Tuesday, March 25, 2008
User Groups and Marketing
Many of the OWASP chapter leads have done great work in tracking down great speakers for their user groups, but haven't paid attention to important aspects of marketing...
As a chapter lead, it occurred to me that going forward, I need to be more selective in the speakers I bring in for my local user group. Originally, I was focused on tracking down lots of industry analysts as they tend to be very influential, but I wasn't paying attention to the marketing aspects.
Industry analysts are well known but otherwise do little to actually draw a crowd which requires having a large distribution list in which to send invites. Many analyst firms encourage their employees to participate in community activities but likewise don't market that they are actually participating.
One could also conclude that inviting in employees of small software vendors and consulting firms may also have the same effect in that they bring in lots of knowledge but otherwise can't help in a big way towards filling seats. Software vendors are especially problematic in that they protect their client lists and usually will instead prefer to lurk.
My latest conclusion says that I need to focus solely on large software companies who not only have great speakers but also market the fact that their employees will be speaking at certain venues. Microsoft is the best example in that they frequently market the fact that their employees speak in community settings and will use their own distribution lists to mention the events they will be at. Microsoft, unlike small vendors isn't afraid of having their customers stolen by competitors and therefore will participate more deeply and be less likely to lurk.
Of course there are always exceptions to the rule, but I currently don't know of any. If you happen to know of consulting firms and software vendors who do market their participation in user groups that are focused on software security, I would love to hear from them. Of special interest are those who focus on static analysis, requirements gathering, penetration testing or of other topics of interest to software developers and architects, please do not hesitate to leave a comment.
| | View blog reactionsAs a chapter lead, it occurred to me that going forward, I need to be more selective in the speakers I bring in for my local user group. Originally, I was focused on tracking down lots of industry analysts as they tend to be very influential, but I wasn't paying attention to the marketing aspects.
Industry analysts are well known but otherwise do little to actually draw a crowd which requires having a large distribution list in which to send invites. Many analyst firms encourage their employees to participate in community activities but likewise don't market that they are actually participating.
One could also conclude that inviting in employees of small software vendors and consulting firms may also have the same effect in that they bring in lots of knowledge but otherwise can't help in a big way towards filling seats. Software vendors are especially problematic in that they protect their client lists and usually will instead prefer to lurk.
My latest conclusion says that I need to focus solely on large software companies who not only have great speakers but also market the fact that their employees will be speaking at certain venues. Microsoft is the best example in that they frequently market the fact that their employees speak in community settings and will use their own distribution lists to mention the events they will be at. Microsoft, unlike small vendors isn't afraid of having their customers stolen by competitors and therefore will participate more deeply and be less likely to lurk.
Of course there are always exceptions to the rule, but I currently don't know of any. If you happen to know of consulting firms and software vendors who do market their participation in user groups that are focused on software security, I would love to hear from them. Of special interest are those who focus on static analysis, requirements gathering, penetration testing or of other topics of interest to software developers and architects, please do not hesitate to leave a comment.