The clock is ticking. Only 34 days until the entire world of cybersecurity professionals and vendors will descend on Moscone Center in San Francisco for the 2019 RSA Conference. It is one of the premier cybersecurity events around the globe—giving IT customers a chance to interact with customers and giving IT and cybersecurity professionals the opportunity to engage with industry leaders and highly respected peers to hear the latest in cybersecurity trends and innovation. There’s a lot to look forward to for RSA 2019.
This will be my…multiply by 3, carry the 1…divide by pi…10th or maybe 11th RSA Conference. The trek to San Francisco is something I look forward to every year because it gives me a chance to make connections with peers and hear from cybersecurity leaders and highly relevant vendors.
There’s a lot packed into just a few days at RSA Conference 2019. Between the keynote presentations, extensive catalog of sessions, vendors in the Expo Halls, and side events like BSides San Francisco, the ICS Village Sandbox, DevOps Connect, and more, it can be a bit overwhelming. You need to plan ahead and manage your time to make sure you get the most out of it.
RSA 2019 Keynotes
The lineup of keynote presentations this year is impressive. Things kick off Tuesday morning with Rohit Ghai, President of RSA and Niloofar Razi How, a cybersecurity strategist and entrepreneur presenting The Trust Landscape.
You can review the complete list of keynotes yourself, but here are a few that I highly recommend you pencil into your RSA calendar along with the abstracts from the RSA 2019 website:
- Lightning in a Bottle, or Burning Down the House?: Fire. In the wild, it’s a force for destruction. Controlled, it powers civilization’s forward evolution. But containing phenomena—natural or manmade—is a devilish challenge. Today’s regulatory hotspots include AI and quantum computing, because innovations that strengthen defenses can also fuel targeted threats. The weaponization of AI to amplify cyberattack impacts is enough to give anyone pause, so discussion of export controls on these and other technologies is a worthy conversation. What is the path forward to advance and protect human progress? How do we nurture sparks of innovation without burning bridges to the future?
- Hacking Exposed: Live—Bypassing NextGen: In typical Hacking Exposed style, this session will deliver the latest and greatest hacks in live demonstrations that will illuminate the tools and techniques of the attacker. Attacks will include file-based, memory-based, fileless, living on the land, script-based, application-based and many others. And every single hack we demonstrate will bypass existing NextGen solutions available today.
- The Role of Security Technologists in Public Policy: Computer security is now a public policy issue. But while an understanding of the technology involved is fundamental to crafting good policy, there is little involvement of technologists in policy discussions. We need public-interest technologists: people from our fields helping craft policy. This is increasingly critical to both public safety and overall social organization. The defining policy question of the Internet age is this: How much of our lives should be governed by technology, and under what terms? We need to be involved in that discussion.
- Lessons Learned from 30+ Years of Security Awareness Efforts: While the importance of securing the user has become obvious, efforts to improve user awareness have not generally improved as programs rely upon available tools, and not experience. Ira Winkler has three decades of experience in improving security behaviors, and details what consistently works and what does not. This session will dispel many commonly held beliefs about security awareness.
RSA 2019 Session Tracks
The catalog of sessions and events is far too extensive to cover in any detail in a blog post. The sessions are organized into tracks based on the subject matter, though, and there are a couple tracks that I think look intriguing.
The Blockchain and Applied Crypto Track promises to help separate the reality of cryptography and blockchain technologies from the buzzword hype, and help attendees understand how to apply blockchain concepts to protect data in the real world. The Emerging Threats Track will focus on ransomware and cryptojacking—and how ransomware still dominates because there is more revenue potential.
The track that looks most interesting to me, though, is the Hackers and Threats Track, which is new this year. The track is designed for a more technical audience and focuses on hot topics like IoT (internet-of-things), AI (artificial intelligence) and ML (machine learning). The session centers around DevSecOps and will focus on more live demonstrations and code dissecting exercises.
Don’t Forget to Have Fun
There will be more information and education presented during RSA than any one person could ever hope to consume in one week. Don’t even try. Study the agenda and figure out what’s important to you and plan ahead to make sure you get what you expect out the event.
Alert Logic will be there as well. Make sure you save some time between keynotes and sessions to walk the Expo Hall floors and visit with vendors. Stop by Booth #1627 in the South Hall to meet the Alert Logic team and learn more about SIEMless threat management.
Of course, there are also plenty of vendor parties to attend every night. So, don’t forget to schedule those into your week as well. A word of caution, though. Pace yourself. You don’t want to attend that keynote or session the next morning with a hangover.