By Rick McElroy
I am super excited about RSA Conference 2019 for a number of reasons.
One is for the cheap, shameless plug that Gary Hayslip and I had a talk accepted!!!! We have been at this a long time and it's been a goal for a while to get a talk accepted at RSAC. Join us Friday for “Why the Role of the CISO Sucks and What We Should Do About It.”
Interested in learning more? Listen to our podcast with Marco Ciappelli and Sean Martin to get a sneak peak at what we will be talking about.
But that’s not the only reason to be excited. Every year I get to see a ton of my friends. We are all in the same four-block radius at most times and, trust me, the only other time that happens is ... Black Hat and DEFCON. It’s not only a great way to get excited for the hard year ahead but also a great chance to actually have some time with people you care about that help make a difference for each other. There are so many opportunities to meet people.
Is there someone you heard speak and wanted to say hi to? Awesome — hit them up. Don’t be afraid to introduce yourself. In my experience, there are only a handful of people who won’t give time back to someone in the community. Take on a cool goal like meeting just five new people; or, perhaps, use it as an opportunity to meet people in a similar role in a similar company. They are probably dealing with the same issues. Get your teams together with theirs. Use events like these to not only learn, but also to build a network.
As always, I look to conferences to help me learn and hone my skills. I love going and listening to the latest research and talks. I always hope to see some talks that are “different.” What do I mean by different? New topics are a great place to start. Unique spin on an old topic. Excellent speaker I can learn from. Talks that separate themselves from the noise. Someone or a team with interesting things to say always piques my interest.
Here is a list of a few of the session that caught my eye that I will be attending.
Tuesday, March 5, 11:00 – 11:50 AM | South Stage
Speaker: Paula Januszkiewicz
Paula is the Founder and Chief Executive Officer of CQURE Inc. and CQURE Academy. She is Enterprise Security MVP, honorable Microsoft Regional Director for CEE and a world-class cybersecurity expert, consulting customers around the world. She is a top speaker at conferences including Microsoft Ignite, RSA Conference, Black Hat 2018 USA and Gartner Security Summit. Her presentations gather thousands of people.
Januszkiewicz has 15 years of experience in cybersecurity, performing penetration tests, architecture consulting, trainings and seminars. She has performed hundreds of security projects, including those for governmental organizations and big enterprises. She also creates security awareness programs for various organizations and top management. What is more, she has access to a source code of Windows!
Tuesday, March 5, 3:40 – 4:30 PM | South Stage
Speaker: Ira Winkler
Ira Winkler, CISSP, is President of Secure Mentem and Author of Advanced Persistent Security. He is considered one of the world’s most influential security professionals and named a modern-day James Bond by the media, and was named “The Awareness Crusader” by CSO Magazine in receiving their CSO COMPASS Award. He has designed and implemented and supported security awareness programs at organizations of all sizes, in all industries, around the world. He performs espionage simulations, where he physically and technically breaks in the largest companies in the world, investigating and offering cost-effective prevention.
Speaker: Ann Johnson
As Corporate Vice President of the Cybersecurity Solutions Group at Microsoft, Ann Johnson oversees the go-to-market strategies of cybersecurity solutions for one of the largest tech companies on our planet. As part of this charter, she leads and drives the evolution and implementation of Microsoft’s short- and long-term security solutions roadmap with alignment across the marketing, engineering and product teams. Prior to joining Microsoft, her executive leadership roles included Chief Executive Officer of Boundless Spatial, President and Chief Operating Officer of vulnerability management pioneer Qualys, Inc., and Vice President of World Wide Identity and Fraud Sales at RSA Security, a subsidiary of EMC Corporation.
Thursday, March 7, 4:00 – 4:25 PM | West Stage
Speaker: Pat Gelsinger
Pat Gelsinger has been serving as Chief Executive Officer of VMware since September 2012, nearly doubling the size of the company during his tenure. He brings more than 35 years of technology and leadership experience.
Before joining VMware, Gelsinger led EMC’s Information Infrastructure Products business as President and Chief Operating Officer. A respected IT industry veteran, he was at Intel for 30 years becoming the company’s first Chief Technology Officer and driving the creation of key industry technologies including USB and WiFi. He led Intel to be the dominant supplier of the microprocessor—while in the significant role as the architect of the original 80486 processor.
Speaker: Shannon Lietz
Shannon Lietz is an award-winning innovator with decades of experience pursuing advanced security defenses and next-generation security solutions. Lietz is currently the DevSecOps Leader for Intuit where she is responsible for setting and driving the company’s DevSecOps and cloud security strategy, roadmap and implementation in support of corporate innovation. She operates a 24x7 DevSecOps team that specializes in adversary management. Prior to joining Intuit, Lietz worked for ServiceNow where she was responsible for the cloud security engineering efforts and Sony where she drove the implementation of a new secure data center. Lietz has experience leading crisis management large-scale security breaches and restoration of services for several Fortune 500 companies.
Here’s a couple Learning Labs the grabbed my eye.
The 2016 and 2018 elections showed that digital threats to democracy are multiplying. Take a crash course on how officials across the US are securing elections by joining a simulation of 2020 under attack. Tables work together to defeat cyber and info ops. This interactive lab will end with an after-action review and tangible steps participants can take to make elections more secure.
Jordan D’Amato, Executive Director, Defending Digital Democracy Project (D3P), Belfer Center, Harvard
Mari Dugas, Project Coordinator, Cyber Security Project and D3P
How do you know if your public-cloud environments are really safe? Based upon the latest research from the RedLock Cloud Security Intelligence Team this session will present tactics and tools for threat hunting across multiple public cloud environments. Get your hands dirty capturing the flag and learn the most effective countermeasures.
Gaurav Kumar, CTO, RedLock
Matthew Chiodi, Chief Security Officer, Public Cloud, Palo Alto Networks
Mental health is a key element in the human factor, and directly impacts the way in which cybersecurity professionals function in their daily work. This session will cover the psychosocial stressors unique to cybersecurity, discuss burnout and identify management mechanisms. Attendees will learn how to build the foundations for mental resilience, for use in their workplace.
Facilitator: Ryan Louie, Psychiatrist, Foundation Physicians Medical Group, Inc.
About Rick McElroy
Rick McElroy, Head of Security Strategy for Carbon Black has 20 years of security experience educating and advising organizations on reducing their risk posture and tackling tough security challenges. He has held security positions with the U.S. Department of Defense, and in several industries including retail, insurance, entertainment, cloud computing, and higher education. McElroy’s experience ranges from performing penetration testing to building and leading security programs. He holds is currently a certified CISSP, CSIM, and CRISC. As a United States Marine, McElroy’s work included physical security and counterterrorism services. His current role takes him all over the world working with organizations to improve their security strategies and speaking on security and privacy.