How much is too much? At what point in time do we reach saturation? Are the amounts of information security events we currently have too many? Not enough? To me there are two types of information security events: those that happen monthly (on a local level) and those that happen annually. The latter is the bigger production with exhibitors and usually last for at least a day or two, if not longer.
I’m the chairperson for the Seattle chapter of the National Information Security Group (NAISG), but we also have ISSA, WTIA Security Sig, Agora, and the Cloud Security Alliance. Not to mention ISACA and InfraGard. NAISG is a labor of love for me, but I have to ask, is all of this too much? Agora is by far the best of the lot or at least the most popular for networking and it only happens on a quarterly basis, but at the least that means we have about one event a week we can attend.
Do other cities have a glut of monthly security meetings? How many does your city have? I would like to make it out to all the meetings, but honestly I either don’t have the time or desire. How do you choose which events to attend?
One of the larger events I make it out to RSA and I try to get to Black Hat (sadly missing it this year!), as well as SecureWorld. But even then I narrow my time down to spend a few days at the larger events and a half day to a day at the smaller ones.
So where does the value lie with the many information security events? How do you determine where you spend your time? One plus side to all the events is there’s plenty of opportunities for people to get CPE credits.
I’m committed to NAISG, but I’m thinking I might have enough in me to commit to one more monthly meeting. Otherwise, I’m just going to forgo the others. Maybe if they sent out a menu of food options that might be enough to push me to more!
I’d love to hear other thoughts on this.