Cancunference 2015.

Some ten-plus years ago, our then still quite small company decided to push the boundaries – literally: we went transnational. Before long we found we had expert-analyst KLers working in all corners of the globe, all of them communicating with one another by email, messengers, telephone and other indirect means. Nothing wrong with that really, but still, it’ll never beat face-to-face interaction. So we decided to have a yearly jamboree where we’d all get together and top up on the much needed proper face time. That was when our annual conference for IT security experts was born: the Security Analyst Summit (SAS).





One thing that’s always been a constant for SAS is that we have the get-togethers in tropical climes, by a beach.

cancun-mexico-sas2015-6‘#TheSAS2015’ etched into the sand welcomed participants on the first morning



For the first few years SAS was an internal conference for KLers only, but in 2009 we decided to become more open (cybersecurity’s all about cooperation, remember?:) and invited several non-KL experts (five, actually). That worked just nice, so we kept on inviting more as the years passed. This year’s conference, in a Marriott on the beach in Cancun, Yucatán, Mexico, brought together 250 folks from 33 countries, including 150 guests from other companies and the media.





It’s a tradition already that the speakers at the event normally announce the tastiest results of their recent cyber-research, which go out to the world via the handily gathered media who are in the audience when the announcements are made. A win-win situation: We tell the world about our investigations, and the media get first-hand, face-to-face access to the experts to make sure everything gets reported exactly and precisely, with no Chinese whispers. Well, that’s the plan, anyway; all the same those whispers (inaccuracies, misreporting, assumptions made by the press, not us) seep in later, but we can’t help that – we do the best we can by having SASes, to keep them minimized.

This year we had quite a lot of press-and-TV-with-clout on hand, including Wired, Forbes, The Times and France24), plus of course the inevitable tweets from every journalist in the room… er, and moi ).

This year, two of our presentations in particular caused a bit lot of a stir in the world’s press, ending up on front pages of practically every national newspaper in the world:

The first was about some cyber-crooks who’d used different malware to extract a billion greenbacks from hundreds of banks in 30 countries (Carbanak).

The second: about cyberwar operations of the Equation Group, whose super-sophisticated malware seems to be a descendent of Stuxnet. News of this temporarily brought our site down! First time in ages – despite loads of prep and the fattest bandwidth! And I was told that the article on the Equation Group on Ars Technica broke all records in terms of visits – more than a million!).


Not that the other presentations were any less interesting…

For example, there was one about the security of ‘smart’ cities, one about the vulnerabilities of fitness bracelets (!), how to protect CERN from cyberthreats, one about Arab targeted attacks, another about our secure operating system, and much, much more. Soon we’ll be putting all (or almost all) presentations and recordings online. But here already is the live blog from the event.





There was a presentation on chipping, during which some brave KLers agreed to have an NFC chip inserted under their skin!! They even managed to program it and then read it with their smartphones!

Those who tracked our news and tweets (we did warn you earlier) could view all the presentations in (nearly) real-time. Those who didn’t – we’ll have a video archive available soon. Meanwhile you can read a short review here.

And then – party!

Work hard, play hard, like always. Unlike the normal boring security conferences we really go for it at SAS and let rip! All together, as one big family. And at KL, we tear it up so intensely that we decided to bus ourselves away to a quieter spot so as not to disturb the other folks in Cancun! That spot was a clearing in what seemed to be a jungle. No Wi-Fi, no cell coverage (yes, that’s probably why it was such a success:), just our own show and sing-alongs, dances and awards, and a ton of merriment!









cancun-mexico-sas2015-31Tequila boom!




It happens every year: after each SAS we all think: ‘Wow, what a success. It’s never been as good as that.’ And we always wonder how we’re going to go one better the following year. But somehow – I don’t know quite how – we always do! Here’s looking forward to the next event…



In case you missed it, here’s how things went down last year, in Punta Cana, Dominican Republic.

All the photos are here.

Adios amigos!

Leave a note