The bad cons are the criminals that victimize you.
The good CONS are the conferences that you were glad to attend. CTIN is one of those good CONS. I’m partial to CTIN because it was the first organization that took me in when I was but a babe-in-arms as far as digital forensics goes. I am also partial because the people in it have always, and I mean that literally to mean all-the-time, been the best in welcoming members and sharing everything. I’m also partial because I was once the Secretary and afterward, the President. I am glad to see that CTIN has maintained its original founding principles. Much of what I am writing in this post applies to most local conferences, so you will probably think that I am writing about your local organization. That's cool if so, and also it's my intention to bring out the good.
The bad stuff
I have to admit, I have read the incredibly terrible things that have been happening at conferences. I won’t repeat anything that I read simply because I don’t want to make it any worse than it sounds. As for me, I’ve been to many conferences, but ‘many’ is only a small percentage of the number of conferences there are. For the conferences that I have presented and/or attended, I have never seen any of the negativity that some have seen. Mostly, that is because I usually fly in to present and fly out, or stick with a close group of friends for dinner (or just me and my wife) without getting involved in any craziness of midnight partying. However, with the high number of attendees in some of the conferences, I have no doubt that things happen. Don’t forget, I was an undercover narc for a decade…I know how people can get.
By the way, if I ever were to see negative behavior, I am the kind of guy that is not happy if I am not the first person to address it, directly, on the spot. I don’t agree with calling out anyone online, but I will fix problems on the spot because the evidence is there. The witnesses are there. The culprit is there. And usually, it is best to handle it on the spot. Enough of the bad. Onto the good!
The good stuff
CTIN (http://www.ctin.org) became a non-profit way back when, back in the days of DOS and floppies. I came on-board as a cop just starting out in forensics around that time. We had monthly meetings at the police academy in Burien, Washington, and probably had eight or ten folks show up each month .Half were cops. Half were private sector tech. Both were figuring out this high-tech crime thing..together. After our meeting, we’d head out to a nearby restaurant and continue our conversations before heading back to work. It was, and still is, a public-private partnership in high tech crime investigations.
Over the years, CTIN grew to hundreds of members, with training sessions having almost 100 showing up! All of this cost each member nothing but their time to attend. Everything was shared, any member with something to add was (and still is!) welcomed to share, and everyone knows everyone, at least by face if not by name.
The lucky stuff
The Seattle area is rife with seriously great people in this field! I mean, we have Amazon, Boeing, Microsoft, dozens of tech start-ups, and even Google moved in. And we have companies like Crowdstrike, DomainTools, and other greats each all having their toes or completely immersed into the cybersecurity realm. And don’t forget the University of Washington! With billiionarie Paul Allen’s donations to the UW computer science program, we have quite a bit of talent to draw upon; after all, US News ranks UW #6 in the nation in Computer Science. Any member, or rather every member, in CTIN has the opportunity to sit next to someone with amazing experience. We are also a short driving distance away from British Columbia, Canada. Talk about competent forensic folks, they are not only competent, but also nice to be around ('cause Canadian, ey?).
The CTIN conferences
CTIN didn’t always have conferences. I took a chance and volunteered to arrange the first one and over a hundred people showed up! Speakers were great, and the venue was not that great. An old hotel near the airport…dark…dingy…slowest Wi-Fi on the planet, except maybe the Kwajalein islands. It was also our first attempt at “swag” and charging money to pay for the venue. It worked out and is still working. From that experience, any time I meet someone who arranges these types of conferences makes me want to give them a hug or a drink.
Now CTIN is at Microsoft for the conferences. How's that! From a dingy hotel to the Microsoft campus. Not that a place like Las Vegas isn't "fun" to have a conference, but compared to having a conference at the place where the actual source code to 99% of your electronic evidence is being developed, there isn't a comparison. You won't get access to source code, but you'll be sitting in the same buildings learning how to examine it. That's kinda cool.
The best stuff
The CTIN conference is not the only good conference. There are plenty of others. Many of these conferences (should I say ‘all’?) are run by folks donating more time than they originally planned, herding multiple organizations, dealing with money, schedules, and more with the only compensation being that they were part of something that made a difference. Every non-commercial conference is like that. The non-commercial conferences charge just enough to pay for expenses because no one gets paid. It is all done to share. Commercial is different, but that's not what I am talking about.
Some of the best stuff is meeting great people at a local conference. You’ll not find a more well-connected bunch of people than those working and attending at a local conference. If you want a connection to a Fortune 50 company, you’ll find the nicest people here. Actually, the person who helped me get into this forensics field worked at one of the world’s largest companies, is a published author, speaker, and is an extremely experienced and technically competent forensic examiner. With all of that, he spent personal time in me as a mentor that turned into a decade long friendship. He’s also one of the founding members of CTIN, so that’s how this CTIN thing started. A nice guy met up some with nice folks, helping each other figure out this cyber-thing. Then they shared it all.
And that’s why I will always be a CTIN member.
Forgot to mention, I'm speaking at this year's conference. Please say 'hi' if we've not yet met. I'm one big ear, so to speak :)