Are you ready to get your security on? Security BSides Las Vegas is slated to take place on August 5th & 6th at the Tuscany Suites & Casino, and in the run-up to the event we are highlighting just a few of the top-shelf sessions and speakers that are scheduled for this year’s show.
Security BSides events are organized by-and-for the security community, and attract some of the most innovative security practitioners from around the world, and BSidesLV has the reputation for being one of the best events of the series.
We first featured a session with Guillaume Ross (@gepeto42) titled iOS URL Schemes: omg://, which will examine vulnerabilities in URL schemes that could be exploited by malicious actors.
Next up is a talk being presented by Rachel Keslensky (@lastres0rt) titled Geek Welfare – Confessions of a Convention Swag Hoarder, which examines why the sea of swag at conferences are generally a wasted investment for companies, what they can do to improve swag ROI, and how attendees can tip the scales in their favor when it comes to winning the high dollar items offered in vendor drawings.
Keslensky is a regular in the Southeast Hacker Convention scene, and says she has picked up plenty of unusual knowledge both from her formal education as well as from working on her creator-owned graphic novel series Last Res0rt, and held a successful fundraiser on Kickstarter to print the second volume.
She has two degrees from the Georgia Institute of Technology, the most recent of which is a Master’s Degree in Human-Computer Interaction, but she really made a name for herself as a Comic Book Artist, with appearances in Dragon Con’s Comic and Pop Artist’s Alley, and she also did the artwork for the DEFCON 21 Scavenger Hunt.
Her combination of artistic talent and technical knowledge has given her a unique point of view and voice in the hacker community, focusing primarily on DIY, Hacker Media, and embracing cha0s. She is currently working as a Usability Specialist for hire.
Keslensky says those who have booths at big conferences know the pain of having to justify to their company why they had to go to that expensive conference and give away all that swag — and why they came back with so much of it – and attendees have grown tired of trying to find someplace to store the piles of XXXXL T-shirts they will never wear.
“Guess what — that’s all money that’s flying out of those companies’ hands with almost no return on investment. Even worse, with so many ways to re-purpose and repackage 90% of the swag out there, they can’t even claim they’re generating real brand awareness,” Keslensky said.
Marketers who attend her session at BSidesLV can learn from a self-diagnosed “swag hoarder ” on how to avoid wasting their company’s resources on that swag no self-respecting person would use – at least without a few alterations.
And for those who are just another face in the con-crowd, Keslensky will explain how to make short work of all the crap – er, ‘promotional material’ – vendors supply, as well as how to win that iPad or other great prizes offered with a few tricks that will improve your chances at a big score.
“When you look at the typical budget a company allocates to marketing at trade shows and add in the man-hours wasted chasing unqualified sales leads, you can start to see how much money is being flushed down the proverbial toilet – often an amount that if it were attributed to a security leak, it would make heads roll!” Keslensky said.
“But hey, as long as companies keep throwing away money, there’s no reason not to go ahead and make something useful out of it. The ‘hacks’ involved here can all be done from a smartphone and are cheap enough that $10 in business cards and a few rolls of duct tape will net you no shortage of useful swag – and maybe some cool technology too.”
Keslensky says two types of people will benefit the most from he session: Business folks who are looking to make their next trade show efforts more valuable by not wasting their money throwing useless swag at people, and attendees looking to net some kind of quick gain from their time at the conference. Hey, if they’re giving away some sweet piece of technology you want, wouldn’t you want to know how to get it?
“In order to discourage brand pollution and ‘useless’ swag, folks at the talk will learn about how to ‘debrand’ swag using simple tools like duct tape or find alternative uses for all the unwanted t-shirts, as well as some simple exploits for most trade show contests,” Keslensky
“And business people will learn what types of swag are more desirable – or at least less likely to be abused – steering resources towards those items for future shows and hopefully freeing all of us from an endless cascade of blinking pens and dancing clockwork toys.”
Keslensky says “swag hoarding” is just a symptom of a system bloated with excess. Companies are keen on saving their best stuff only for qualified clients, but know they have to provide items that will attract high-impact prospects like executives.
Likewise, attendees who might not be interested in working with certain companies, or are concerned about opening themselves up to sales spam from a badge scan, may nonetheless be willing to play along if they think something valuable is at the end of the rainbow.
“This usually means that companies end up with a large number of unqualified leads wasting sales peoples’ time after the show, have wasted money spent on poorly-optimized booths and worthless trinkets, or most likely, both,” Keslensky said.
“In addition, a huge motivation for companies to spend excessively at conferences is in an attempt to keep up appearances. Obviously, it’s one thing to point out how wasteful so many of these companies’ efforts are, and entirely another thing to actually try and justify the ROI back in the office since the reasons for many of these trade-show blunders are people-based flaws as opposed to software-based ones, so fixing them is far more difficult.”
Moving forward, Keslensky says companies looking to make the most profitable impact at these shows should start focusing on actionable, results-oriented goals – including meaningful swag that’s not as likely to end up at the bottom of a donations box – especially new and growing companies.
“Startups can’t afford to waste time on crappy swag – they should analyze what works, and surge ahead of competitors that just don’t get it,” Keslensky said.
“As far as attendees go… Hey, wouldn’t it be nice to be able to make better use out of all the stuff you come home with so you can focus on what really matters and save your headspace for the companies you actually like?”
- Selling Security: Risk-Based vs the Mutual Business Benefits Approach
- On Proving the Business Relevance of Security
- Attacking the ROI of Advanced Persistent Threats
- Dealing With Unrealistic Security Expectations from the Executive Office
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock