Tuesday, August 28, 2012

Pauldotcom 300th episode

I assume if you are a regular Pauldotcom listener you probably know about this week’s special episode- but if not: it is the 300th episode, and will run from 10:00 am to 6:00pm EDT.  The lineup of guests and tech segments is outstanding, and we will be raising money for breast cancer research throughout the event.

Full details are at the episode 300 page, here are just a few highlights:

Tech segments galore

Panel discussions on Mobile Security, Security Awareness Training, What Really Works in Network Defense, and Is Pentesting Worth It?

The guest lineup is amazing, including Charlie Miller, Wendy Nather, SpaceRogue, David Mortman, Josh Wright, Zach Lanier, Dameon Welch-Abernathy (aka "Phoneboy"), and many more

Please join us live on Friday, or enjoy the audio or video recordings later- and help us raise money to fight breast cancer.  Links to make donations are on the top of the episode 300 page.



Friday, August 17, 2012

The BSides Las Vegas 2013 Innovation Challenge (aka "The Science Fair")

Yes, 2013. There are a lot of great BSides (and other) events between now and then, but we want to get the word out about this to give people time to come up with some amazing submissions for this challenge.  The Innovation Challenge is being run in conjunction with Security BSides Las Vegas 2013 by a team lead by A. P. Delchi.  Full details of the “Science Fair” are in the press release below:

The BSides Las Vegas Innovation Challenge
Aka "The Science Fair"
Produced by: A.P. Delchi

Remember the heady days of the science fair? Demo parties? People coming together to show off the amazing bits of awesome that they had made in their basement? It’s time to revive this tradition and bring it to the modern day security conference. From an open call to the world, twelve teams representing hackerspaces and maker groups will be selected to come to Las Vegas to compete in four categories in front of a panel of judges to demonstrate what they have accomplished. Awards will be based on cash and hardware provided by sponsors and donations from across the industry.

Get your hackerspace, maker group, or team of friends who tinker in your basement and prepare your best projects and innovations to be presented to the BSides Las Vegas conference. This is an open call to groups that have established themselves, or are up and coming and ready to amaze the world. Submission methods are up to the group, but videos, pictures and live demonstrations are suggested. The call for submissions will be seeking entries for the following categories:

Category One: Things that make things
Did your group build a 3D printer, laser cutter, CNC device or some other piece of awesome that helps you make other things? What did you do with it after you built it? For example some folks have built 3D printers and used them to fabricate parts from skateboard wheels to carrying cases. Show us what you built, and what you built with it!

Category Two: Biohacking
Has your group experimented in gene splicing, implants, aeroponics, automated hydroponics, biofuels or other such biologically inspired projects? Bring your beakers and your Jacobs ladders to the people who rarely hear about such things. Innovations such as a kit to test food to see if it contains GMOs, Innovative home farming methods using automation and chemistry are what we are after.

Category Three: Vehicles
Get out of the garage and in front of the people! Have you turned your ordinary car into a hackmobile? Converted an old school bus into a rolling data center? Does your car have more storage space than your home computer? We are talking more than just thumpy bumpy sound systems – we want to see your home made Batmobile. Atomic engines to power! Nessus scanners active, rolling Wi-Fi hotspots activated! Make it so!

Category Four: Demos
From the good ‘ol days of demo parties, show us what you’ve got! You will have your moment on stage to display your awesome. Remember the talent show scene from Revenge of the Nerds? We now have EL wire and wearable MIDI. Take us on a magic carpet ride of awesome that shows what your team can do. Unlike the other categories, you will perform at the awards party and no one will know until it’s over who will win this category. Clap your hands everybody, and everybody clap your hands!

Open submissions start NOW. Submissions can be anything from photographs, videos, live streaming or wherever your imagination takes you. Six months out from the event a panel of judges will select three submissions from each category for a total of twelve groups who will be invited to come to BSides Las Vegas and make their presentations. From there a second panel of judges hand-picked from the old , new, and weird school will judge the submissions with the winners being announced at an open party during the conference.

