Last week I went to Blackhat for the first time. Despite over 10 years in Security marketing, I've always either had a conflict, not been attending or sent the team. I am glad I finally got to go, it was a real eye opener. Here's the top 5 things I learned (or confirmed) while there...
5) The attendees are hardcore as I expected. Very technical, some very nefarious, and very smart. The IQ is about 50 points higher than the RSA show IQ. Implication: send your best and brightest technical minds, leave your sales reps at home.
4) Most of the action happens off the show floor. I did not attend Bsides, but from what I hear, the sessions there were amazing, same with Defcon. It's hard to say which of these is actually the main event. Implication - Find unique sponsorship angles and venues, yes, Paul Judge DID co present with the PMOY (Playmate of the Year) at Defcon.
3) Buyers are probably few and far between. These are practitioners, and mostly of the deep arts of security. Say what you want about Suits vs. tshirts, but the only suits at this show are vendor execs. Implication - What is it about you product or service that will interest this audience, this is NOT a cut and repeat of your RSA or Gartner messaging. Second, what is you influence goal, can the audience actually accomplish a business objective for you?
2) The spectacular gets the attention. Jackpot an ATM, intercept cell phone calls. These are the type of demos that matter at Blackhat. Implication - If you've got it, flaunt it, but if it won't be noticed in Vegas, then leave it at home.
1) Appreciate the people. What a variety of folks. After attending, I have a much fuller understanding of researchers, Blackhats, hackers, etc. This is the critical underbelly( in a good way) of the security industry. Implication - Marketers won't get much respect at this show, and that is cool! But you gotta attend, at least once, to really appreciate the challenges and problems that your company solves and the full ecosystem and breadth of people involved. Great stuff!
Oh, by the way, walking the exhibit hall, I was struck by how BAD a lot of marketing still is, but that's a topic for another post.
I leave you with a quick story. Overheard at registration:
Dude, long black hair, black t, goatee, you get the picture : "I want a pass"
Registration Guy: "Great, ID please?"
Dude: "No, I want a pass.:
Reg guy: "OK I need your ID and credit card"
Dude: "No, I will pay cash" ($1595 I think)
Reg guy: "Great, cash works, I still need an ID"
Dude: "That's Bull*&^*!." Walks away mumbling.
Blackhat is so NOT RSA Conference, need more convincing???