Practical Advice for Submitting to Speak at a Cybersecurity Conference

SANS Institute · Advanced ·🔐 Cybersecurity ·7y ago
Skills: PM Basics60%

Key Takeaways

Provides practical advice for submitting speaking proposals to cybersecurity conferences

Full Transcript

some of what I'm going to talk about is RSA Conference specific but the vast majority the front end of this really I believe is representative of most any conference it's been interesting reading through Twitter streams and and other things from people who are on program committees of of other conferences it's it's very similar the things that people are after so hopefully John and I done who's read probably several thousand call for speakers over the course of your time with the program committee both of us have seen lots of things we've seen things that it's Eureka Wow that sticks we've seen things that oh you know there's a nugget here if only so we'll talk to you about some of the if onlys and some of the Eureka moments and what you can do to hopefully submit confidently and then once you get to conferences no matter what conference you're at be comfortable and confident in your expertise presenting there so my first I took some took some little notes because the big aha moment that I had as I've been listening to your great presentations over the last day and a half is that what goes into a good call for speaker submission is a lot of the same themes of what you guys have been talking about what goes into good training if some some quotes understanding your audience or you know in this case it's understanding your audiences audience since we're the gatekeepers of you know we know we know the RSA Conference audience so we're looking for what's really going to resonate with our audience so so spend some time learning about the event for which you are submitting a session I cannot emphasize that enough that knowledge of audience and that that reflection of who that audience is is it is very important and one thing that Britta and I were talking about is from being on the program committee we like people that have speaking experience because you have over 40,000 people coming to hear these talks you don't want someone that this is their first time in front of an audience and so if you've never spoken publicly before start small don't start with RSA start just start with local you know there are local chapters of things they're always forums that are looking for speakers so get your get your feet wet and then work your way up to RSA absolutely I don't know sands Jennifer Jennifer who's in the back right now Jennifer wave your hand Jennifer's my counterpart with sands she's awesome I've really enjoyed getting to know her better sands does lots of different events hopefully this this guidance we're giving you you know it's applicable for the for the submissions that you make through the sands sands this this is a big event there's some smaller events with sands as well you know look at the range of things that you have look at internal and do reflect those things on your submissions that come in where you have experience at RSA Conference we do have a lot of different learning formats too we have traditional sessions like this we have peer-to-peer which are discussions those are those are 30 people it's no slides it's you are an expert facilitator facilitating a discussion on a specific topic those are great they're really really really well-regarded sessions that can be a way to get your feet wet in in that community in a little bit less stressful setting you know it's hard to get up on a stage and rock it's harder when the stage is you know twice this size and there's a whole bunch of screens around we want our presenters to really feel good about what they're doing we throw a lot of resources into working with our presenters as well but make sure you you know start start where you're comfortable and pick an area that you feel very confident in I learned early on when I started doing public speaking at first I just was waiting to mess up and that's all I thought about was am I gonna say something stupid and then I came to realize that you know what I this is my area of expertise I know what I'm talking about I don't need to be afraid and so pick an area that you won't be afraid that you'll feel comfortable that I am confident in what I'm speaking about and to that end make sure that confidence comes through in your submission this is this is not a time to be bashful this is not a time to oh well maybe I have all of you in here are our experts by your own right in some specific area find that area of expertise mirrored with your area of passion you see those submissions that come through where there's that sparkle there is just something different when you can tell someone deeply passionately cares about something make sure that passion comes through and and don't be bashful don't feel like oh gosh I shouldn't be bragging so you're not bragging you're showing this is this is my expertise darn it I'm the very best most qualified person to be talking about this and tell stories in your submission as well as in your talk you notice I told a lot of stories today stories just make it interesting it makes it real it makes it personal and I can tell you from being on the program committee you know you're reading through hundreds of submissions and it's like oh boy there's another one sounds just like the other ten that we're talking about this topic but when you get one where they actually tell a story it's like oh that's really interesting it's the same topic as those other ten but this one's really an interesting way of approaching it exactly examples that that's that's what grounds you what differentiates you which which it does make it memorable and sometimes it's that's what when you so Don is not a a queen all by herself Don is a queen but she isn't the queen of a singletrack we have every track has two to four members of the program committee we try to do as many checks and balances as we can do so there's no bias so Donald remember something because oh wow that person had the example of when they use such-and-such and they fell flat on their face fall flat on your face stories are awesome they're good you're it makes you vulnerable right it's hard to put yourself out there and share failures and yet as we all know is the failures is those learning experiences as those oh wow I can learn from and grow from that is extremely memorable for the program committee and ultimately for the audience that receives the presentation what did you all clap at this morning when I told you that I forgot to include our communications person in our cyber crisis man in our cyber crisis until later and you loved that because I was telling you I made a mistake and so yeah that's very powerful super so to those communications people more specifically the marketing people don't let them touch your presentation or your submission they want too many of them particularly if you're from a vendor they will want to weave in some of their messaging their elements it it becomes really obvious very quickly for us when a submission has come in that is marketing driven that is PR driven and you know you guys don't want to be sold to that's not why you're here is to hear a sales pitch neither do attendees at RSA Conference nor attendees are probably any conference so with all due respect to the wonderful marketing and corporate comms people in the world you're the experts you know maybe if if your company requires that they sign off on it or they see it great have that as a final step but you need to drive it specifically to that with the RSA Conference submission there's a portion called session detail to 2500 characters it's a long piece that is where you set yourself apart from the 5,000 other submissions that are come in going to come in on protecting your company from the Internet of Things GDP our basics machine learning strategies and solutions those are those are three titles that people have run past me in the last two days with a hey what do you think and what do I think there might be something great in there there probably is something interesting but from that title alone I don't know it sounds like 2030 other submissions I'm going to get so you're the experts make sure your expertise the specific examples the specific guidance the and then I experienced this metrics