Tuesday, February 02, 2010

A Conference By Any Other Name...

...would still smell as sweet.

In a somewhat lame attempt at paraphrasing Willie the Shakes, I wanted to point out that it's that time of year again when folks start looking at training and conference options for the year, and I'm no different. The DoD CyberCrime 2010 conference finished up last week, so I'm keeping an eye on my RSS feeds for attendees posting on their thoughts and experiences, and what feedback there may be. I'm also going to be looking for presentations (and feedback on them) to be posted ...some conferences don't provide that sort of thing, but authors (like Jesse) may.

This got me to thinking...what is it that I look for in a conference? While I've thought about it, I've never really written down what those thoughts are, and then stepped back and taken a look at them. In the past, I've looked forward to conference attendance because of the hype and the titles of the presentations (and the chance to get out of the office, of course), and been sorely disappointed when the presentations ended up being about wicca or being more of a blue comedy routine. Consequently, no amount of hype would get me to go (or recommend going) after that.

For example of the title of a presentation being out of whack with the actual content, when Network Associates purchased Secure Networks and their Ballista product (gawd, dude, how old am I??), I attended a presentation by Art Wong entitled, "The Art of Incident Response". Oddly enough, the presentation had nothing whatsoever to do with incident response.

I think that most people attend conferences for two basic reasons...quality talks, and networking. Okay, the unspoken third reason applies, too..."boondoggle". But for the most part, I think that most conference attendees go to see presentations that could directly and immediately impact what they do, and to meet up with others in the community.

From my own perspective, I generally tend to look for conferences that are going to have some impact on what I do...either because I'm going to see presentations that will impact what I do, or because I can meet and talk to other examiners, as well as potential customers. Something else I also look for is whether or not Syngress is going to have a bookstore at the conference, although this usually isn't the primary reason for going, nor is it a deal breaker.

I attended part of one day of Blackhat DC today, mostly to see Nick talk about TrustWave's numbers. Now, on the surface, you might think that this doesn't impact what I do so much, as I'm no longer in the PCI game. However, the numbers themselves are interesting, and Nick talked about not only the incidents that TW had responded to, but also the scans they'd run. This gave a bit of a different perspective but interesting nonetheless. I also talked to Colin Sheppard for quite a while, and also to Richard Bejtlich (more on that conversation in another post).

So my brief attendance (cut short by an impending snow storm...last week, the weather man said "light dusting" and we got 6+ inches of snow!!) to BHDC was fruitful. In addition to the professional networking, some of the things I heard sparked ancillary ideas...no, Jamie, I wasn't taking notes on Nick's presentation, my furtive scribbling was me jotting down ideas...

1 comment:

Colin Sheppard said...

I definitely enjoyed the stimulating conversation, although I apologize for it being cut a bit short (booth duties called). Hopefully, we can finish up here shortly. Any opportunity for knowledge sharing is always welcome.