I’ve just returned from a terrific three days in Dubrovnik, Croatia, where I attended (and spoke) at InfoSeCon 2006. Ably staged, hosted and managed by ZIK, this was an event that made networking very easy.
From the rapid transition through the arrivals hall at Dubrovnik airport, the equally quick transfer to the Hotel Croatia (spectacularly set right on the edge of the Adriatic) , to the smooth organization of the conference itself, everything was memorable. Dubrovnik itself was fascinating; Stanko and Biljana Cerin laid on a trip across Dubrovnik bay in a replica of a medieaval Dubrovnik galleon (which is also where we had dinner that evening) and the car-less fortified city was a fascinating place to visit. Walking an entire circuit of the city walls certainly built an appetite!
World-class speakers dealt with subjects that ranged from the technical (Snort rules) to the general (regulatory compliance) and, while it’s clear that information security threats are continuing to evolve, the underlying discussion at the conference seemed to be about who should drive IT and information security – the business management or the IT management?
As you know, I think that the business should drive the IT strategy, and the security of its IT systems – that, after all, is what IT governance is about. It’s clearly a debate that will run and run – InfoSeCon 2007 will probably be a good event at which to contribute to the evolution of this industry – one on which the security of personal and corporate data really does depend.