Tuesday, May 29, 2007

The Peril of Speaker-Sponsors

One of the interesting aspects of being an independent consultant is having other companies think TaoSecurity exists as a mighty corporate entity with plenty of cash to spend. This has exposed me to some of the seedier aspects of corporate life, namely "speaker-sponsorship." Have you ever attended a keynote address, or other talk at a conference, and wondered how such a person could ever have been accepted to speak? There's a good chance that person paid for the slot.

Two instances of this come to mind. First, several months ago I was contacted by the producer of a television program to appear on their show. The program was hosted by Terry Bradshaw (no kidding) and was looking for speakers to discuss the state of the digital security market. This sounded like it was almost too good to be true, and guess what -- it was. A few minutes into the conversation with the producer I learned that TaoSecurity would be expected to pay a $15,000 sponsorship fee to "defray costs" for Mr. Bradshaw, and other expenses. Essentially I would be buying a spot on the show, but it would be a "fabulous marketing experience." I said forget it.

Second, I just received a call from someone organizing a "security event." This person was looking for "experts" on PCI and other topics for briefings in September. I told him I was not available at the specified time, so he asked to be switched to the TaoSecurity marketing department since what he really wanted was "speaker-sponsors." In other words, people speaking at this event will have paid for their slots. Again, I said forget it.

Keep these thoughts in mind the next time you see a lame talk at a security conference by a marketing person.


Anonymous said...

Sadly, I see those all too often at the local ISSA / ISACA meetings. Presentation title: "Expert From Company X Reveals Big Security Problem You Should Know About!" Presentation content: 1/8 discussing problem, 7/8 showing how Company X's product readily and completely solves it.

Steven Andrés said...

And here I thought I was something special, Richard! My business partner and I were both contacted last summer to be "experts" discussing security in a roundtable with noted gov folks including Gen. Powell. Before we got too excited they asked about the $30,000 fee. Pretty sad. But I guess the big military contractors wouldn't blink at $30,000 to get their resident "expert" to rub elbows with a recently retired General.

LonerVamp said...

Hey, if TaoSecurity has any openings in their IT or security departments, let me know! I'll talk to your HR department and go through any motions you want!

Chris_B said...

And this in a nutshell is why for years I've considered conferences a waste of my time.

NoticeBored said...

Hey, how about starting a movement amongst experienced infosec pros to charge for speaking at such events? I'm no longer submitting papers to conferences that don't at least offer their speakers free admission to the entire event (of course) plus a reasonable contribution to their travel and hotel costs. An honorarium would be nice but right now I'd settle for something approaching cost-neutral. If they won't pay, the only speakers they will attract are the gormless sales types that we all despise who can justify the expense on their marketing budgets ... and conference attendances will continue to spiral downwards.

In another place, a colleague told us she always gets paid for talking about flower arranging to women's groups but can't make a dime by speaking knowledgeably about infosec.


Jon Hart said...

Here I was reading this article and I was trying to think of a nice way to say what 'anonymous' (#1) said. Thanks for saying it.

What about simply... openly voicing your disgust and concern at the events, or simply not attending? My experience, one that probably most everyone here shares, is that if a conference/etc is "sponsored by", "brought to you by", etc, then there is a good chance that it'll be a complete joke and simply a ploy to get people with money in front of their sales droids.

When a manufacturer produces garbage, the consumers typically respond by not buying their products any more and eventually the manufacturer moves on. Perhaps thats part of the problem with this field -- completely flooded with vendors looking to make a buck, mingling with a sea of people looking to spend a buck. If, instead, the people who actually understand the technology (or those that'll be responsible for implementing, maintaining and using it) are the ones tasked with finding the solution, you'll likely have a much more peaceable, solid and secure solution.