ChrisG sums up the reasons to attend SecCons very well, but I'm not sure about the direction Don's piece takes.
I enjoy reading Don’s articles; the piece is very practically focused, but doesn’t place much faith for either the attendee or their boss.
Having the return of investment in immediate terms from a security conference is a great management deliverable.
In English: Your boss sends you to the course, losing you for that amount of time plus spending a big wad of money on the entrance fee. He expects back something useful which makes his life easier in someway.
It's fun and challenging pushing myself by learning different topics and areas, but if I want to go other conference, they have to be of value to me and my employer.
If you are lucky enough to get sent to get to pick the conferences, would you waste it on fields that have only a slight bearing on your interests?
My question is how could you explain that going to talk Oracle programming issues if you’re a Windows Systems Admin working a pure Ms environment and no Oracle systems in sight?
I like the idea that some security cons should be more hands on but a lot of that level of training is now on line or for the same money as some of the cons, I can go to actual training. Training which would be directly relevant to that skill requirement.
If security conferences are the new company funded junket, then I'd like to work for one of those companies with the money to burn! :-)