Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

My 2013 RSA Conference Keynote the Jimmy Kimmel Influence

A few months ago, I was asked to present a keynote at RSAConference 2013. This was a rather intimidating request given I was in a lineup that included Vint Cerf, Dr. Condoleeza Rice, Jimmy Wales and Andy Ellis.

For those who were not in San Francisco last week, thisisn't a small conference. There were an estimated 22,000 people at this year'sconference and the room the where the keynotes were held could have up to 5,700people seated.

I have attended 100s of security conferences around the world. While I have seensome very insightful and interesting, the common opinion by many con-goers isthat the keynotes are sometimes not all that enjoyable to watch. They are typicallynot technical at all and are usually a 30-40 minute monologue around a single abstract point or idea.

I very much wanted to present a talk that I would enjoysitting and watching for 30 minutes. So I did my best to make that happen.

Back in December, I was traveling on business and after gettingto my hotel rather late I turned on the television. I happened to flip to alocal ABC channel and Jimmy Kimmel Live was on. I watched the first 20 minutesor so and realized that the format used on late night shows might be theperfect way to give a keynote at RSA.

When you watch a late night show, they almost always followthis format at the start of the program:

  • A monologue
  • Some sort of show and tell
  • A special guest with a Q&A

I decided to organize my keynote in the very same way:

  • A monologue on cybercrime from Victims toAttacks and closing on the Process used by criminal organizations.
  • A live demo of a web-based attack showing bothIE and Java exploits
  • A special from the United States Secret Serviceand questions crowd sourced from Twitter.

If I would have had more than 40 minutes rather than 30, I actually thought of asking DualCore to perform as the musical guest.

Having given a TEDx talk a few months ago, I had learnedfrom that experience that less is typically more keynote or short formatpresentation. I didn't want to use dozens of slides having bullet builds and text.Instead, I started by story boarding my talk and then worked with a graphicdesigner to create a presentation based in Keynote that had very visualauto-building slides and even video segments when the animations were a littlemore complicated than Keynote could handled. Most of what you see on the screen, didn't involve me clicking a button to advance things, they did so on their own while I was speaking.

I have also learned that using speakers notes can be a bitof a crutch when speaking publicly. For some this may be scary, but once Ijumped into this way of presenting it is hard to go back. I feel like I am ableto be more visual in my explanations, I don't just focus on exactly what wasplanned for the talk and I am able better read and connect with the audience.

If you are an experienced presenter in the security industry, take a leap of faith and try this way of presenting. You audience will thank you, and you'll have a great experience.