Tips for Building CFP Responses
So you want to present at the 2015 NSF Cybersecurity Summit…
Welcome! The Summit organizers wish to encourage and support participation from throughout the wider NSF community. To further that mission, we’ve provided some information (below) to aid in the preparation of CFP responses. Please don’t hesitate to direct questions to CFP@trustedci.org.
What to Present
This year’s theme is “Understanding Information Assets That Enable Science.” This is a subject that pervades much of what we do in cybersecurity, and the organizers especially appreciate proposals that drive this home, however, not every presentation, training session, or activity has to be centered around just that topic. Please submit any idea that you think may be relevant to our audience. If you would like to present, but aren’t sure of what topic to choose, consider the following suggestions:
Lessons Learned: Get beyond the brag session. Tell the audience about something that DIDN’T go well for your project’s cybersecurity efforts and how you overcame it. Even if you haven’t overcome it yet, share the questions you are struggling with and open things up to the audience for Q&A or brainstorming. Too often, those doing cybersecurity in our community only see the big successes that others do press releases about, but there is even more to learn about the things that don’t work.
Tools: Have you discovered a new or unusual tool or technique that enables you in cybersecurity work? Do a “getting started” tutorial to help others learn about it so that they can implement it for themselves.
Enabling Cybersecurity Professional Development: What do you do to find, train, and retain good people? How do you enable them to keep their skills fresh and growing?
It would be great to get a session on approaches to building the cybersecurity workforce available to the science community.
The following ideas might help you build a presentation idea around this year’s theme, or work the theme into your presentation’s topic:
What are your most valuable and/or sensitive assets?
What assets have you had the most trouble protecting?
Where have you found the best resources? For commodity technologies? For your special equipment?
Have you gone through a process of formally identifying your information assets for security purposes? What does the documentation look like? What challenges have you faced (e.g., in getting an accurate network map)?
Are there any assets that you identified that surprised you…. that you didn’t think of as information assets at first glance?
How do you assign responsibility for / stewardship of specific information assets (or sets of assets that serve a process) within your organization? When if ever does security have direct accountability for the security of these assets?
How to Build a CFP Response
The proposal you submit will be used in two ways: to tell the organizers about what you plan to present, and to be included in the summit findings as a sort of after-action report. It should include:
An executive summary (short description of the topic and content).
Who the presenter(s) is/are.
Either a whitepaper discussion of the topic, or a narrative you’d like to share with the community. (For activities that are not trainings or plenary sessions, this may be replaced with a description of the planned activity, any space or equipment needs, and the activity’s intended audience.)
Contact information (preferably email) for the presenter(s) in case the organizers have any questions. This can be in a separate note in the email body instead of the proposal itself if presenter(s) don’t wish it to be published.
Expected length of the session/training/activity. Generally, trainings are either full- or half-day and plenary sessions are about 50 minutes, but if a good idea takes more time than that, we will work with presenters to make it happen.
Any relevant references (e.g. link to the home page for the project the talk is about, or recommendations for further reading).
Our community has expressed in the past that many find it helpful if they can download a copy of a presentation’s slides. If you are willing to publish your slides, please email a copy (or a link to where you prefer to host slides) to CFP@trustedci.org.
The easiest way to get help/feedback from the organizing committee prior to submitting your final proposal is to create a Google Doc containing your proposal and sending an edit link to CFP@trustedci.org. Don’t share directly with that address, as the link will be passed on to a reviewer who will have their own google account.
Tips for Presenting
There are many different presentation formats that can work well, depending on the topic. Consider the following:
- Lecture format : The presenter(s) talk to the audience and show slides to support their dialogue, then do a short Q&A time at the end of the presentation.
- Panel format: 3-5 persons answer questions offered by a moderator on a specific topic or set of topics, then do a short Q&A with the audience. This tends to work out best when the panel contains people with very different backgrounds or viewpoints, and the moderator is good at keeping folks to the topic and time constraints.
- Open Forum format: 2-3 persons answer questions offered by the audience. Works best if there is an extra person gathering questions and presenting them, and if the speakers can keep things succinct so that the presentation keeps moving and many questions get answered.
- Hands-on format: The presenter(s) walk the audience through a demo or tutorial as the audience follows along on their computers (or on paper, if the topic supports it). If you are doing a training that will have many hands-on activities, consider having more than one presenter, or a presenter plus a helper or two who can go around the room and help participants who get stuck, allowing the group as a whole to move on.
Whatever format you choose, be sure to engage your audience by making eye contact (with them, not with the slide screen!), showing interest in what you are saying, and not rushing. Most speakers appear most smooth and practiced when following a general outline they’ve practiced once or twice, rather than trying to read a prepared script verbatim.