Chats On The Road To RSA Conference 2018 | San Francisco


As part of ITSPmagazine's RSA Conference 2019 coverage, our team will be hitting the road, so to speak, to connect with a number of the conference organizers, speakers, presenters and panelists prior to March 4th.

During these conversations, we'll get a sneak peek into what they plan to share at the conference as well as a glimpse into their backgrounds and some additional insight on the topics they'll discuss.

We'll use this chronicle to capture the conversations we have so you can find them all in one place. Bookmark this page and stay tuned for more conversations as we stop at various places along our journey to RSAC.


Ireland: The Tech Company and Talent Bridge To and From Europe

In this episode, ITSPmagazine's Sean Martin has a full house with four guests on the show.

Join Sara Hill, SVP Advanced Technologies from Enterprise Ireland, Alan Mc Glinchey, VP Technology from IDA Ireland, Eoin Keary, CEO of edgescan, and Nollaig Heffernan, Director of Product Delivery for Waratek as they look at the increasingly-challenging threat landscape and the growing information security market.

As the RSA Conference 2018 in San Francisco provides an environment that invites and attracts welcomes individuals and companies from all over the world, Sean explores what it’s like bringing Irish-based companies abroad to do business in the US. Flipping the coin to the other side, they also talk about the value of extending a non-EU company's reach into the EU via Ireland; one of the leading value propositions presented being the wealth of diverse talent available based in what will be the only English-speaking country in the EU after the UK exits the Union.

With Ireland playing a pivotal role in the EU's presence in the tech industry, Sean also asked the group to share their thoughts on the pending General Data Protection Regulation (GDPR); what it means to be compliant, and the need for organizations to take data protection seriously - starting now.

Here's a list of the Irish companies represented by Enterprise Ireland that are participating in this year's RSA Conference:

Corvil (Exhibiting | Booth #2526 South Expo)
Daon (Exhibiting | Booth #4611 North Expo)
edgescan (Exhibiting | Booth #2437 South Expo)
Netfort Technologies
Waratek (Exhibiting | Booth #4341 North Expo)

Some of the international cybersecurity companies with operations in Ireland:

Alien Vault, Cylance, eSentire, FireEye, IDT911, Ivanti, Kaspersky Labs, Malwarebytes, McAfee, Quest, SonicWALL, Symantec, Tenable Networks, Total Defence, TrendMicro, Vectra Networks, Webroot, Rapid7, Keeper Security

Some companies with security functions include:

HPE, Zurich, Mastercard Labs, PayPal, Microsoft, IBM, VMWare, Ericsson, SAP, Accenture, Qualcomm, Tyco

If you'd like to meet the group and attend the Enterprise Ireland/IDA Ireland event, you can view those details here:

If you'd like to connect with Enterprise Ireland or the IDA Ireland, you can find Sara's and Alan's LinkedIn profiles here:

Sara Hill, Enterprise Ireland
Alan Mc Glinchey, IDA Ireland

The invasion of the connected devices. It happened. No place to hide. Nowhere to run.

With this “Chats On The Road to RSA Conference 2018,” we cover the last, but surely not the least, of the RSA Conference Village Sandboxes: the one dedicated to the Internet of Things, aka IoT.

As I am writing this, I am surrounded by WiFi waves that emanate from at least forty routers. I cannot count the people seated and walking around me with their connected cellphones, nor the connected cars driving by, and who knows how many devices connected to the buildings surrounding me: home alarm systems, cameras, toothbrushes, lights, tablets, coffee machines, fitness wearables, medical devices... My head is already spinning! Then I think for a second about how many potential vulnerabilities there are and how many default passwords are being used in these connected devices, and my head starts spinning again, faster and faster until I feel nauseated.

Our world is filled with connected devices, and we are at a point where, collectively as a society, we do not even think about it. We went from zero to millions of IoT devices in relatively no time at all. It seems like yesterday that the Walkman was the coolest thing around. Now there are devices that help us communicate with each other, devices that make it easier for us as humans to interact with other's devices, and devices that even communicate amongst themselves on our behalf to take care of tasks that are just too mundane to deal with. Or maybe we have just become too lazy or "too cool for school" to do these tasks ourselves.

The scale of these devices is growing tremendously and the question is: how does security for these devices (and the networks and clouds they communicate across and through) stack up? Excellent question! That’s where the IoT Village comes in.

Driven by the need to address the scalability of security challenges we face in this connected world we live in, the IoT Village was born. This village is designed to give people with varying levels of skill sets an opportunity to connect these devices to networks to see how they work — and how they can be exploited.

The research, presentations, and labs in the IoT Village will help answer some of your questions. Or, more likely, they will create more questions, which is a good thing if we are to make things better. We have heard this numerous times from many white hat hackers during our conversations at the intersection of IT security and society.

