Let’s start with attendees, or ‘plankton‘ as Pamela calls them, and the idea that attendees learn something by going to conferences. I think this is partially true – for people that are new to the field or a given role; but doesn’t actually apply to many attendees, where you quickly get the usual suspects showing up year after year. Some events have clearly now got to the stage where their only value to many attendees is meeting with the other usual suspects, and as Pamela points out you can do most of that without buying a ticket. I’m also less than convinced that there’s really much educational value in vendor presentation. Mileage varies (according to the quality of the event) between outright product pitches and ‘here’s one of our smartest people letting you know why we think this is a problem (that needs our solution)’, but it’s still SUV mpg that you get for your money. If you outsource your thinking to vendors then don’t be surprised to get a bunch of dumb stuff for your money. This is why I’ve been leaning towards more academic conferences over the last few years. They have their own rough edges, but there’s no vendor spin, and you get a lot of new information for your money.
James asked me to report back on whether the shift from network security to application security was in evidence. I can’t give a completely straight answer to that, as I’ve spent all of my time this week meeting people and introducing them to my successor. I’m kind of glad that I wasn’t spending time looking for cool new stuff, there doesn’t seem to be any. As for whether people are getting the need to move from the network to the application that seems to depend who you talk to. If this was politics then I’d say it was split along party lines; but it’s technology so it’s split along vendor lines. If measured by floor space then I’d say that we’re mid transition, as it was the host security guys that seemed to be trying the hardest (to differentiate commodity products by having larger and louder stands than the next guy).
Filed under: security | 4 Comments
Tags: conference, security