With all of the information security conferences that exist today - RSA, Blackhat, Defcon, Shmoocon, Infosec, etc., which one holds the most value and which one should I attend? Let’s break it down into three categories. Content. Money. Play time.
With all of the information security conferences that exist today - RSA, Blackhat, Defcon, Shmoocon, Infosec, etc., which one holds the most value and which one should I attend? Let’s break it down into three categories. Content. Money. Play time.
CHOOSING A CONFERENCE BASED ON CONTENT.
If you are choosing one conference over another based on content, you have to think about what you want to accomplish. Get high level content or in the weeds content! For the latter you would have to go smaller. The smaller conferences are geared more for the technicians, and those who like to get their hands dirty. Maybe some hacking, some administration, etc. You would have to think Defcon or Shmoocon where they offer the nitty-gritty type of workshops and lectures.
Let’s say you are an executive, senior manager, or someone with great influence such as a business owner. If you are and you want to get some good, high level information security content on strategies, current trends, attacks, etc., while also getting to mingle with the big wigs, then RSA is where you have to be.
CHOOSING A CONFERENCE BASED ON BUDGET.
You may have put your priority list together based on content, but if you don’t have the money, it’s obvious that it makes it hard to attend a conference. So if it’s about money, there are one or two options. Defcon and Shmoocon.
Defcon, although in Las Vegas, is only a few hundred in cash. Airfare, conference, and hotel might take you for about $2000. Shmoocon, in Washington, DC isn’t much more, but the ticket in is only $150…IF you can get one. DC might be more expensive because of the hotels. If you end up picking RSA, for whatever reason, it’s gonna cost you. It’s in San Francisco in February. If you are flying from coast to coast, needing a hotel, and having to pay for the conference, you are looking at almost $6000. Not to mention if you work for the government, they aren’t paying for any of it as most training or conference budgets no longer exist.
CHOOSING A CONFERENCE BASED ON PLAY TIME.
If the conference is more than a few days, you might want to do something fun while you are attending. You might want to even bring the family with you. Infosec is a few thousand dollars and in Orlando in April. Perfect time weather wise as the humidity is not in full swing and Mickey Mouse is close by. But you may rather go to Vegas in the middle of summer, where you can have lobster for cheap and gamble, or would you rather go to Washington, DC in the middle of winter, and do some site seeing of our nation’s capital. I am sure each has their preference. But if you live in the Maryland-DC-Virginia area, it’s a no brainer as all that needs to be paid for is the conference and you can commute each day. Again, getting a ticket to Shmoocon is the hard part.
With all your annual information security conference options, I hope I didn’t make it more difficult for you to choose. Or you can always do what I do, and go to two.
This article was published by Roger Colón, 7/25/2014.