people love metrics where's my metrics ladies from before it's those tangible that's the measurable it's the visualizations of things people love the specific learning examples that you have from within your organization's and if you can pair up and this is just from a public speaking perspective too it's much more comfortable being up here with Britta tag-teaming then being up here by yourself and so if you can partner up with somebody from a different company is great because when we read those we're like wow there's somebody from this company and this company together that's powerful but even within your own company just you know if you have somebody from your company who has a different perspective then there are two very different perspectives that are going to be portrayed and that's always interesting as well I really really appreciate that yeah RSA Conference we're all about intersection of domains we have legal folks we've policy folks we have technology folks we've business folks and that that Eureka moment that aha frankly even within our own organizations I almost think of it like a Venn diagram it's finding that intersection point where a different conversation happens because those two people are looking at things from very different backgrounds very different directions that's the Eureka moment so when that Eureka moment is presented to the audience that's powerful and that's powerful in a submission because it shows us you know it's right-brain left-brain thinking it's it's different ways of approaching the same problem from different disciplines just like we have to within the cybersecurity world and actually the highest speaking scores I ever got were when my co-speaker was our senior vice president of human resources because talk about the human element how more perfect can you get so we were talking about inside a risk but I was giving the technical perspective and she was giving the people perspective and that was one of the most fun talks I've given and you're the people people yeah which also you know if you get to be on stage with Don it's really easy and a lot more comfortable okay you know fine find someone that does you know either to to co-present with to develop the submission with when your submission goes through the first time someone reads it it shouldn't be me you know share it with others have others in your team look at it you know get get some feedback from others you present present get your feet wet adi at another at another conference at an internal event somewhere make sure that when you're hitting the stage you feel so confident because nothing is worse than then putting you frankly in an uncomfortable position where you don't feel like you rock because you do all of you have something that you are better at than anyone else in this world and and you should have the opportunity to shine in sharing that expertise with someone and as far as having someone else read it if I get a submission that has misspellings and sentences that suddenly end and they are in complete sentences obviously this person threw this together the night before it was due that's very annoying and I figure if they couldn't put a little more time into their submission what's it going to be like with their presentation it just right I just throw that one on the discard pile because this is a big conference in any conference any place you speak you need to put the time in and let the people know that you're submitting to I take this seriously I am gonna do a good job for you it also makes the program committee member a little bit nervous that you might not be respecting the deadlines because the the program committee bless their hearts they're awesome they not only pick the submissions that will appear on the track they do two to three reviews of those presentations before they even hit the stage and that's not so we can be Big Brother and babysit and all of that rather it's so that quality feedback can be given that will help you gosh this was really powerful and interesting but is there a way you could put some visualization for that rather than you know an eye chart slide with a whole bunch of bullets is there an image that'll work there is there an example that you can weave in is there a specific you know use case that you can share so the program committee they're your team they're your they're your domain experts that are that are really working hand in hand with you to make that better so that when you hit the stage it it just shines so when something is red that has you know a bunch of typos or you know hanging sentences or whatever it just leaves you a little bit nervous that maybe that might be your experience with the speaker throughout and we're very competitive and every year Britta gives us our scores so you know we talked about metrics and competition she gives us the metrics for all of the tracks from the previous year and you know I want to be at the top I don't want to be at the bottom so I'm picking I'm picking submissions that are gonna make me look good and that's what you have to keep in mind but there's someone looking at this that if they aren't confident in it you're not gonna get picked so you need to be confident in yourself yeah yeah I love data to to those ladies of data I love to look at the numbers I love the story that's told to me by the trees as well as the forests as I pull back applicability so RSA Conference we are also about what's gonna help what's gonna the audience their house their job gonna change based on going to a session I've loved every single session here that I've seen it ends with so what do you do differently what are your takeaways what are you gonna do that's so important and make sure that comes through also in your submission in our world of cyber security there's a whole lot of you know things that go bump in the night and scary things and you know there's a place in a time for understanding scary things and threats but what am I going to do as a result of it what differently how do I need to approach my job how do I need to approach my interactions with with those in my organization upward downward across you know how how is what I've learned today going to change short short medium and long term how I approach my job make sure that comes through in your submissions and you know I'm sitting here looking out thinking how many of you are thinking I'll never speak at RSA so why are they talking so long and you know I'm just thinking I have had a number of you come up to me during breaks and ask just about career in general and this this not RSA but getting out and getting into the community and doing public speaking really is a booth to your career and if you become known within your company as a person who goes out and gives talks externally that that gives you a lot of credibility in your organization so don't think about this as do I want to be a famous public speaker think about it as just your career growth and gaining some credibility within your company and outside your company excellent and I'd also think about we like to constantly look at things out of the box you know I've got some background in adult learning approaches and and we don't all learn the same some of us learn really well by sitting and listening and taking notes maybe raising her hand maybe not we all say we want a network we all say we want to but it's really scary when I'm sitting next to someone I don't know what am I going to say so we have lots and lots of different session types and I'm fully aware that I probably haven't figured out every possible lesson type so if you have an idea if you're a Britta I really like the idea of presenting to my peers I have this sort of thing I don't really think it works in a format of a presentation but why do you think if I'd love to hear it we do traditional sessions we do peer-to-peer like I said with your facilitated discussions we do labs which are similar to the workshops that are being done here which are great interactive small group you get to roll up your sleeves and work we've got all kinds of different formats so I'm we are constantly experimenting we're a big enough playground that we we constantly try to look at things different different difference so don't be afraid to try something different okay we're gonna have to wrap things up here ladies so thank you so much if you have questions beat her up afterwards you

