By: Ava Morgen
In the predawn hours, Aaron Crow stands at the edge of a shooting range, his silhouette barely visible against the Texas horizon. It’s 5:30 am, and he’s already reviewing safety protocols for the day’s event. Neal Conlon arrives moments later, coffee in hand, to finalize details before dozens of the country’s premier cybersecurity professionals converge on this unlikely meeting ground.
“People think we’re crazy until they experience it,” Conlon says with a hint of mischief in his voice. “Then they realize we’ve built something the industry has long needed.”
Welcome to the Lone Star Cyber Shootout, where gunpowder and network protocols make strange but potentially effective bedfellows. After two years of steady growth in Texas, this unorthodox cybersecurity event is making its westward expansion, landing in Las Vegas during the Black Hat/DEFCON conferences that annually transform Sin City into the epicenter of the digital security universe. The upcoming August 8th, 2025, event at Staccato Vegas represents a notable and forward-looking new chapter in their vision.
The Emperor Has No Clothes
For decades, the cybersecurity conference circuit has operated on an unspoken bargain that everyone pretends not to notice: vendors secure prime booth real estate and provide free alcohol while buyers feign interest in solutions they’ll likely never implement. Everyone performs their assigned role in this elaborate charade. Business cards trade hands. Email lists bloat. Calendar invites proliferate. And the actual security problems? They often remain largely unsolved.
“It’s like we’ve collectively agreed to ignore the elephant in the room,” Crow tells me, squinting down the barrel of his firearm at Staccato Vegas, the advanced shooting facility hosting their August 8th, 2025, expansion event. Thirty-five minutes from the Vegas strip, it feels worlds away from the fluorescent convention halls where security professionals typically gather.
“I’ve observed CISOs commit to product evaluations knowing full well their teams lack bandwidth to complete them. I’ve seen vendors invest $250,000 on booths where staff spend more time checking their phones than making meaningful connections. Then everyone acts surprised when the trust gap in cybersecurity seems to keep widening.”
Conlon, whose intensity seems perpetually simmering just below the surface, interjects: “The insanity is doing this year after year and expecting different results. How many t-shirts and stress balls does one person really need?”
Their solution wasn’t particularly complex, but in an industry awash with free everything, it was noteworthy: require everyone to pay to attend. No complimentary passes. No artificial hierarchies separating vendors from buyers. No random networking, hoping something sticks.
“When there’s skin in the game, the posturing tends to evaporate,” explains Conlon, whose 20 years in multi-disciplinary business modeling inform his approach. “I’ve seen competitors who’ve been battling for years finally admit they’re both struggling with the same implementation challenges. That rarely happens on a convention floor.”
The pair first crossed paths at Black Hat three years ago. Crow, with his 25 years in cybersecurity and infrastructure, had grown increasingly frustrated watching talented security teams burn out chasing false leads generated at conferences. Conlon had data from his time as a sales leader showing that their great deals came through authentic relationships, not booth visits. They recognized in each other kindred spirits determined to fix what nobody else seemed willing to acknowledge was broken.
The Sanctuary of Controlled Chaos
“EQ plus IQ plus SA equals safety.”
Crow recites this equation while leading me through a facility that could double as a movie set. Unlike the predictable environments of hotel ballrooms, Staccato Vegas offers helicopters, vehicles in motion, advanced shooting ranges, and problem-solving scenarios designed to create controlled stress.
“Most security professionals spend their careers preparing for worst-case scenarios they hope never happen,” Conlon explains. “Yet traditional conferences only exercise the intellectual component—the IQ part of our equation. They tend to overlook emotional intelligence and situational awareness—the very skills that can often determine whether teams succeed or fail during actual security incidents.”
I watch as he reviews their meticulous pre-event matching process for the 2025 Vegas expansion. Each participant completes detailed surveys about current challenges, whom they need to meet, and what success would look like. These aren’t casual questionnaires; they’re probing examinations of genuine business needs.
“We’re creating a laboratory for authentic connection,” Crow says. “Most conference organizers don’t want to admit this, but the random collision model is generally inefficient. We’re surgically precise about who needs to meet whom and why.”
