affordable, but at the same time keep the quality of content high.”

From modest beginnings in Kuala Lumpur, the Hack in the Box conferences have now travelled the world, also being staged in the Middle East and the Netherlands, and this year in Singapore. They have expanded to cover emerging technologies, too, including fabrication, embedded microelectronics and 3D printing.

That’s not bad for an event which is totally community driven, with everyone involved a volunteer. (Kannabhiran is now working on a Malaysian transport start-up as his “day job”.)

It wasn’t all smooth sailing, however. “When we started out we naively priced our sponsorship packages right on the dot of how much money we needed to raise,” Kannabhiran says. “But all the sponsors came back and asked if we could do a 50 per cent discount. So we were left with a mighty big hole in our accounts.”

All up, that first conference lost US$200,000, which spurred Kannabhiran and his team to keep staging conferences until they had covered their losses. “There was a demand, and the community was building, so we figured ‘we’re still having fun, why stop?’,” he explains.

Today the conferences are a mainstay of a cybersecurity professional’s calendar, used by companies such as Facebook, Google and Microsoft to stay current and recruit talent. The events also celebrate cybersecurity culture, with Kannabhiran launching a clothing label to sell black T-shirts (the de facto uniform of hackers) sporting clever slogans.

Kannabhiran says the decision to expand the conference into areas such as 3D printing is driven by the encroachment of technology into everyday life – a trend he believes more people should be thinking about.

“Back in the day your toaster wasn’t connected to the internet and your car wasn’t online either,” he points out. “But today you have all sorts of things that weren’t meant to be exposed to the internet that are now connected.

One piece of advice

“Start something only if you’re genuinely trying to fill a gap – don’t just replicate what’s already out there … You need to really have a passion for the subject. If you don’t believe in it, nobody else will.”

This article is from the October issue of INTHEBLACK

Read more:

October 2015
October 2015

Read the October issue

Each month we select the must-reads from the current issue of INTHEBLACK. Read more now.