Yes you can! Submitting an InfoSec CFP

We all needed this page at one point. Or more. I know I did and thank you to the people in our community who had stuff like this for me to find. I’m adding recent updates from great community members. My turn to pay it forward 😊

“Do that thing which scares you”

Why talk? Why not just write or post? Well, a talk is more than just words on a screen. We get to see and hear your passion, which elevates your concept to another level. And we get to see – you! In a community of introverts, facetime is powerful. We love to learn by watching videos of talks given. Like yours. The other plus is that you get to attend a Con, which if you have read any of my posts, is both incentive and reward.

I know. It seems so difficult. Feels so scary. But the best advice I can give you as you start out is this:  give a talk. You may be able to start small, with a local meetup group. Someplace you feel comfortable, where you can talk for 20 minutes or more, on something you are excited to share and would love to explain. Okay. Pep talk over. You are good enough, smart enough and one of us. We want to hear what you have to say and we are willing to help you do it. Go for it!

Timing is Everything

There are many CFP or Call for Presentations opportunities throughout the year, although most are familiar with the flurry of activity around March/April for Black Hat/Defcon/BSidesLV/Diana Initiative.  Deadlines can be 5 months or more before the Conference takes place meaning deadlines and due dates need to be tracked. Get out your wall calendar and start marking it up now. Don’t let this opportunity pass you by.

Where to Start

Where to even begin? Here. So relax and just start by reading to see what it is all about. There are people to reach out to in our community if you want to do this, including me.

Watch the videos of past presenters from where you want to speak. Or those who talk about what you want to talk about. Know what has already been covered so you can bring something new. Or get a sense of what is trending. Plus, you can see how people deliver a talk. How slidedecks are put together. What humour works. You’ll find good stuff here. And there are so many talks to find on YouTube.

Is this your first time? Don’t be shy. We all had a first talk. BSidesLV offers Proving Ground, a fantastic program at the start of their CFP phase to invite new speakers and pair them with a mentor. I know. That is how I started and it was amazing. Even better are the relationships you build here which carry forward, along with the learning. Because InfoSec is a community and our strength is in our people. Take a look here:

The Diana Initiative offered mentoring for CFP submitters this year after first round selections. I was one of the mentors, and all three of my mentees actively worked with me, revised their original submissions and were accepted. Way to go!! Your idea is a diamond in the rough – mentoring helps give it that polish to shine in all its glory.

How To List

I am basing this on a terrific resource made available to our Diana speakers this year by Circuit Swan, who is actively involved in a number of events and has critically evaluated many submissions.

  • Titles matter. Avoid buzzwords, keep it short, test it out on folks. You need to make sure it says what your talk is about.
  • Abstracts market your piece. This is the short and interesting blurb we all want to read in con schedules and programs to decide what we cannot miss. You need to catch people’s attention to get them as attendees. Your abstract should clearly state
    • what you are talking about
    • why you are giving this talk
    • who your target audience is
    • what takeways attendees will leave with (yes, candy can be included here)
  • Outlines are everything. This must be so much more than just bullet points and random cliches thrown together. This is where you demonstrate not only your subject matter knowledge, but your commitment to deliver something worthy of your audience’s time and attention.
    • Walk the reviewers through your topic from beginning to end in an orderly fashion.
    • Start with an Intro, then work your way through each section of your talk with main points, examples, demos, and takeaways or learning points for attendees.
    • Don’t forget your conclusion and Q&A portion.
    • Then, ADD in how much time you estimate each main section will take. Intros should be short, with one slide about you that will not take more than a minute at most to present.
    • Go back and re-read the submission requirements to make sure you followed the rules. Blind submissions do not want you to reveal yourself so leave your name, workplace, online persona and any identifying details out unless explicitly asked for.
    • Take care. Go over everything and check spelling, formatting, any acronyms that are not spelled out in full.

Want to see a good example to work from? Check out this sample submission from ShmooCon.

Great Online Resources

Kat Sweet has both given talks and evaluated them. Trust her. She is friendly, so smart, and very good at talks. Great starting place.

Hacks4Pancakes is a wonderful resource for our community. Her guidance is true, and if you don’t know her blog, then let’s correct that right now. She has given and evaluated talks, and shares the wisdom of her experience at

Daniel Miessler recommends what you need to know about putting together a good talk. It starts with an idea that develops far beyond words on a page. You want to make sure you know about format, deadlines, requirements etc.

Nikita weighs in on Defcon hopefuls. Now you are ready to hear the hard truth. Let’s make that paper stand out in a sea of submissions. You can be among the chosen, but only if you make your talk worthy.

“New Year wish list of an Infosec Conference Content Reviewer” Kymberlee Price 2017. Kymberlee has reviewed submissions for KasperskySAS and is on the content review board for Black Hat, among others. This is her wishlist as a reviewer, and very helpful.

2016/03/30/ How to get your talk accepted at Black Hat.  Why not aim high? Here are some suggestions to help you get noticed from one of the top-tier conferences, and Stefano Zanero, attendee and reviewer.