Meanwhile, there are occasionally signs that the effort is paying off. Security hasn’t been too bad but it’s had its #MeToo moments and the conferences used to have “booth babes” and a lot of “locker room talk.”
Back in 2013 I came back from RSA conference in San Francisco, and complained about the bad marketing: booth babes and some ultra-nationalism. I think my complaints hit the right spot because I framed them as “this is bad marketing” and avoided the moral argument. I wrote: [ranum]
the only customers that will be impressed by anyone’s ability to hire pretty models to work their booth aren’t going to be the ones signing the big purchase orders. And, it’s possible that they’re thinking your sales team are going to be a bunch of testosterone-laden assholes who’d be better off selling used tires. If some company wants to appeal to the consumer that’s going to jump at the T&A maybe they should relocate up the street to O’Farrell where they can include a happy ending with their product demo.
Generally, people agreed with me, and several chief security officers of companies told me that they had forwarded links to my article to the sales managers of some of the more egregiously bad marketers. We got a little band-wagon rolling and since 2013 (I have not attended RSA since 2013) the number of booth babes has dropped to near zero.
There were also some disappointing displays of ultra-nationalism: one company had a “how will you keep Chinese hackers out?” ad that managed to stereotype both Chinese people and hackers, and imply that cyberattacks are Chinese national policy (it is also American national policy). I know several people who wrote letters to the CEO of that company, and I believe that marketing message hasn’t been tried since.
Then, in 2014, there was an incident of sexual assault at a computer security conference. Stop me if you’ve heard this before: there was some drinking and “let’s go back to the room and hang out” and someone got grabby, then got rough, then got a ceramic mug broken on his face. Accusations were exchanged, nothing was done, and the woman was demonized for over-reacting. I started insisting that any conference that invited me as a speaker needed to have a posted anti-harassment policy, or I would not accept the invitation. [ranum]
Yesterday at ISSA, I was very happy when the conference organizer started the event off with these slides:
I particularly liked the message: “do not sell your soul.”
1 step forward, 1.012 steps back. At least there are some little parts of civilization that are moving in the right direction.
Sunday I am spending most of the day on airplanes and driving, so I probably will not post anything.