My Ramblings

My Ramblings

Let’s talk about… Talks

Details
Sean Kalinich
Hits: 21

Before we get into today’s conversation, I want to be very, very clear. What I am about to say does not apply to “all” talks, panels, key notes, etc. It does apply to a growing number of talks that are given at conventions, as part of webinar series, and especially some (important distinction here) vendor specific events. Ok, ok… I know you want to know what in the world I am talking about, so here it is. Talks, in general, are becoming little more than self-congratulatory statements. Many are becoming almost toxically positive like a self-improvement “you’ve got this” session instead of presenting anything of (relatively) real substance.

I personally noticed the change about 10 years ago when I was asked to make a paper I wrote (for a talk) more positive. I was a bit confused as the paper presented an issue in real world terms (with supporting data) and then discussed a real-world solution which was reachable and relatively easy to implement. I asked for guidance on making this “more positive” and was told to remove some of the comments on how the “issue” was being leveraged, why the issue even existed, and to focus more on how modern cybersecurity was ready and able to tackle the issue. I would love to say that I did not change anything, but that would not be honest. So, I removed some of the statements on who owned the problem and talked more about modern tooling etc. In hindsight, that was a mistake.

I started watching for signs of this type of tonal change in other talks in the industry and saw that there was a shift in a small percentage. It was less “we need to accept responsibility and do better” and more “the bad guys are bad, but we got this” This was one of those things where, once you see it, you can’t unsee it. I started to see this more and more, especially in Key Notes, and it was not just cybersecurity… I started to see this in other places. The real issue or problem was masked in a layer of positivity that was often not warranted or even real.

I want to pause here and remind everyone that this is not ALL talks, keynotes, presentations, panels, etc. Technical talks appear to have a high resistance to this, although I have seen some cracks around the edges. They tend to stick to the technical details of the issue and focus on mitigation or remediation. Where it stands out the most is in strategic talks, where the technical and logistical are glossed over in favor maintaining the story line.

Personally, I believe this is a marketing and PR (not all marketing and PR groups do this) led change that seeks to coddle the audience instead of treating them like adults and speaking to them openly and honestly. The harm caused by this comes when the strategically positive statements do not meet the harsh tactical and logistical realities. Organizations are impacted financially and in far too many cases layoffs and budget cuts happen (damn logistics). Now you have a company even more exposed and unable to tactically address the needs of the organization. In talking with convention attendees, I here “we do not have enough staff to complete projects that need to be done” over, and over, and over again. If projects are not getting done (projects is a generic term for updates to systems, infrastructure, etc.) the company is becoming more exposed to impact from not only cybersecurity attacks, but also to failures of equipment. Still looking at marketing there is a ton of “we got you” built into talks. (yes, I know talks are sales tools).

What proof do I have of this? Well let’s look at AI. For a while AI was the cure-all. It was going to fix everything. This was on the heels of certain types of AI (statistical math models) actually having a significant (and positive impact) on cybersecurity. The use AI as a catch all marketing term became even more common once the large language models came out. They were the next coming of sliced bread and people could not stop talking about them and how they were going to “fix” things. It got so bad that some companies even added in the number of Full Time Employees their AI product could replace. I saw this type of rhetoric at talks, panels, webinars, all over the place.

Starting this year, the talk around AI is very different and much more where it should be (AI as a tool for staff to use, not to replace staff). The language went from “We got you” to “treat the AI like the intern” In some cases, the damage has been done and money spent on products that cannot do the work in the manner it was claimed. The industry learned a bit of a lesson there, but not entirely as the toxic positivity is still present in talks, on LinkedIN, etc.

To the industry, I say take a page from the technical talks here. Focus on the Problem, identify a way to remediate or mitigate the problem with your product, but do it in an open and honest fashion. Talk about ownership, talk about how the problem was allowed to start and continue. Talk to your audience like reasoning adults and let them absorb the information to make well informed decisions (and not just spreadsheet-based ones). I know this is possible, and I also know that if done it has a more positive effect than what a toxically positive talk.

Final reminder that this is not ALL talks, panels, webinars, etc. It is a subset of them, although the set is growing.

Anyway, Soapbox put away... for now.

No comments

Leave your comment

In reply to Some User

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin