Let's just get past this one point: Meet Magento Spain was an amazing time not even counting the little detour I took before the event to climb Al-Mansur (Pico Almanzor) in Sistema Central. Even taking away the non-stop riot listening to our MageTalk hosts go at it day and night, it was an event totally worth attending.
If you were on the fence about attending and didn't, you should consider doing so next time it is held. I really like the new format which keeps things a bit simpler. All the main events with sponsors happened on one day and the second day solely dedicated to informal community connections and the hackathon at the Interactiv4 headquarters. (As an aside, check out the Unhack-Core n98-magerun plugin built at the hackathon)
During the main event, Phil Jackson and I double teamed the topic of security. The flow was perfect, he was able to get in and give tons of great information about PCI compliance with solid examples and excellent action items. Then later in the evening I covered the bigger picture of thinking securely in your Magento organization. Everyone was really happy to have an open source Incident Response Plan available—more than I imagined! I guess as time goes along, I will open-source more and more of my toolkit.
Given the reactions, I am guessing drilling home the fear factor is working and I'm happy that this is taking some precedent among the Magento community. I'm on a self-imposed mission to raise the bar on the security of solutions being produced within our community and I'm thankful to have people like Phil Jackson, Bastian Ike, Lee Saferite and Anna Völkl working alongside me.