My, How Things Have Changed: What I’ll Look for at RSA Conference 2016

I’ve been attending the RSA conference—in both the US and in Europe—for nearly two decades. I’ve covered the event from a journalist/analyst perspective since 2010. The amount of time I’ve written about the conference only represents a small piece of the puzzle compared to the 25 years the conference has been held.

As I plan my time and look forward to what's in store this coming week, I feel it’s time to also take a look back on the past to see how things have either changed—or stayed the same.

Most recently, I wrote last year about Threat Intelligence. This appears to be a hot topic again this year, and I will do a bit of investigation to determine how companies are using the intelligence that’s shared with them to detect weaknesses, threats, anomalies, attacks and breaches. I will also look at the latest Verizon DBIR/DBD scheduled to be released this week as well as other security reports that come out during (or around the time of) the event.

In 2011, the topics of trust and failure (not dissimilar from Yoran’s message to the audience in 2015) were topics I wrote about. Given that I touched on MSSP failure during this same time, I will likely look to see what role managed services play in today’s threat detection landscape.

Some sessions I expect to attend:

  • My Life as Chief Security Officer at Google [link]
  • Lessons Learned from Real-World CISOs [link]
  • Are You Thinking about IT Outsourcing? Top Reasons, Risks and Reward [link]
  • How Anomaly Detection via the Cloud Can Close Your Security Gap [link]

In 2012, cloud and mobile hit the sessions in full force. This year, the same topics surface again in cloud (the title stays the same) and IoT (the scope increases dramatically). As a point of reference, according to Dr. Hugh Thompson, Chief Technology Officer and Senior Vice President at Blue Coat and program committee chairman for the RSA Conference, “The IoT was the number-one submitted topic for this year’s conference.”

We’ll see how this plays out in sessions, in the expo halls and in conversations.

Third-party risk is also another area of interest for me. As I look at this space, I am sure I will gain some additional risk insight from a contractor perspective (aka external insiders) in addition to that brought through traditional third-party vendor relationships. Given the close connection between risk transference and third-party risk (as part of formal business agreements), I will likely loop cyber-insurance in as part of this research.

Some sessions I expect to cover:

  • Bringing Cybersecurity to the Boardroom [link]
  • Methods of Managing Third-Party Risk [link]
  • Got Coverage? Cyber-Insurance Realities Revealed [link]

Finally, I often try to find terms that get overused or misused by security vendors. In 2011, I looked at the acronym APT. Last year, I dug into threat intelligence. I don’t yet have a view into what this year’s widely-abused term or phrase will be. Time will tell.

Thanks for following our team online. If we’re lucky, we’ll get to see you in person at the conference.

Happy #RSACing!

Sean Martin, CISSP
Editor in Chief, IT Security Planet