This approach makes perfect sense when viewed through the lens of how real security breaches unfold. When ransomware strikes at 2 AM, success doesn’t hinge solely on technical knowledge—it requires teams who communicate effectively under pressure and maintain awareness as threats evolve.
“Shooting is just the catalyst,” continues Conlon. “When you’re learning something challenging together, something that requires absolute presence, the masks come off. The CISO who’d never admit vulnerability on a panel discussion suddenly shares their genuine concerns about cloud migration. The vendor who’s programmed to pitch features begins asking authentic questions about implementation challenges.”
I witness this transformation firsthand as participants arrive. Within an hour, titles and company affiliations fade into the background. What emerges instead are human beings united by common challenges, learning to trust each other in an environment that demands both vulnerability and strength.
The Reckoning: Measuring What Matters
“Security has fundamentally changed,” Conlon insists as we break for lunch. “It’s no longer built on fear of ‘bad guys lurking in the shadows.’ It’s about enabling organizations to make intelligent risk decisions so they can move at the speed business demands. But that requires radical clarity.”
His “clarity is kindness” philosophy permeates everything about these events, from the structured introductions to the methodical debriefs. Nothing is left to chance, yet paradoxically, this careful orchestration creates space for the unplanned moments when genuine relationships form.
Conlon leans in, repeating what I’m told is his event mantra: “All business is done at the speed of trust—even more so in cybersecurity. Most cyber folks are hired for their technical capabilities, and we see the need to support and help others build better and stronger relationships.”
This insight cuts to the heart of an industry-wide blind spot. Technical brilliance, while necessary, isn’t sufficient in a field where collaboration often determines success. The most sophisticated security architecture can be undermined by teams that don’t communicate effectively or leaders who can’t build consensus during crises.
Unlike traditional conferences that measure success through attendee counts or lead generation, the Shootout tracks outcomes that appear to matter: deals closed, problems solved, careers advanced.
Take Chris, laid off during tech’s recent contraction, who met his future employer at January’s event. “He wasn’t looking for handouts,” says Crow. “He was looking for the right fit. Within two weeks, he had a new role that actually valued his capabilities.”
Or consider the vendor who gained the missing insight needed to help law enforcement secure a warrant against a sophisticated threat actor—intelligence shared during a casual conversation that would likely never have occurred in a structured demo environment.
Perhaps most telling is their 35% return rate—noteworthy in an industry where conference fatigue has reached epidemic proportions.
“We’re creating something that transcends networking,” Crow says. “We’re building a community of practice—people committed to solving security challenges together rather than just talking about them.”
Photo Courtesy: Pat Sauer
The Revolution Will Not Be Livestreamed
As Black Hat and DEFCON vendors frantically prepare for the 2025 conference season, the Lone Star Cyber Shootout’s Las Vegas debut on August 8th, 2025, represents a counterpoint to the conventional wisdom about how security professionals should connect.
“Texas is becoming the epicenter of a cyber revolution,” Conlon says with confidence. “The talent migration is real. The capital is flowing. The innovation is happening here. We’re planning a major event in Austin next year around SXSW because the industry needs to acknowledge this shift.”
Their vision extends beyond geographical considerations, however. It’s about fundamentally reimagining how security professionals build the relationships necessary to defend increasingly complex environments.
“The threats we face don’t respect organizational boundaries,” Crow notes. “So why do we keep acting like security is something that can be solved in silos?”
As the afternoon shooting session concludes, I observe something remarkable. Participants who arrived as strangers are now exchanging contact information with genuine enthusiasm. There’s none of the obligatory card exchange that characterizes typical networking—just authentic connections between professionals who’ve discovered shared challenges.
“This was never about shooting guns,” Conlon admits as we pack up. “It was about creating an environment where people could drop their guard and focus on what actually matters—building the trust networks we need to address security challenges that grow more complex every day.”
In an industry built on zero-trust architectures, the Lone Star Cyber Shootout has paradoxically demonstrated that trust, genuine, human trust, might be among the most valuable security assets. And sometimes, that trust emerges most clearly when you’re standing shoulder-to-shoulder at a shooting range, far from the noise of convention centers and sales pitches, focused on a target that suddenly seems a lot simpler to hit.
Join us on August 8, 2025, at the Lone Star Cyber Shootout.
