Tools and Applications

4 Tips to Get a Conference “Call for Papers” Submission Accepted

If you’ve done unique research in information security, work that others would be interested in learning, the conference circuit provides an amazing opportunity to travel the world (for free!), advance your career, and share it with others. All you have to do is respond to one of the literally hundreds of Call For Papers (CFPs) that conference organizers publish each year and get selected to present. It sounds simple, but the process can be a bit intimidating, especially those who are new to the industry. Since 2001, I’ve given precisely 266 public presentations across 5 continents. During that time I’ve responded to a great number of CFPs and while it doesn’t happen so often anymore, I have had many presentations rejected just like everyone else, each of which were taken as learning experience. I’ve also served on the speaker review board for HiTB and now Black Hat. In effort to help others, I’d like to offer a few tips for would-be presenters on how they can increase their chances of getting selected. But this ONLY works if you are willing to invest the energy to research something important, something cool that people should know. That part is all on you. Because I was willing, I’ve gotten to hang out with Jeff Moss at an 80s nightclub in Singapore and been ferried around in a limousine bus with 30 other hackers, gone on all night drinking marathons with David Litchfield in Amsterdam and navigated through the nightlife scene by street beggars, gone on safari and had a lion incident with the Sensepost crew in South Africa, 4×4 dune bashing in Dubai, chilled with Mozilla at a late night Cookies & Milk Pajama Party in a private Las Vegas suite, done BJJ battle with Chris Hoff in San Francisco, and the list goes on. If you are so inclined, there is absolutely no reason why you can’t as well. 1) The BIO — differentiate and build credibility Every CFP requires a personal biography (a bio), a text snippet that describes yourself. A bio also presents a key opportunity to differentiate yourself from the other highly qualified presenters who are competing for speaking slots.  In no more than 5-6 concise sentences, a bio must convincingly explain why you are an authority on your subject matter and why people should listen to what you have to say. A bio can be authored in different styles. For my bio, I choose to go with simple and professional, describing relevant experience, and an original feel. 2) Title & Abstract — Get to the point! A conference is a business just like in any other and has a product to sell. That product is YOU! You and your presentation are the reason why people take the time to attend — well that and the parties and free schwag. Your presentations titles and abstracts must clearly describe to the organizers what it is that you are sharing, why attendees will care, why the content is fresh and different, and why they should see it presented live versus simply waiting for the slides to appear later on some archive. These are the things speaker review boards want to know to make a decision, and the easier you make it on them, the better your odds. The idea of mistakenly passing on a good talk sucks, but reviewers may need to read through dozens, or maybe hundreds, of submissions. So if your abstract gets these points across in 7 – 10 seconds of reading, that’s ideal. Check out the the Black Hat conference archives for really good examples. Locate the ones that are most compelling to you and use them as inspiration. Bonus Points: if your presentation will draw media attention to the conference, makes a new tool available, or offers scary onstage hacking demonstrations. Negative Points: if your presentation is a thinly veiled or overt sales pitch. Some presenters will bait and switch, but this will only negatively impact your reputation. 3) Submit early, submit often Conference organizers like get their speaker lineup formalized and posted as early as possible so they can so they can begin marketing promotions. Also, infosec speakers are notorious for playing chicken with CFP deadlines. This is horribly frustrating for speaker selection committees.  If you are well prepared with your material ahead of time, as you should be, prospective speakers who submit earlier stand a higher chance of getting selected because there is less competition. Another benefit is that if you get rejected, it’ll be earlier in the CFP process, allowing you to take a second bite at the apple. 4) Follow-up and be responsive Conference organizers like to tap speakers who they are familiar with and have had a good prior experience. Known speakers, of course, have an easier time getting a speaking slot than a new and unknown person. If you are rather “new and unknown,” this doesn’t mean conference organizers won’t take a chance on you, but it’s in your best interest to personally followup with a phone call or email to build a relationship. The conference organizer might then give your presentation a closer look. Above all though, be responsive to communication. Few things are more frustrating than having to chase down speakers. If you are a conference organizer, what other tips do you have? … now if we could just get the average infosec speaker to get some media training. 🙂

  • Josh Sokol

    Nice post. One other thing that I guess goes under #1 or #4 depending how you look at it is that if you don’t have a name for yourself you can always offer yourself up as a research assistant for someone who does. The opportunity to work alongside and learn from Robert for our Blackhat talk last year was priceless and it encouraged me to try my own research project for this years conference. Speaking of which, did you happen to review my “How to Hide Your Porn” talk? I believe that title qualifies under your #2 above. I hope to see you again in Vegas.


    • Jeremiah Grossman

      Thanks @Josh. You know that’s a really good tip, completely forgot about that one. I’ve done that for a couple of my guys at WhiteHat as well. Sometime really good presenter/researchers just need small helping hand to take it the rest of the way.

  • securityninja

    One thing I found useful was getting feedback from people who aren’t infosec people on my talk title and abstract. I always send my abstracts to our marketing team (they know how to get peoples attention after all!) and our developers (because they are my target audience most of the time). I ask them to be honest, if they saw the talk title on a conference schedule would it get their attention? If they read my abstract do they understand what the talk is going to be about and does it look interesting? And lastly, forget about me being a colleague for a second – would you actually go to that talk?

    On top of that don’t be afraid to approach people who have been speaking at conferences for a long time and ask for feedback. I know I’ve done this in the past and found it very useful.

    ps – last thing, you will eventually be rejected by a conference. Don’t get all stroppy about it, everyone gets rejected at some point!

    • Jeremiah Grossman

      @securityninja excellent advice. if you have a marketing team and trusted peers that can review your submission, by all means ask! I’ve reviewed many submissions myself, I like to think it helped. 🙂

  • sid

    Hi Jeremiah,

    I am not a seasoned speaker, but have been speaking at Blackhat for 2 years now. If someone submitting a talk is as serious as submitting a teaser video of the talk may be with some nice shells dropping into his tool, does CFP committee bother to click the video link? Does that help! Making a video teaser is a bit too much of an effort for someone like me but may not be so for first time speakers….

  • Pingback: How to Get Accepted at Blackhat | WhiteHat Security Blog()

  • Jody Urquhart

    When I fill out call for speakers, I usually find the most successful ones are unique with a catch title. The title has to speak to the content I’m speaking about though.. Great insights thank you!

  • マダラ

    The paper that we present in the Conference, does it needs to be published in some good journal before?
    I’m confused.. do Call for paper conferences takes unpublished paper or already published ones? Please clarify asap. Thank You.

  • Oliver

    Thank you very much for this open and informative post. Using your advice and a couple of iterations on my own texts, I have today submitted my very first session proposal to a conference. Thank you!