Thought I’d get tired of this topic? No way, I’m just getting warmed up.
Today’s installment continues on the events themselves:
A lot of people complain about the commercialization, the sales pitches, the circus-like atmosphere of some vendor areas. I’m not a big fan of these things myself (OK, I loathe them), I prefer to engage with vendors in a rational manner- but whether you are buying antivirus, SIEM, a new car, or a washing machine, expect the sales hype. If you are like me you’ll ignore the excesses and gravitate towards the companies who bring engineers and maybe even support personnel to accompany the sales and marketing teams to shows so that they can answer hard questions and help existing customers. And if you aren’t buying, or curious about the tech, avoid those parts of the events altogether (or as much as the venue allows).
The same events which have the big vendorfests are often the best for meeting people for quiet meaningful conversations- not at the show but nearby, away from the mayhem. If thousands of people go to the event, there may be folks there you want to talk to, you don’t have to meet at the conference. If you are going to do this, make appointments. You will not just run into folks and have time to chat. And “I’ll meet you in the lobby” isn’t good enough, especially at sprawling complexes like the Moscone Center in San Francisco, the Las Vegas Convention Center, and other huge venues.
The flip side of over commercialization are the community events with little or no advertising and sales. They are a great relief to many of us who suffer the excesses at commercial shows, but they don’t generate leads for the sponsors so it can be hard to pull in the funding needed for the event. These events often get funded primarily through ticket sales because someone has to pay. A lot of companies will provide sponsorship for visibility and the good of the community, but there are a lot of community conferences and not enough money for all of them.
The realms of for-profit, not-for-profit, and non-profit are too convoluted a topic for this series, bet whether people want to make money from an event or not, they want people to like the event.
It is also worth mentioning the size of events. Everyone want to go to the cool events, and so some grow until they aren’t what they used to be, and a lot of folks complain about this. When I hear such complaints I am reminded of what the sage Yogi Berra said many years ago about Rigazzi’s in St. Louis:
“Nobody goes there anymore, it’s too crowded”
But if events cap attendance and demand continues to grow they get accused of being exclusionary by some. What’s a conference organizer to do?
You’ll note I’ve avoided naming specific events, although I’m sure most of you have assigned names to several things I’ve mentioned. I would, however, like to use one specific group as an example, an example that could be applied to many other groups and events. DC303, the Denver area DEF CON group, is well known and very active, and I’ve heard them accused of being “cliquish” and excluding people from activities and events. I would like to make two points abut DC303 (note, I am *not* a 303 member):
First, as with most organizations, some things are limited to members. I can’t expect to toss my kayak in the bay and be welcomed down at the yacht club. Some things are more open than others- and some do require an invitation, which leads to my second point:
My first interaction with the 303 crew was in July of 2009, at the first BSides Las Vegas. I knew almost no one other than from a few online exchanges, they certianly didn’t know me. And it didn’t matter, I showed up and got to work as did several others- and many of us became friends. That’s it, three simple steps: show up, participate, and be accepted. If you skip step two you probably won’t make it to step three. This applies at your local LUG or ISSA chapter as much as to 303 or pretty much any other entity.
Next week I’ll change topics a bit and babble about what’s wrong with presentations, speakers, and who knows what else.
This is a Security Bloggers Network syndicated blog post authored by Jack Daniel. Read the original post at: Uncommon Sense Security