Original Description

SANS Summit schedule: http://www.sans.org/u/DuS Giving presentations at conferences is a great way to share your expertise, expand your professional network, and bolster your personal brand. But how do you submit a proposal that sets you apart from the crowd? Britta Glade, Director of Content for RSA Conference, and Dawn Cappelli, CISO of Rockwell Automation and program committee member for RSA Conference, have reviewed literally thousands of proposals, and share their tips for getting yours noticed and selected. About Britta Glade Britta Glade is Director, Content and Curation for RSA Conference. She has been in the learning and security sector for 23 years. Most recently she headed analyst relations for RSA and in 2014 was recognized by industry analysts as one of the top 10 analyst relations professionals by the Institute of Analyst Relations Professionals, a global recognition that values responsiveness, relationships and results. About Dawn Cappelli Dawn leads the Global and Information Security (G&IS) team at Rockwell Automation. G&IS is responsible for protecting Rockwell Automation and its ecosystem of customers, suppliers, distributors, and partners from the ever-changing global threat landscape. She came to Rockwell in 2013 as Director, Insider Risk, and built the company’s Insider Risk Program. Before coming to Rockwell, Cappelli was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center. She is recognized as one of the world’s leaders in insider threat mitigation, and has worked with government and industry leaders on national strategy issues. Cappelli is a Certified Information Systems Security Professional (CISSP), and she holds a Bachelor of Science in Computer Science and Mathematics from the University of Pittsburgh.
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from SANS Institute · SANS Institute · 56 of 60

