RSA Conference USA is one of the most anticipated digital security events of the year. Last year, its 31 keynote presentations, more than 621 speaker sessions, 700 presenting companies on the exposition floor attracted over 42,000 attendees. Given such popularity, how could the State of Security not include this event in its list of the top information security conferences for 2020? This year’s iteration of RSA Conference USA promises to be exciting (and potentially meditative, should you so choose). To help attendees get the most out of the event, we at the State of Security have assembled some of the most exciting talks listed on the schedule. Here are 10 in particular that are worth mentioning.
Reality Check: The Story of Cybersecurity
Speaker: Rohit Ghai | President of RSA Location: Moscone West Date and Time: February 25, 2020 8:10AM - 8:30AM It’s our stories that make us human. All of us love a memorable narrative, and we often exaggerate characters and fudge reality to fit the narrative. In the mind of RSA President Rohit Ghai, the cybersecurity industry has an incomplete and overly simplified view of the characters in our story: the human element. That’s why Ghai will use his time in this speaker session to review the facts and set the story straight. After all, we are only as great as the story we leave behind.
Fear and Loathing in Cybersecurity: An Analysis of the Psychology of Fear
Speaker: Dr. Jessica Barker | Co-Founder and Co-Chief Executive Officer of Cygenta Location: Moscone South Date and Time: February 25, 2020 11:00AM - 11:50AM For too long, the cybersecurity industry has attempted to use FUD to engage with the human element. In this engaging talk, Cygenta co-CEO Dr. Jessica Barker will draw on extensive research in the sociology and psychology of fear as well as real-world case studies to explain why we can’t simply scare people into security. She’ll then discuss how we can harness human bias to have a more positive impact on cybersecurity awareness, behavior and culture.
Managing Risk Amidst Environmental Sprawl and Growing Responsibilities
Speakers: Tim Erlin | VP, Product Management & Strategy at Tripwire David Meltzer | Chief Technology Officer at Tripwire Location: Moscone North Expo Date and Time: February 25, 2020 2:20PM - 2:50PM Security teams are faced with protecting infrastructures that are more complex than ever. Digital transformation, hybrid environments and the blending of IT and OT have created a sprawling attack surface that’s leaving organizations exposed. In this session, Tim and David break down the key components of today's evolving attack surface and the critical controls necessary to secure modern assets.
Artificially Intelligent CISOs on the Blockchain: How Technical Should a CISO Be?
Speakers: Thom Langford | Director of (TL)2 Security Ltd Javvad Malik | Security Awareness Advocate at KnowBe4 Location: Moscone West Date and Time: February 25, 2020 2:20PM - 3:10PM A discussion around what skills today’s CISO needs in a quest to answer the question: does an effective CISO need to be technical or not? In a discussion led by Javvad Malik and Thom Langford, who hold opposing views on the topic, the audience will be asked to take sides, air their grievances, and arrive at a consensus at the end—or at least agree to disagree. (Note: This session will participate in polling. To participate, please be sure to download the RSA Conference app prior to the session.)
Safety Implications of Medical Device Cybersecurity
Speakers: Suzanne Schwartz | director of the Office of Strategic Partnerships and Technology Innovation at the Food and Drug Administration Margie Zuk | Senior Principal Cybersecurity Engineer at MITRE Location: Moscone West Date and Time: February 26, 2020 8:00AM - 8:50AM It is critical to come to ground truth when high consequence vulnerabilities are discovered in medical devices. Suzanne Schwartz and Margie Zuk will discuss how the FDA is exploring the development and viability of a Cyber Med Safety Analysis Board to integrate critical patient safety and clinical environment dimensions into the assessment and validation of high-risk/high-impact device vulnerabilities and incidents. Attendees should be familiar with medical devices and their use within the clinical environment as well as with the medical device regulatory environment.
I Had My Mom Break into a Prison. Then, We Had Pie.
Speaker: John Strand | Owner of Black Hills Information Security Location: Moscone West Date and Time: February 26, 2020 1:30PM - 2:20PM In this presentation, John Strand will walk through how his late mother successfully broke into a prison. It will highlight how sometimes the greatest hackers don’t know much about computers. The session will also cover a number of other successful social engineering techniques attackers can use to gain access to some of the most secure places on the planet.
Hacking Society
Speaker: Bruce Schneier | Security Technologist, Researcher and Lecturer at Harvard Kennedy School Location: Moscone South Date and Time: February 27, 2020 9:20AM - 10:10AM A computer security mindset is essential to understanding the security of complex technological systems. As we move into a world where all social, economic and political systems are to some extent technological. Security technologist Bruce Schneier feels that we need to extend this way of thinking. Attendees to this session will learn how to hack—and then defend—society’s core systems: elections, the market economy, lawmaking, tax policy, journalism and more.
Hacking Stress in Cybersecurity Operations
Speaker: Dr. Celeste Paul | Researcher at the National Security Agency Location: Moscone South Date and Time: February 27, 2020 2:50PM - 3:40PM Anyone in this business knows that the excitement of working information security also comes with an emotional and physical cost. We are just now learning how to talk about mental health in the information security community. In her speaker session, NSA Researcher Dr. Celeste Paul will use a “Hierarchy of Hacker Needs” to help frame the discussion around stress in the information security environment that leads to job dissatisfaction and burnout.
Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools
Speaker: Travis Smith | Principal Security Researcher at Tripwire Location: Moscone South Date and Time: February 27, 2020 2:50PM - 3:40PM When it comes to testing the security posture of an enterprise, those who don’t have dedicated red teams or external penetration testers are often left behind. In this session, Tripwire Principal Security Researcher Travis Smith will demonstrate how to use free resources that make testing security tools approachable to anyone. After abusing the target machine, attendees will look at the telemetry gathered by open-source tools to detect adversarial behaviors.
The Hugh Thompson Show, featuring Penn & Teller and Dr. Lorrie Cranor
Speakers: Dr. Lorrie Cranor | Director and Bosch Distinguished Professor of the CyLab Security and Privacy Institute and FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University Penn and Teller | Magicians Dr. Hugh Thompson | Program Committee Chair at RSA Conference Location: Moscone West Date and Time: February 28, 2020 12:30PM - 1:30PM Humans. We’re each different, but we have a lot in common, too. We can be predictable, gullible, and deceived. Why? Mystery and magic intersect with human behavior analysis on the Hugh Thompson Show, with entertainment and audience participation in unique tricks from the ever-popular duo Penn & Teller and insight into human behavior and security fallibility from renowned expert Dr. Lorrie Cranor. What sessions are you most looking forward to at RSA Conference 2020? Please let us know by hitting up Tripwire’s Twitter account.
