Feeds

Security conferences versus practical knowledge

There needs to be a middle ground

5 things you didn’t know about cloud backup

Since computers became mainstream in the early to mid-nineties, a whole ecosystem has developed around them. The various parts of that ecosystem range from the companies who make computers to the software companies who program for them.

In between those two linchpins, though, are many other components which have now become a fixture on the landscape that we now know as the internet. For example, you have the computer certification industry, a myriad of computer magazines, a vast array of websites, and computer conferences, to name but a few parts of this very large pie.

One of the biggest parts of the computer industry as a whole is that of training. This training comes in many forms from a large variety of vendors. That training then in turn pretty much spawned the certification industry. Not long after that came the computer conference, be it a sysadmin oriented one, or that of the computer security themed one. While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sysadmin and network security practitioners.

Many would beg to differ with me on that last statement I am sure. Let me expand upon this before you render judgment. We go to training vendors who offer courseware on Cisco and Microsoft technologies, for example. By and large the course offerings are quite good, and just as importantly, relevant to the task at hand ie. maintaining your computer networks.

Today's computer security conferences no longer offer relevant or practical knowledge to the attendee. Be honest. How many recent computer security conferences did you come away from with several ideas to implement immediately onto your networks? I would wager none. The same can not be said of the training tracks now offered at most of these conferences. This training is offered by experts in the field and is quite good. Furthermore, it is one of the few places to find advanced courseware on such subjects as reverse engineering, to name but one.

There is an important point to be made before I go on further. I am in no way impugning the talent or skill of the people who present at today's computer security conferences. I myself have submitted talks only to not make the cut. Truth is, I don't feel too bad at losing out to the likes of those who ended up giving the talks. What my not making the cut drove home for me though was that there are precious few practical talks going on today at computer security conferences.

Throughout my time spent as a freelance writer and courseware developer/instructor I found that there is a very real demand for practical knowledge. This is why SANS still reigns supreme when it comes to computer security courses. One could argue that some of their courseware is dated, however, it is very much practical knowledge that one can implement immediately.

So why are the conferences still packed?

Well, with the arguments I have just made one would think that computer security conferences would be empty. The reality is that these conferences are pretty much always sold out or close to it.

Why is that, you ask? All IT managers have budgets, and that is no different for those IT managers in the employ of .gov .mil and other large government departments. What these managers must do is expend those dollars, and an excellent way of doing that is sending employees on a computer security conference. So what we now have is a company funded junket. Nothing wrong with that at all. I enjoy having a beer with friends that I meet at these conferences, and picking up some knowledge as much as the next guy. Problem is that even though I think I have a fairly well balanced skillset, a lot of the topics being offered are of no interest to me. This is due to the simple fact that they are not all that relevant to the network(s) that I work in.

Does this then mean it is a total waste of time to attend the cutting edge computer security conferences? Not at all. Just realise what it is that you are going to get out of it ahead of time. There are excellent speakers there with what is quite often cutting edge research. The question you need to ask yourself is whether or not you or your company will benefit from any of those talks. One of the best things to come out of these conferences is the training that is offered. That in itself is worth the attendance. It is not every day that you can receive training by some of the best minds in the business today.

Is there a solution?

Well, what we need to find is a happy middle ground. A conference that caters to the large mass of sysadmins and network security types who, while competent, still have not mastered their craft. After all, being the sysadmin in a large Microsoft Windows network is no easy task. There are a myriad of practical skills that one needs to attain, and ideally master. How many people can say that they reached a comfort point in the application and maintenance of Group Policy Objects (GPO)?

This and other like minded topics would make for some great conference talks or mini-workshops. That kind of practical knowledge is something you can readily implement on your networks. The example of GPOs is but one small one. What it exemplifies though is that there is a definite gap in the market.

What is missing today on the network security conference front is practical knowledge. It is not everybody who can attend today's cutting edge security conferences and actually walk away having learned something. Was it me being asked by an employee to attend a conference today, I would have a few questions to ask. What is it that you are going to get out of it, and just how will it benefit our network? If the answers aren't there, you're not going. Practical knowledge is where it is at.

This article originally appeared in Security Focus.

Copyright © 2007, SecurityFocus

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?