On April 16–20, the security industry will once again convene in downtown San Francisco for the annual RSA conference (RSAC). For those of you who haven’t been, RSAC is the premier security conference and exhibition of the year, with more than 40,000 expected attendees and 500 vendors set to show off the latest technologies in the field.
The expo floor at the Moscone Center will be split into two halls, North and South. The North Hall has the largest and smallest booths, and you can download the exhibit floor plans to see where your favorite vendors will be setting up shop. There is also an educational component, although it can be a mixed bag of hype and helpful information since vendors have to pay to participate.
Introductory seminars and tutorials, which have been well-attended in the past, will take place on Monday, April 16. The conference will wrap up on Friday, April 20, with a stirring closing keynote by RSA Conference Program Chair Hugh Thompson and other industry experts about the exciting yet uncertain future of artificial intelligence (AI). Below is a peek at what attendees can expect during the main part of RSAC, which runs from Tuesday to Thursday, including masterful keynotes, gripping panel sessions and interactive experiences that touch on a wide range of today’s most relevant cybersecurity topics.
What to Expect at This Year’s RSA Conference
Emerging security startups will strut their stuff at the Marriott Early Stage Expo, which is located across the street from the Moscone Center and will be open late Tuesday and then all day Wednesday and Thursday. The selection criteria for this exhibit are rigorous, so you might want to spend some time perusing the RSAC website to determine which of the dozens of vendors are most worth crossing the street to check out.
Next door to the Early Stage Expo is the RSAC Sandbox, which features several engaging, hands-on sessions, starting with a beer tasting on Tuesday night. The Sandbox and Marriott lobby are great places to meet and network with fellow attendees who want to take a breather from the main conference without getting too far from the action.
It would also be well worth your time to check out some of the panels and keynotes featuring prominent women in cybersecurity and the technology space in general. Below are a few of the most interesting.
- “‘No You May Not Have a Pony’ — The Art of the Possible in Secure IAM Design“: This all-women panel, which features several security researchers that I routinely follow, will discuss how to build real-world identity and access management (IAM) solutions at 1 p.m. on Tuesday.
- “The Untold Story of 8200: A Launching Point for Women in Cybersecurity“: Unit 8200, an Israeli intelligence unit, has served as a launch pad for many women’s cybersecurity careers. You’ll hear from several of them at this session, which will also take place on Tuesday at 1 p.m.
- “The Price of Shame“: Social activist, writer and public speaker Monica Lewinsky will take a “hard look at our online culture of humiliation” in her keynote address at 4:25 p.m. on Wednesday.
- “Hidden Figures: The Untold Story of the Black Women Who Helped Win the Space Race“: Researcher, entrepreneur and bestselling author Margot Lee Shetterly will deliver a keynote speech at 4:55 p.m. on Thursday to discuss the brilliant black women who worked behind the scenes to contribute to some of NASA’s greatest successes.
More Noteworthy Sessions, Panels and Keynotes
Below are some other noteworthy sessions that you might want to put on your schedule during the main part of the conference, broken down by day.
Tuesday, April 17:
- “The Cryptographers’ Panel” (9:20 a.m.) — This session will feature cryptographer Whitfield Diffie and RSA co-founders Ron Rivest and Adi Shamir.
- “Hype or Myth: Smart Home Security” (11:30 a.m.) — ESET’s Tony Anscombe will talk about the various risks associated with the Internet of Things (IoT) and what you can do about them.
Wednesday, April 18:
- “Exploring the Real-World Application Security Top 10” (8 a.m.) — What if the bad guys had their own list of the top 10 threats? This session will be led by Shannon Lietz, an Intuit director.
- “Identity Theft Through OSINT” (9:15 a.m.) — Security professionals can gain a lot of insight by conducting open source data gathering, and cyber risk expert Zee Abdelnabi will walk you through the process during this session.
- “Practical Planning for the GDPR” (9:15 a.m.) — I have known Larry Dietz, the session moderator, for decades, and he can be quite entertaining — not to mention intelligent and insightful. There are several GDPR-related sessions at RSAC, but I’m looking forward to this one.
- “The Five Most Dangerous New Attack Techniques, and What’s Coming Next” (11:15 a.m.) — Part of the keynote track, this session features four experts from the SANS Institute.
Thursday, April 19:
- “Bug Bounty Buzzword Bingo — Deep Dive Under a Jumped Shark” (8 a.m.) — Katie Moussouris, founder and CEO of Luta Security, Inc., will talk about the trends and challenges associated with bug bounty programs.
- “Pragmatic Security Automation for Cloud” (9:15 a.m.) — Rich Mogull, CEO of DisruptOPS, will demonstrate the latest software-defined security techniques and show how to integrate automation tools into your cloud security.
- “Efficacy of Layered Application Security Through the Lens of a Hacker” (1 p.m.) — Two security architects from Visa will discuss the web threat model and using automated monitoring tools to beef up defenses.
- “Our Biggest Bet Yet” (4 p.m.) — IBM Security General Manager Marc van Zadelhoff will discuss how all companies and industries can work together to “get ahead of tomorrow’s threats today.” If you’re not at RSAC, you can watch this live or on-demand.
Something for Everyone at RSAC 2018
If you aren’t going to the show or don’t want to jump back and forth between several concurrent sessions, you can play back session recordings online via the RSA Conference onDemand program, which will be rolled out for the first time this year. If you do plan to make the trip to San Francisco, be sure reserve your spot at the sessions you hope to attend through the web portal as soon as possible — many of the more popular talks are already at capacity.
No matter where your interests lie, there is something for every cybersecurity enthusiast at this year’s RSA Conference. Don’t miss one of the best chances you’ll have all year to rub elbows with experts, meet like-minded security professionals and immerse yourself in the latest trends, technologies and talking points of cybersecurity.