For example, his proposal for a two-day course was accepted by AppSec DC, but it had to be canceled when only two people registered for it. "It stings to have invested time into getting that proposal written up... and then simply not get the sign-ups needed to support the course."

How to get your talk accepted

So what's a frustrated speaker to do? Joshua Corman, research director of enterprise security at The 451 Group, has learned to live by the following guidelines:

"1.) Appropriate expectations: Depending on the show, one in XXXX get picked. I've found that with RSA, one of three or four of my submissions get picked.

2.) Write it yourself: Don't let it sound like it came from a PR-marketing team. In fact, RSA is particularly good at (and brags about this) sniffing out real submissions from marketing ones.