Infosecurity London 2018

If you're thinking of attending Infosecurity in Olympia, London next year, here are a few biased pointers why this might be a good idea, depending on your role and expectations.

The reason I am going is to learn about new vendors and new ideas. Personally I find that one day at the conference gives me ample time to at least pass every booth and talk to every vendor I am interested in, plus some time to attend a few tech talks. It's easy to spend two days, too; but if you plan ahead one day will normally suffice. There are, of course, booths from the well-known, large players in the industry. Very often they have lots of people on their booths, who wish to talk in length about their company, scan your badge and hand you a gadget. More interesting, in my opinion, are the tiny stalls with new companies on the market, because very often that's where I see new ideas or innovative approaches to tackling security problems.

A note about the badge scanning: it's fairly easy to score a free ticket for the conference, which means that somebody else is paying for the whole thing. That somebody else would be the exhibitors, mostly. This is a personal choice, but I do not mind getting scanned from vendors I'm interested in; they will get personal data from it and try to contact me after the conference. This is fine by me. If I am not interested in what they're offering, I'll just politely tell them. If that doesn't work, they're rerouted to the spam folder. That said, I think that scanning random passers-by of your booth will generate shitty leads. Yes, I am at Infosec; so I must be interested in information security, right? True, but it is a wide field. Personally I am not very interested in endpoint protection, for example. If I look around and try to figure out what your company does, and you proceed to scan me, than your sales person will waste their time when they contact me.

Oh (I didn't mean to turn this into a rant, it really is meant to be helpful) - if you'd like to catch customers like me, make it clear what you do. Just writing your company name in bold letters and add some buzzwords (looking at you, "Cyber-of-Things") isn't cutting it. In fact I am less likely to engage you in dialogue (or get engaged) when you don't tell me in the first few sentences what it is that you're doing. On the other hand, I'll happily come over to talk to you (without someone pulling me) if your product looks like it belongs to a category I am interested in. Don't act mysterious. Transparency will get you farther, I think.

As a visitor, be prepared that some vendors have adopted a strange tactic. Their swag or giveaway items range from bloody useless to outlandish, and a strange belief they're sharing tells them that you're so much more inclined to buy their solution if they hand you a bouncy ball with blinking lights inside. Whoah, dude, thanks for the ball! Of course we'll spend 250k on your solution - just look at this ball!

Personally I'd rather have a good chat instead of toys for children I don't have.

On the other hand, many people at the booths know their stuff. Yes, there are sales people and other people whose sole job is to get you to come over; but so far, technical questions got a satisfying answer at most of the booths.

It could also be a cool occasion to learn about the whole industry, if you're new to it.

The talks are of varying quality, and they usually are being held by various vendors giving you some insight on tech or strategy. Infosecurity is a good way to bring you up to speed with this year's new stuff, and it also is a very good place to reconnect with old friends and acquaintances.

So should you attend? If you haven't been and if London is not too far away from you, you hardly have anything to lose. If you work for a small company you might find it hard to get all the vendors you're interested to come to you; so it's easier to come to them. Apart from it-sa in Germany there aren't many places in Europe (that I know of) where so many of them are gathered in one place.

I will probably attend 2019 as well, but the main reason I am going to London that time of the year is BSides London, which I will write about in another post.