What's Next: The Future of Big Cybersecurity Conferences

The old curse has come true: we are “living in interesting times.” None of us could have possibly foreseen the way that 2020 has evolved, least of all, conference professionals. A listing on Security Magazine provides the entire list of security conferences and events that have either been postponed or cancelled. Gartner says it’s taking a $158 million hit in its Q2 revenues; O’Reilly went one huge step further, permanently shuttering its in-person events business.

Aside from those gatherings, an entire slew of security meetings has moved into the virtual realm. In-person conferences during the pandemic are seen as being too hazardous and unsafe; better to meet online than to risk spreading the virus.

Companies like Data Connectors and the SANS Institute have gone the virtual conference route out of necessity, as have industry behemoths like IBM and Microsoft…the belief being that vital information can be shared with participants online as well as in-person. It’s never been more important: the chief clinical officer at HIMSS is quoted as saying, “Cybersecurity always has been one of the most important pillars in digital transformation, but its importance is heightened considerably in a pandemic.”

Writing on Crowdstrike, Michael Sentonas says, “Our customers…are facing sudden and profound challenges as they seek ways to quickly support corporate directives for employees to vacate offices and corporate campuses and start working from home. Maintaining security in the face of this global office exodus presents significant risks for most organizations.” And at vendor CriticalStart, Jim Rhode says, “It's never been cheaper or easier for the bad guys to deliver cyberattacks.”

Obviously, the pandemic will not last forever; in fact, as these words are being written, countries around the world and states across North America are taking the tentative first steps toward restoring a sense of pre-COVID normalcy. But we’ll submit that this crisis has altered the “normalcy paradigm;” we’ll suggest that the lessons we’ve learned in the last several months may change the way security and other professionals act and interact when it comes to conferences for months, or even years to come.

In this environment, companies are literally watching every penny; no expense is too small to be scrutinized. For those companies that were going to exhibit at a conference, they’re seeing significant savings by staying home: estimates of $60,000 or more per conference are not unusual, once booth space, show services, personnel costs and more are factored in to the bottom line. At larger conferences, that cost may rise exponentially. These are numbers that cause bean counters’ eyebrows to go up sharply.

By contrast, conferences held on a regional or virtual basis cost far less, which the bean counters will love. The math is obvious: it costs less to travel regionally than to fly across the country and booth space will cost proportionately less. Attendees can get the same information they will receive at the mega-conference, and sales personnel working the booth will know that visitors are prospects; there may be nothing an account executive hates more than engaging a prospect, only to find out that the person has to be passed to another AE because the prospect isn’t in his or her territory. (In fact, a friend of ours who’s an AE is highly skeptical of big shows in general, saying, “Unless you’re using them to wow prospects and clients, [the big conferences] are a waste. Buyers are skeptical. They stay off the floor.”)

Taking it one step further, virtual conferences and summits offer many of the same benefits at sharply lower costs. For instance, I’m watching a Data Connectors virtual summit, aimed at Chicago, Ill.-area cybersecurity professionals, as I’m writing this; more than 1,000 people have signed up for the day-long event…triple the number of those who registered to show in person…and more than 30 vendors have signed on as sponsors, including a number of industry leaders. The keynote speaker is a Secret Service agent, based in Chicago, who understands the regional nuances.

Obviously, attendees won’t attend, and sponsors won’t sponsor if they don’t perceive solid benefits. The company originally had planned the Chicago event as an in-person summit but had to quickly pivot in the face of government-ordered shutdowns. Seven other events, for cities ranging from Seattle to Toronto, will also be virtual summits, and more may occur depending on how quickly our society reopens.

The large conferences have their defenders, of course, not all of them vendors. One well-known technology reporter says, “For Joe User and Jane Developer, I see the real value in meeting mentors, colleagues, and friends. And, in being exposed to the movers and shakers of the industry and new ideas.” We agree to an extent, and don’t mean to suggest that all of the mega-conferences, security-based and otherwise, will wither and die on the vine. But we also see solid evidence that many of the benefits of the large conferences can and are being transferred to the local, even virtual, level.

Yes, we’re living in interesting times, but they are times that may see a permanent shift in how we regard when and where we obtain the ongoing professional information needed to do our jobs more effectively and efficiently. Like you, we can’t wait to see how this all shakes out.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.