As many of you are aware, DEF CON recently announced that they were banning me from their conference. It’s important to me, for my family and coworkers that I share with you the following thoughts:

Much of the speculation on social media seems to assume sexual misconduct.  While I still have not heard the exact allegations, a person closely affiliated with DEF CON has informed me that the allegations are NOT related to sexual misconduct.

Others have assumed that I want to know who the accusers are. I have no desire for the accuser’s identity to be made public. I understand the sensitivity of that information and I would do the same regarding protecting their identity.

The problem I have is that I still don’t know what the accusations are. In the DEF CON transparency statement, Jeff Moss stated that he spoke with me about this situation. He did not. We exchanged numerous DMs and emails. In none of those communications did he ever outline the accusations. He made this decision without actually speaking with me. And still, since Feb 10th, I continue to make attempts to contact/speak with Jeff and the DEF CON leadership but have received zero response.

Because of DEF CON’s lack of transparency and communication, I can only respectfully disagree with their ban. But I am not trying to feed the negativity that surrounds this situation. Instead, my focus and attention are on my family, my employees, and others connected to me who have been hurt by this announcement.

From what I have seen and heard, many of the criticisms of me concern my training courses and, specifically, responses to bad reviews from 2015 and 2017.  Those criticisms are fair. I could have handled situations like these a lot better.  I take full ownership of my past mistakes and I believe that I have grown since then and I commit to doing better.

​​I can say with certainty that any dispute or disagreement that has occurred, was not influenced in any way by a person being, having, or identifying as a specific gender, race, sexuality, creed, disability, religion, or any other characteristic or trait.

As an example of that commitment, in October of 2021, I gave a speech at Idaho B-Sides about the time I insulted someone who is non-binary on Twitter, what I learned from it, and how I handled it. You can see the speech here: https://youtu.be/YJx-559_rBI?t=16987.

I will always protect my people, company, and intellectual property. I believe that most of the issues I have encountered with people, whether they be employees, clients, students, or others I had disagreements with have arisen out of real or perceived threats to my company and the livelihoods of my employees.

If I have offended you in some way by how I’ve responded to any of these situations, I am deeply sorry. Confrontation in any way is never easy and I will strive to do better when dealing with situations that I take personally. I welcome open, honest, and non-confrontational dialog.

I owe the infosec community a huge debt of gratitude. DEF CON is a large and important piece of that community and through it, I’ve met some incredible people. But DEF CON is not THE infosec community. I am thankful for the role it has played in my life. However, it is only a small cog in a very large wheel and there are many other parts of the infosec community to be explored. My team and I will continue to give back at other events and strive to always be better.

Sincerely,

Chris Hadnagy

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer.Org. Read the original post at: https://www.social-engineer.org/general-blog/chris-hadnagys-official-statement/