I attended and spoke at the Information Security Decisions conference in Chicago.

We started off with round-table discussions for an hour Tuesday night for the early-arrivers. We had 60 minutes or so. The topic was IDS/IPS. The first half, the moderator, Andy Briney, presented questions for us to discuss. Second half we reported on our discussions and then kicked around a group topic or two.

All of the break-out sessions during the 2 1/2 days were lecture-style. There are some plenary sessions: lecture and Q&A;/interview.

There were vendor exhibits, all in 10×10 booths. The vendor hall was only opened 4pm.6pm on the two full days (Wed/Thu). They served beer, wine, hot and cold hors d’oeuvres. There were sponsor give-aways (Ipods, memory dongles, and a 2 year lease on a new Mercedes convertible.that last from Symantec).

During the vendor exhibit hall time, vendors delivered solution briefings for all who want to attend.

The attendees were all pre-qualified. I heard that over 1000 applied to attend. Only 300 were selected. The vendors paid for the exhibit and show. (Attendees had to provide a credit card number at the time they applied. The conference charged $300 if they failed to attend.) The pre-qualification seems to work; the vendors I spoke with were happy with the attendance.

The main event started with a plenary session by Professor Eugene Spafford entitled, “The Future of Security.” There were 3 parallel (concurrent) tracks: Perimeter Security–Advanced Intelligence and Threat Response; Infrastructure Security: Identity and Access Management; and Security Management: People, Process and Technology. I spoke in the first track. My topic was “How to Achieve Rock-Solid E-mail Security.” (I later gave a “webinar” on the same subject. You can find it at http://searchsecurity.techtarget.com/webcasts/.) I really enjoyed the presentations by Dr. Joel Snyder (Defense-in-Depth, Part 1 — Architecture Strategies, Defense-in-Depth, Part 2 — Building Intelligence, and 6 Top Strategies for Wireless LAN Security), and Dan Houser.s Submarine Warfare — Perimeter Defense without Walls.

Would I have gone if I was not presenting? Probably not. Was it worth it to me to go? Yes. While I did not learn many new ideas, I did learn a few new ways of looking at security problems through discussions with some of the other speakers. I hope they invite me next year.