Perimeter

2/24/2013
02:18 PM
Mike Rothman
Mike Rothman
Commentary
50%
50%

You're A Piece Of Conference Meat

Every year folks get hacked off about seeing booth babes at big industry shows. Yet it seems too many don't understand why these ladies are there and how to disrupt these marketing tactics

It's always entertaining to see the outlandish attempts that companies make to get some attention at big trade shows. This week at the RSA Conference, I'm sure you'll see a bunch of banners in the airports and BART around San Francisco of security companies trying to get attention. You'll see box trucks circling the Moscone Center also. All of these tactics have one (and only one) objective: to get you to the vendor's booth on the trade show floor. Being a former VP of marketing, I'm all too familiar with the seedy underbelly of a big-time industry trade show.

RSA Conference 2013
Click here for more articles.

Once you are in the exhibit hall, the real fun begins. You'll see magicians, be served cappuccino, and receive free T-shirts and squeeze toys, You can even gawk at the Soup Nazi. You may also ogle at some lovely young ladies in skimpy attire. Evidently, no one has a problem watching some shlep in a tuxedo do card tricks, but everyone has a problem with a model in a mini-skirt trying to get you to sit down and hear a boring pitch about a product you don't want.

Well, it seems the days of the booth babe are numbered. Recently, the Infosecurity UK conference organizers banned these kinds of displays at their show. That's a bold step, and I'm sure it will be well-received in the security echo chamber (though probably not at the modeling agencies that make a ton of money from these events).

To be clear, I don't have an issue with models making a few extra bucks by showing up at a trade show, though I'm with Marcus Ranum in that I don't know how that helps these companies sell security products. But these ladies have as much a right to earn a living as you or I do. It's not like they are doing anything illegal. But what most folks forget is why the booth babes are there in the first place.

As much as we think trade shows are about education and networking, someone has to pay the freight. And it's a lot of freight. Thus, each vendor needs to scan your badge, so they can have a sales droid call you incessantly after the conference to see if you want to buy its product or service. You may not want to hear this, but that makes you a piece of conference meat. Maybe you work for a big company that has a huge security budget, and then you are Kobe beef. Folks see the name of your company and start salivating. Or maybe you work for a small company or are a consultant, and then you are ground chuck. But either way, you are a piece of meat to these folks, and they'll do whatever they need to scan your badge.

The tactics will change over time -- ultimately because Mr. Market demands it, or Ms. Market, since we don't want to be discriminatory, now do we? Ms. Market, in her skimpy dress, scrutinizes the investment of being at the RSA Conference (or any conference, for that matter) versus the return she gets. That return may be quantified by scans, which represent suspects for the droids to chase. Or they may be very sophisticated and track whether you actually buy something from them. Either way, the process starts with scanning your badge.

Even if it's objectionable to you, Ms. Market says booth babes still work in getting badges scanned. Or else they wouldn't be on the show floor. Again, that's not the message that many folks want to receive, but money talks. Unless the company is stupid and acts irrationally (which is a possibility for some vendors out there), they staff their booths with babes because that tactic generates more meat than the alternatives.

You want to get rid of booth babes? Then don't let those vendors scan your badge. Don't be enticed by the pretty lady asking you to sit for a short presentation. Even if she offers to sit on your lap. And tell all of your friends to take a stand against blatant sexism and not use products from companies that engage in that behavior. It's no different than advertisers sending spam. As long as those campaigns provide positive return on their investment, they'll keep doing it.

And given the preponderance of young males that attend security conferences, I'll bet we see booth babes for a long time to come.

Mike Rothman is President of Securosis and author of The Pragmatic CSO Mike's bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike specializes in the sexy aspects of security, like protecting networks and endpoints, security management, and ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
BSintel
50%
50%
BSintel,
User Rank: Apprentice
2/25/2013 | 3:06:55 PM
re: You're A Piece Of Conference Meat
Isn't this a security forum?- Please provide more useful content in the future.
Perry..2
50%
50%
Perry..2,
User Rank: Apprentice
2/25/2013 | 4:09:09 PM
re: You're A Piece Of Conference Meat
Oh course this relates, have you never had to purchase a security solution in your job?
iNtHEmACHINE
50%
50%
iNtHEmACHINE,
User Rank: Apprentice
2/26/2013 | 7:10:34 PM
re: You're A Piece Of Conference Meat
Seriously off topic:
I would think the disintegrating inkless pens deserve more wrath than a poor booth babe.
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17300
PUBLISHED: 2018-09-21
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.
CVE-2018-17301
PUBLISHED: 2018-09-21
Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.
CVE-2018-17302
PUBLISHED: 2018-09-21
Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message.
CVE-2018-17292
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than...
CVE-2018-17293
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application c...