The last 2 days I joined the Goto conference in Amsterdam, Netherlands. In this blog post I want to share my notes of day 1.

Keynote: The Current State of Automotive Security, Chris Valasek

The first keynote was a talk from Chris Valasek about the current state of automotive security. In his talk, he describes how he and a friend hacked a car by reverse engineering code. With help of a simple smartphone they managed to hack a car and cause a lot of trouble for the automotive industry. Impressive.

Deep Learning: What It Is and What It Can Do For You, Diogo Moitinho de Almeida

After this keynote, I joined the AI track. The first track was about deep learning presented by Diogo Moitinho de Almeida, research engineer at Google. He showed what some of the deep learning techniques can do for us today, like object recognition in images, create art, translate language. He also explained some of the things deep learning cannot do for us, like understanding context within an image.

From Monoliths Through Cloud Native to Software Supply Chains, Pini Reznik

In the track about micro services Pini Reznik used a very nice metaphor to describe the evolution of containers. He used the history of the supply chain of products in order to describe the world of cloud containers.

Keynote: From Heart of Agile to Guest Leadership, Alistair Cockburn

Just before lunch, Alistair Cockburn gave a keynote presentation about guest leadership. Everybody can and should be a leader, but not all of the time. He talked about a simplified version of Agile. It all comes down to the heart of Agile: Collaborate, Deliver, Reflect and Improve.  He continuous in explaining how people learn skills in 3 stages; Shu (Learn a technique), Ha (Collect Techniques), Ri (Invent/Blend techniques).  You can use Shu-Ha-Ri at any area within the ‘expanded’ heart of Agile. Check out his category on guest leadership.

Code as risk, Kevlin Henney

After a lovely lunch and talks I joined ‘Code as Risk’ from Kevlin Henney. In his talk he demoed how clean code could be used as a technique to remove ‘unsecure’ code. In his example, he refactored out the complete code to make a server connection. No code is more secure after all.

Moral Foundations Theory: Help in Overcoming Resistance, Linda Rising

I joined the talk from Linda Rising about ‘help in overcoming resistance’. She talked about a lot of things I couldn’t remember. I need to watch the recording of her talk. But one thing I do remember is  ‘conformational bias’, something everybody knows, but we seems to forget about every time. It is about the fact we human are all biased by our backgrounds. And that it is very difficult not to be biased when we talk to someone. We are filtering information. The main message of Linda was: ‘listen’. Listen to the other person to work something out.

How to Break the Rules, Dan North

In the same track, Dan North talked about breaking the rules. He explained some of the topics from Eliyahu Goldratt the book ‘Beyond the goal’. Goldratt: ‘Technology can bring benefits if, and only if, it diminishes a limitation’. This is quite a statement. But Dan continued to say, ‘We are really really bad at adopting new technology’. But how do we adopt new technology. Dan says we need to ask 4 difficult questions:

  1. What is the power of the technology?
  2. What limitation does the technology diminish?
  3. What rules enabled us to manage this limitation?
  4. What new rules will we need?

He used MRP, ERP cloud and CD as examples. He concludes by explaining how to break the rules:

1. Understand the power of the new technology

What does it do? How does it work?
Will it work this way for you too?
How can we exploit this technology?

2. Recognise the limitation the technology will diminish

How could you prove the limitation was holding you back?
How would you know it was diminishing? What could you measure?
What is your control group? What if this is just a fluke?

3. Identify the existing rules we use to manage the limitation

How will they get in the way?
What assumptions do they make?
Who owns the rules?
Who might be threatened by dismantling them?
How can we make it safe to change? How to create a graceful exit?

4. Identify and implement the new rules

How can we safely exploit this new technology?
What contraindications should you be looking for?
How do we introduce and institutionalise these new rules?

After his talk, Dan even freed up some time to answer some of my questions. I will elaborate on them in my upcoming posts. Thanks Dan!

Keynote: Surveillance & Cryptography, Jaya Baloo

The closing key note was from CISO of KPN, Jaya Baloo. In her talk see basically warned us all: Quantum computers are real and they will be used by govenments in the coming years to encrypt our (currently secured) data. Make sure you data is save now. Thanks for the advice.

It’s late now. Tomorrow day 2.