I just returned from the 5th annual Security Congress by ISC2. This was my 1st Security Congress, my 1st industry convention, and my 1st time spending meaningful time in California. I didn’t see the article 10 Ways to Get the Most Out of Security Congress until after the trip, but I managed to cover most of the points by default anyway.

I emphasized doing the following:

  • Go to every scheduled event. *
  • Take lots of notes.
  • Meet new people.
  • Ask questions after sessions if I have any.
  • Grab any available handouts and publications.

* I attended an educational session each time one was scheduled, attended all keynote speakers, attended all networking luncheons, and walked through the exhibit area.

The biggest thing I got out of this conference was the validation of ideas. I realized I wasn’t crazy and should go through with my plans and make the ideas a reality. A few speakers have even earned their MBA. This was great to see since I also have an MBA and often wondered how I could use the knowledge and training, let alone in a security role.

There was a big emphasis on security awareness, although that could have been indicative of the sessions I attended. There were over 70 education sessions to choose from, but there were only up to 5 scheduled session times per day, which meant I had to miss a few sessions that I would have liked to go to. My session attendance schedule was planned by priority.

This event was also co-located with ASIS International’s Seminar. This helped to put physical security into perspective. I never realized how involved physical security is. I saw some cool tech from both sides of security on the exhibit floor, but I didn’t even come close to seeing the entire floor. My focus was to attend a session for every time slot, and unfortunately, the exhibit floor was only open 2.75 days (yes, I’m serious) out of the 4. I only had about 22 minutes each day it was open to wander through the exhibit area.

My gripes with the conference are fairly minor, so I’m not sure going through them will provide value. Overall, the staff that helped me was friendly, and I had a good experience. I would love to go to the conference next year. ISC2 claimed emerging issues, best practices, and security leaders’ challenges would be discussed. I found this to be accurate and did not walk away disappointed.

I will be looking into their CISSP certification and may begin the journey to become one.

What was your first industry convention like? Do you plan to go to more?