I’ve just spent the last few minutes trying to think of the right one-word description of my impression of the Gartner Information Security Summit(or at least so far). And that word is “vanilla”. Not “vanilla” in abad way, but “vanilla” as in delicious and satisfying, yet without anysprinkles on top. I came to this Gartner event expecting chocolatechip cookie dough, but I like vanilla too.
Everything at this conference has been about practical advice – since Gartner’sobjective is to provide information and advice to their customers,they’ve been very successful. What I’m missing is a little pizazz: Iwant someone to go crazy and tell me that cloud computing is all hype, or that HIPAA is garbage, or that encryption is overrated. Even the keynote entitled “The Inheritence: Challenges to the New Administration in CyberSpace” by David Sangerdidn’t zing me (and with tantalizing words like “Challenges”, “NewAdministration”, and “CyberSpace” I was really expecting some zing).
So here’s the deal: if you want practical advice to help you performyour job or to make more convincing business cases for informationsecurity, come to the Gartner show; otherwise, if you want some wildideas or envelope-pushing, look elsewhere. Interestingly enough,there are a lot of C-level types at this show, so next time you get anintimate moment with your CISO (which may be never), ask them whattheir favourite ice cream flavour is – I bet they will say vanilla.
By the way, the last session of the conference is called “Worst BestPractices and Useless Useful Technologies Unmasked”. The session isdescribed as “just-for-fun”, which sounds entirely un-vanilla to me; Ican’t imagine what the analysts could possibly have to say.
Dave Morgan, Director of Privacy Research at Camouflage Software Inc.
Guest blogger for ComputerWorld Canada at Gartner Information Security Summit 2009
Regular blogger for Cogitatio Privatim by Camouflage