I just returned from the 5th annual Security Congress put on by (ISC)². This was my 1st Security Congress, my 1st industry convention, and my 1st time in California. I didn't see the article 10 Ways to Get the Most Out of Security Congress until after the trip but I managed to cover the most of the points by default anyway.
I put emphasis on doing the following:
- Go to every scheduled event. *
- Take lots of notes.
- Meet new people.
- Ask questions after sessions if I had any.
- Grab any available handouts and publications.
* I went to an educational session each time one was scheduled, attended all keynote speakers, attended all networking luncheons, and walked through the exhibit area.
The biggest thing I got out of this conference was the validation of ideas. I realized I wasn't crazy and should go through with my plans and make the ideas a reality. A few speakers even have earned their MBA. This was great to see since I also have an MBA and often wondered how I could put the knowledge and training to use, let alone in a security role.
There was a big emphasis on security awareness, although that could have been indicative of the sessions I attended. There were over 70 education sessions to choose from but there was only up to 5 scheduled session times per day, which meant I had to miss a few sessions that I would have liked to go to. My session attendance schedule was planned by priority.
This event was also co-located with ASIS International's Seminar. This helped to put physical security into perspective. I never realized how involved physical security actually is. I saw some cool tech from both sides of security on the exhibit floor but I didn't even come close to seeing the entire floor. My focus was to attend a session for every time slot and unfortunately, the exhibit floor was only open 2.75 days (yes, I'm serious) out of the 4. I only had about 22 minutes each day it was open to wander through the exhibit area.
My gripes with the conference are fairly minor, so I'm not sure going through them will provide value. Overall, the staff that helped me were friendly and I came away with a good experience. I would love to go to the conference next year. (ISC)² claimed there would be a discussion of emerging issues, best practices, and challenges facing security leaders. I found this to be true and did not walk away disappointed.
I will be looking into their CISSP certification and may begin the journey to become one.
What was your first industry convention like? Do you plan to go to more?