Prize packages will be determined based on sponsor and donor contributions. At this time hundreds of trained squirrels are working to contact potential sponsors and contributors to make the rewards the best we can muster. As this develops we will keep you updated.
In each of the four categories, the prized will be :
1st place : Amazing package of stuff and things, to further your awesome and make your innovations come true.
2nd place : A not as amazing as first place but still enough to give you toys to take back and build, innovate and make things happen.
3rd place: Guaranteed entry into the competition next year without having to go through preliminary judging.
Prizes for the first three categories will be awarded at an awards party to be held after judging. The demo competition and awards will happen as part of that party. Plans for live bands, DJ’s and sponsor demonstrations are in the works!

Does the idea of a show of awesome and supporting hackerspaces & maker group innovation make you feel warm and fuzzy inside? Do you want to donate hardware from your company, or sponsor the event in other ways?  Let us know! We will be reaching out in every way we can to ensure that the sponsors and donors as well as the participants are recognized in the forward march of human driven innovation. Security BSides Las Vegas, Inc. is a registered Nevada non-profit educational and charitable organization and the contest organizers are ready to work with you to help make this an amazing competition.


Monday, August 13, 2012

Marketing to the cynical, skeptical, and jaded (us)

There was a good thread on the Security BSides Organizers’ mail list about sponsorships, and I shared some observations and opinions about the best ways for BSides sponsors to get the most value out of their investment.  It was suggested I turn my comments into a blog post about marketing to InfoSec pros in general.  So here it is, somewhat cleaned up and expanded, my suggestions for marketing to the jaded, professionally skeptical, and often cynical technology and security pro.

The key is contact. BSides events are different from most events because we want sponsors, not vendors, to keep the atmosphere non-commercial.  To get real return out of BSides the goal needs to be awareness, not lead-generation (although recruiting is generally an exception to the "no lead gen" idea).  This applies to most marketing, multiple low-impact points of contact or visibility might be ignored, but they are likely to have real reinforcement value if done properly- and are unlikely to offend or annoy people.  Simply driving for the leads often gives a pile of useless email addresses, and people who are annoyed with your calls and email.  This is not to say no leads will come from BSides or other “low-impact” events, but that they should not be the primary objective.

With BSides, there may be various underlying goals, brand awareness (look at Milton Security, or Astaro); awareness of what the company does/does now (wow, Tripwire does all that now?); or goodwill and brand reinforcement (Barracuda, IOActive, Qualys).  (Forgive me missing many examples here, I’m using these based on some BSides experiences, this is by no means a comprehensive list).  Sponsors who have a defined their objectives will do best- as with most things in life, having a reasonable goal is a pretty good idea.

No matter what, participation is key to amplifying the message and investment.  Having people at the event, speaking, volunteering, contributing, that is the key to maximizing value IMHO. (And remember, I'm in vendor land, I pay attention to these things for work, not just BSides).  That’s right folks, just sending money is great for the event, and has value for the sponsor- but you have to participate and engage to get the greatest results.  Prove you want to be part of the community, that you are listening, not just broadcasting, and have some fun too.

This is not to say that when I walk into your booth at a trade show and ask about your product that I am not a lead.  But when I walk by and someone leaps out to accost me- I am absolutely not a lead.  And by the way, if you are really serious about lead generation I’m sure you can answer the following questions about those leads:

  • What percentage of total leads are “real”, “qualified” or whatever terminology you use to determine level of effort in follow up? (You don’t treat them all the same do you? That would be foolish).
  • An easy one: what’s the cost per qualified lead?
  • What is the close ratio on gross and qualified leads?
  • What is the profit margin on those leads, and how does that compare to average transactions, and other to events?
  • Bonus for the hard-core: what’s the retention rate on customers acquired at the event?  (Assumes subscription, support, or other recurring costs related to the initial sale).

What, you can’t answer those questions?  Then surely you are working on setting up a metrics program so you can, right?  Otherwise, you are probably wasting a lot of time and money, and likely annoying a lot of folks in the process.  For the record, I spent many years paying attention to lead generation and lead metrics for a variety of industries.  That was in a past life, but it appears to still be relevant.

Words like “engagement” and “community” are overused by charlatans, marketing gurus, and social media experts- but if you cut the crap and actually engage the community, people will pay attention.

And while I’m on a roll: “influencer” is another abused term, but some people do have more of a voice in the community than others.  Ignoring people who “aren’t ready to buy” could be a very bad idea if they are interested in what you do.

Remember, “marketing” isn’t a dirty word as long as they’re buying the drinks.