Perhaps a better way to put this, and the goals for the other Villages, is that they exist to give us a safe place to play — a sandbox, if you will — and break things, so we can reduce the need for the user to ask these questions so often and with such vigor.

There are many sessions designed to educate end users/consumers about these devices, business leaders who leverage these devices to run their company's operations, and the manufacturers of these devices so they can raise the InfoSec bar across the board.

We strongly believe that this bar needs to be raised and we hope that many of you will come by and help us to do this. 

Start with this podcast, where ITSPmagazine’s co-founders Sean Martin and Marco Ciappelli talk to Lisa Green and Sam Levin about the IoT Village, its roots and history, and what people can expect to see, hear, touch, and break.

Learn more about the IoT Village.

Beep beep! Get out of my way! I’m not even driving! What’s the RSAC Car Hacking Village all about?

So I guess there aren’t going to be real cars in the RSA Conference sandbox. As you can imagine, we are really upset about it. We wanted to break things apart and get grease on our hands! But that’s ok, you can still hack the heck out of cars.

In this episode of Chats On The Road to RSA Conference, ITSPmagazine's Sean Martin and Marco Ciappelli are joined by Robert Leale, co-founder of the Car Hacking Village, which is new this year. Wired and wireless exploitation of vehicle systems has become a critical safety concern for the automotive industry and consumers alike. Through hands-on experience with industry experts, the Car Hacking Village Sandbox aims to educate security professionals on the functionality of vehicle systems and the vulnerabilities that could significantly impact the safety and security of today’s drivers and passengers.

How far are we from safe and trusted autonomous cars picking us up and driving us around? Is the future far away, or is it already here? At this RSA Conference Sandbox, you will find a virtual vehicle that you can play with and try to hack, as well as six different workshops where people can learn about these systems. The goal is to find the flaws and limitations, while understanding how these systems work, in order to make them better and safer for the end users.

Keep in mind that all these Sandbox events are not just for experts – they’re for everyone who is curious to learn and explore. The ITSPmagazine team is looking forward to spending time at this Sandbox and keeping the conversation going. So come by and get your hands dirty! Virtually speaking, of course, but still as fun.

But first listen to this interesting conversation at the intersection of IT security and society to get an overview of what to expect.

Beep, beep!

The SANS Core NetWars Experience: Everyone is welcome.

In today’s podcast, ITSPmagazine's Sean Martin and Marco Ciappelli are joined by Ed Skoudis, SANS Institute instructor, and Jeff McJunkin, Challenge Architect at Counter Hack, to talk about what you can expect at SANS NetWars Experience at this year’s RSA Conference Sandbox.

SANS Core NetWars Experience is designed to gamify information security learning through its competitive, yet collaborative, hands-on information security challenges created to enhance the skills of InfoSec professionals.

Life is full of interesting questions. Ask them, and then find the answers.
— Ed Skoudis

The SANS NetWars doors are open to everyone who wishes to accept the challenge and is ready to learn the basics by watching and engaging with others throughout the experience. Diverse levels of skills, experiences, background, and all walks of life are welcome. Come as you are!

Participants can choose to play solo or in teams of up to five players as they navigate and progress through five levels of challenges covering all aspects of information security, each with increasing difficulty.

The ITSPmagazine team is looking forward to spending time with the SANS NetWars team as well as the participants. Let's keep this conversation going! You will likely find us there, microphones in hand, so if you have something to say, let us know when you see us.

We hope to see you there!

Note: For those interested in the panel that Ed refers to in this podcast, you can find the session here: The Five Most Dangerous New Attack Techniques, and What's Coming Next

What is an ICS "Sled" and how does it impact the way you live?

In today's episode, ICS Village founding members Bryson Bort and Tom VanNorman join ITSPmagazine co-founders Marco Ciappelli and Sean Martin to take a look at some of the key components being presented at the ICS Village as part of the RSA Conference Village Sandboxes. Bryson and Tom share with us what people can expect to see, hear, and experience in their village, including an overview of what's involved with their traveling ICS sled and how it impacts your life.

Let's Chat About Social Engineering Penetration Testing - With Rachel Tobac and Joe Gray

In today’s episode, ITSPmagazine's Sean Martin is joined by Rachel Tobac and Joe Gray to talk about social engineering. The trio look at what's involved in a social engineering campaign, how it works, and how Rachel and Joe got involved in what is essentially a human-centric method of vulnerability assessment and penetration testing.

And as a bonus, since this is part of our Chats on the Road to RSA Conference 2018 podcast series, you'll also get a preview of what Rachel and Joe will be co-presenting during their session at RSA Conference 2018.

Looking for More To Do?