RSA Conference San Francisco 2019 | A Friendlier Place?

RSA 2019 - A Friendlier Place (Thom Langford).jpeg

By Thom Langford

If the streets of San Francisco are becoming more cluttered as the homeless problem gets worse year after year, the conference itself seemed to take a clear shift towards a more friendly and inclusive event.

The redesign of the conference wasn’t just limited to the Moscone Centre itself. To be sure, the revised layout meant even more vendors could be squeezed in (where do they all come from?!) and we found ourselves utterly lost on the expo floor, as it was no longer clear if we were in the North or South hall or what direction we had to walk in for the West hall when we finally emerged, blinking in the weak Californian sun.

The redesign, if it can be called that, came across to me in two distinct ways, both of which are areas that are close to me. Sure, the talks were good, the keynotes were interesting (if occasionally sponsored), and the overall organisation was excellent. But the two areas I thought that stood out were diversity and wellness.

Of course, the more cynical of us will say that it was just a move that RSA Conference made to keep the haters quiet and the ticket sales up, but it really did feel like a corner had been turned here. That is not to say they did it first, as there are thousands of events around the world that are supporting diversity and wellness, but to see it done at this scale is what made it stand out.

RSAC is undeniably a commercial conference, and many parts of the infused echo chamber deride it for being so, but it is also a litmus test of how the industry as a whole is performing.

Therefore, seeing the demise of the all male panel (or “manel” as I heard it described) and seeing, instead, broadly balance panels as well as a larger number of talks fronted by women is the direction that the community has been pushing for years. It takes effort to redress a balance like this, but when it reflects a high-profile event like this the benefits are greatly increased. As a direct result of this, my unscientific method of just using my eyes showed me that there was a a greater number of women attending. (I think I even saw a queue for the ladies toilets at one point as well — now if that isn’t scientific proof, I don’t know what is!) This greater balance is better for all of us in this industry, however you look at it.

As for wellness, I counted at least three sessions on the impact of mental health, including one keynote.

Screen Shot 2019-03-24 at 6.14.58 PM.png

I was informed just today that a straw poll found that 14% of CISOs found the stress of the job “unbearable and unsustainable”, and the associated decline in mental health a very real cause for concern. Our toxic mixture of being measured on failure and the requirements for us to “keep secrets” 24x7 means that none of this is reported or addressed, and people are suffering. Seeing this addressed by senior and well-known people in the field in an open forum can only mean good things and result in better health overall.

Let’s be clear: diversity and wellness are still in the early stages of being addressed, but being addressed they are. And if more shows and conferences like RSAC can continue to push the agenda, then the information security industry will become a friendlier place.

Let’s not forget (Will) Wheaton’s Law that applies to all of us here, and a mantra to live your personal as well as your professional life by: “Don’t be a dick.”

More from Thom for RSA Conference 2019

RSA Conference Recaps With ITSPmagazine

About Thom Langford


Thom is the founder of (TL)2 Security, a strategic Information security Consultancy that focuses on Virtual CISO, strategic business alignment and public speaking/advocacy for hire.

As Chief Information Security Officer of Publicis Groupe, Thom was responsible for all aspects of information security risk and compliance as well as managing the Groupe Information Security Programme. Additionally the role was responsible for business continuity capabilities across the Groupe’s global operations.

Having successfully built security and IT programmes from the ground up Thom brings an often opinionated and forward thinking view of security risk, both in assessments and management, but is able to do so with humour and pragmatism (mostly).

Find Thom on Twitter and LinkedIn