April 11, 2016 By Kevin Beaver 2 min read

Over my career I have discovered that experience is power. The wisdom that you gain working hands-on in the field can do wonders for your advancement.

Having attended the 2016 RSA Conference earlier this year, I couldn’t help but think about the value such security conferences bring to IT and security professionals and their careers, the value they bring to their colleagues and team members and, most importantly, the value brought to the business overall in terms attendees truly understanding what security is about.

I learned these lessons early on in my career while attending Novell’s BrainShare conference. Having attended that show five years in a row, I felt like I truly became an expert — not only in Novell’s products, but also in their implementation, management and overall integration into the businesses for which I was working at the time.

The Value of Security Conferences

Fast-forward to today and I get very similar benefits from the similar conferences and shows. For every year that passes working in information security, the more I realize what I don’t know about the field. Exposing yourself to keynote presentations and the vendors on the show floor is a great way to stay current. Additionally, attending specific sessions and rubbing elbows with experts in the field and your own peers is the only true way to stay current with the latest technologies, tools and methodologies necessary to be at the top of your security game.

Given how many people attend the RSA Conference, one would assume that virtually every information security professional would be in attendance. However, after talking with my clients and business colleagues, it seems that people who attend such shows are in the minority.

In fact, I have yet to come across an organization that has a specific budget for ongoing security training that provides the individuals in charge with the opportunity to attend conferences, classes and seminars. It blows my mind that the budgets are not allocated in advance, but it’s just as puzzling knowing how many IT and security professionals aren’t even interested in attending. If everything would crumble down because you simply leave the office for a few days, then you probably have bigger security problems. Do some knowledge transfer to a trusted insider or consultant to keep things afloat.

If anything, the mere act of getting away from the office will clear your head and do wonders for your insight and productivity. Solutions to your existing security problems might just be as close as a cross-country flight or quick one-on-one discussion with a security product vendor.

What You Can Do

I’m a firm believer that not much has changed regarding information security essentials over the past few decades. I do believe, however, that technologies and business needs are evolving. Integrating old-school security principles with today’s challenges is where the focus needs to be.

Do what you can to send your staff members to security conferences. Make it a budget line item that gets replenished every year. If you’re in charge of your own training, do what you can to make the case to invest the time, money and effort away from the office. The RSA Conference even has a page dedicated to this subject to help you get started.

You don’t have to go to every big security conference every year. There are local shows that can help fill in the blanks. Just make sure that you’re attending events periodically and consistently over time. It’s the only proven way to take your skills up several notches in such a short period and with a relatively small investment.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today