You know the saying: Bigger isn’t necessarily better. When it comes to conferences, however, knowing your audience’s interests and preferences is key to putting on a great event. Audience inclinations can also indicate subtle shifts in the market that haven’t yet fully emerged, or they can highlight the fact that there are some legacy issues we still haven’t mastered.

The focus and challenges in infosec change rapidly due to many factors: a big breach followed by subsequent media outcry, a recently launched product, a merger or acquisition, new regulations or guidance, and much more.

At least as far as what attracted the attention of attendees at InfoSec World 2016, the following were the best-attended talks (listed based on time slot, not highest to lowest).

  • Compromise Analysis – Why We’re Seeing So Many Breaches – David Kennedy  
  • The Five Best Open Source Web Testing Tools You’ve Never Heard Of and How to Use Them – Mike Landeck 
  • A Model for Implementing Cloud Security –  Edward Haletky
  • The Psychology of Risk – Miles Edmundson
  • From Chaos to Control: Managing Privileged Accounts – Angela Carfrae
  • Adopting the NIST Cyber Security Framework — a Case Study –  Ilene Klein 
  • Taking the Pulse of Security –  Marcin Kleczynski
  • The 4 C's of Information Governance –  Christine Vanderpool & Emily Bone
  • Network Security Workout: All Your Defenses Should Be Active –  Paul Asadoorian
  • Darwinism via Forensics – Bill Dean
  • The Secretive Zero-Day Exploit Market – Adriel Desautels
  • Windows Servers and Active Directory Security Baselining and Monitoring –  Derek Melber

Most popular roundtable (seats were intentionally limited):

  • Metrics That Mean Something (aside from pretty graphs) –Kristy Westphal

Some very technical talks are represented on this list, but many of these top talks focused on how infosec professionals can better understand their threat environment. If size means anything, InfoSec World 2016 attendees also still want to receive guidance on building better frameworks and running smoother operations to manage the myriad challenges faced every day. So while technical acumen remains important, the ability to manage and measure from the ground up is top of mind.