1 SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS Institute
2 SANS Institute Cybersecurity Training Customer Stories
SANS Institute Cybersecurity Training Customer Stories
SANS Institute
3 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
4 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
5 CISSP® Prep Exam, MGT414, by SANS Institute
CISSP® Prep Exam, MGT414, by SANS Institute
SANS Institute
6 SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute
7 Information Security Training from SANS Institute - Student Testimonials
Information Security Training from SANS Institute - Student Testimonials
SANS Institute
8 SANS NetWars
SANS NetWars
SANS Institute
9 SANS DFIR NetWars
SANS DFIR NetWars
SANS Institute
10 Hack The Drone - SANS Cyber Academy UK
Hack The Drone - SANS Cyber Academy UK
SANS Institute
11 SANS VetSuccess Immersion Academy
SANS VetSuccess Immersion Academy
SANS Institute
12 SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Institute
13 The 2015 SANS Holiday Hack Challenge
The 2015 SANS Holiday Hack Challenge
SANS Institute
14 SANS VetSuccess Academy: Hands-on Skills
SANS VetSuccess Academy: Hands-on Skills
SANS Institute
15 SANS VetSuccess Academy Overview
SANS VetSuccess Academy Overview
SANS Institute
16 SANS ICS Security Summit & Training 2017
SANS ICS Security Summit & Training 2017
SANS Institute
17 Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
SANS Institute
18 WannaCry recap, patches, and analysis
WannaCry recap, patches, and analysis
SANS Institute
19 If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
SANS Institute
20 Graduation Day - SANS HM Gov Cyber Retraining Academy
Graduation Day - SANS HM Gov Cyber Retraining Academy
SANS Institute
21 Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
SANS Institute
22 SANS Data Breach Summit & Training 2017
SANS Data Breach Summit & Training 2017
SANS Institute
23 SANS Secure DevOps Summit & Training 2017
SANS Secure DevOps Summit & Training 2017
SANS Institute
24 How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
SANS Institute
25 SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Institute
26 SANS Cybersecurity Programs for the Department of Defense
SANS Cybersecurity Programs for the Department of Defense
SANS Institute
27 SANS Pen Test HackFest Summit & Training 2017
SANS Pen Test HackFest Summit & Training 2017
SANS Institute
28 SANS SIEM & Tactical Analytics Summit & Training
SANS SIEM & Tactical Analytics Summit & Training
SANS Institute
29 If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
SANS Institute
30 SANS Institute
SANS Institute
SANS Institute
31 ICS515: ICS Active Defense and Incident Response
ICS515: ICS Active Defense and Incident Response
SANS Institute
32 SANS Institute
SANS Institute
SANS Institute
33 Introducing the NEW SANS Pen Test Poster
Introducing the NEW SANS Pen Test Poster
SANS Institute
34 SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute
35 SANS ICS Security Training, Munich, Germany
SANS ICS Security Training, Munich, Germany
SANS Institute
36 SANS Automotive Summit Webcast
SANS Automotive Summit Webcast
SANS Institute
37 Privesc Playground - SANS Pen Test HackFest Summit 2017
Privesc Playground - SANS Pen Test HackFest Summit 2017
SANS Institute
38 Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
SANS Institute
39 Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
SANS Institute
40 SANS Security Operations Summit & Training 2018
SANS Security Operations Summit & Training 2018
SANS Institute
41 Sh*t Happens!  (But You Still Need to Drink the Water) – SANS ICS Summit 2018
Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018
SANS Institute
42 ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
SANS Institute
43 You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
SANS Institute
44 A Sneak Peak at the New ICS410
A Sneak Peak at the New ICS410
SANS Institute
45 Jumping Air Gaps – SANS ICS Summit 2018
Jumping Air Gaps – SANS ICS Summit 2018
SANS Institute
46 Introduction to Linux
Introduction to Linux
SANS Institute
47 Introduction to Malware Analysis
Introduction to Malware Analysis
SANS Institute
48 You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
SANS Institute
49 Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
SANS Institute
50 Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
SANS Institute
51 Apples and Oranges?:  A CompariSIEM – SANS Security Operations Summit 2018
Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018
SANS Institute
52 SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Institute
53 SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Institute
54 The Science of Security: The Psychological Impacts of Security Awareness Programs
The Science of Security: The Psychological Impacts of Security Awareness Programs
SANS Institute
55 How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
SANS Institute
Practical Advice for Submitting to Speak at a Cybersecurity Conference
Practical Advice for Submitting to Speak at a Cybersecurity Conference
SANS Institute
57 SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Institute
58 SANS Webcast - Zero Trust Architecture
SANS Webcast - Zero Trust Architecture
SANS Institute
59 SANS STX Cyber Range
SANS STX Cyber Range
SANS Institute
60 Part 1 – SANS Institute and Tenable talk about cloud security
Part 1 – SANS Institute and Tenable talk about cloud security
SANS Institute

Related Reads

Up next
Best VPN For China 2026 — Which One Actually Works?
Tutorial Stack
Watch →