Securitymetrics.org was started by a group of obsessive security and risk professionals way back in the dark ages of security — the early 2000s. The first gathering of “security quants” was held in September 2006, with eight more conferences following, plus 6 mini-conferences. As Metricon celebrates its tenth conference, it is worth reflecting on a body of practice that is now well over ten years old.
Metricon X will be held in March 2019. It will ask and answer the following questions:
- Plus ça change… Twelve years older, are we any wiser as a community?
- Influence and persuasion. What works? How do we communicate risk-through-numbers to the business?
- Battle scars. What lessons have we learned the hard way? What did you wish you had absorbed sooner?
- Hopes and dreams. Ten years from now, what would success look like?
We welcome submissions on security metrics success stories; lessons learned; practical examples that work; and progress on challenging problems that remain to be solved.
Call for Participation
For the first time ever, Metricon X will be a 2-day event. It will be on March 21st and 22nd at Stevens Institute of Technology in Hoboken, New Jersey.
Capacity is limited. If you would like to attend, send an e-mail to metriconx at securitymetrics dot org. In the email, please provide a short summary of your experience with security metrics, and areas of interest.
If you have a formal submission or specific concept you would like to see included in the agenda, please attach it to your email.
All participants are expected to “come with findings” and be willing to contribute to group discussions. Politeness will be praised; questions, encouraged; levity, welcomed; and lurkers, flushed out.
- September 27, 2018. Call for Papers opens
- December 20, 2018. Deadine for submissions
- January 15, 2019. Speakers and agenda announcement
- March 21 and 22, 2019. Metricon X convenes
- Jennifer Bayuk
- Dan Geer
- Alex Hutton
- Jay Jacobs
- Andy Jaquith (event chair)
- Mukul Pareek
- Walt Williams
The proceedings of all past meetings are available on the securitymetrics.org website.