Getting the Most Out of Security Conferences

by Scott Flower

With Infosecurity Europe 2023 nearly upon us, I thought I would share my insight on how to get the most out of a visit to a conference. 

I have a varied background of experience in cybersecurity working as an end user of security technology, working for a reseller, and now, with RangeForce, a security vendor. From a vendor point of view, these conferences serve one purpose: to generate business. This is either through an immediate engagement, networking for the future, or wider brand and product awareness.

As a Solutions Engineer, I love the opportunity to meet a huge variety of people, from SOC analysts to CISOs, engaging on different levels and hopefully providing useful insights into how I can help their organization improve their cyber defenses. However, for this post, I will be going back to my time as an end-user, when I was attending the likes of Infosec Europe as a delegate. 

There are only three main activities at a conference: education, networking, and vendor/product engagement. So let's discuss why each is important, and how I used my time when visiting Infosec.


I found the education element took two forms: insight from real users talking about their experiences, and vendors talking about how their products can help with a specific problem. Both of these elements are great learning experiences and can help an attendee understand a problem area. I always preferred to listen to a real-world experience talk/stories from the frontline by a senior security professional, but the vendor technical talks were good as long as the topic was relevant or relatable. I would always make time to attend relevant educational opportunities.


We all know that cybersecurity is a small world and you come across the same people all the time; it’s one of the things I love about working in this space. I still meet up with people I met 25 years ago. Though they have moved roles or changed vendors yet still, our paths cross. However, if you are not careful, a lot of the conference time can be swallowed up simply chatting to past contacts without adding any real value to your visit. I am not saying do not network, just that this isn’t the main reason you have invested your time and money in attending the conference.

From my experience, if you are attending a conference for multiple days the best time to network is at the end of the day once you have completed other objectives.

Vendor/Product Engagement

Some vendors will spend large sums of money on large flashy stands in the most prominent locations. Personally I tended to avoid these and instead head more towards the outer areas. The reason for this being that the bigger the vendor and the bigger their presence, the greater chance I already knew about their latest offerings (or could easily find out). There may have been occasions where I did indeed want to see a demo of a large vendor product and may have visited a stand, but I always found that it was better to engage with the larger vendors outside of a conference rather than during. 

The smaller stands, further out from the main areas, often contained the real gems: startup and niche players that really did have something different to talk about, or emerging organizations taking a different look at a usual problem. This is where you find the vendors you don’t know, but who could have just the solution you are looking for. These vendors do not necessarily have the marketing budgets of the bigger players so you may not come across them in other areas. The stands may not be as busy so better conversation can be had, proving to be a much better use of my time.

So in conclusion—and this is just my opinion—all three areas have their benefits, and to make the most of your time you need to make a plan. 

  • Educational opportunities are timetabled so that should be your starting point for a plan of your time. 
  • Once you have planned which talks you wish to visit, next would be spending time looking around the niche/startups, hunting out the gems that you didn’t even know existed. 
  • Finally, the time you have left can be dedicated to networking.

Will you be at Infosecurity Europe? Stop by and say hello to RangeForce at Stand AB49!

Related posts

(AR)² Readiness Program™

Learn More about (AR)2

Get a custom demo

Take your team's cyber readiness to the next level

Request Demo