Security Staffing, Skills Training, DevSecOps, And Hanging With The ISSA Crew And Other Friends


ITSPmagazine coverage, podcasts, webcasts, articles, and all our happenings during RSA Conference 2019 will be made possible by the generosity of our sponsors. We are ever so grateful for your support.

Have a story to share and want to join us for the journey? We invite you to discover the benefit of the full coverage sponsorship and let us know if you are interested in joining us for our adventures. We look forward to another exciting conference.

By Candy Alexander

Like so many others, I am preparing for my annual pilgrimage to the mecca of security conferences, RSA Conference! If you have never been to this conference and are going for the first time, I’d advise you to prepare like you’re going to a themed amusement park that has the word “world” in it. Planning needs to be your strategy for making the most out of your experience.

As a seasoned professional, my RSA Conference experience may be more unconventional than most. To be completely honest, I go for the people, parties and sharing of knowledge — however that happens — and it happens in many ways, from meeting people, chatting it up at the parties or other events, and attending the sessions.

Not sure if I should admit this, but after attending RSA Conference for the past 15 or so years, I can honestly say that I have not attended a whole lot of program sessions. There are so many events and activities going on around the city that it makes my MUNI pass worth it.

This year my plan of attack is along the lines of searching out the parties and registering for those that are of interest, and then scouring the agenda of sessions to go after the areas in which I feel a need to learn. Some of sessions I’ve got on my short list are anything to do with DevOps – starting with the DevSecOps Day on Monday. There seems to be a ton of great stuff in there! And, of course, I’ll be sorting my way through the DevOps track.

Candy’s Session @ RSAC
Hearing Voices: The Cybersecurity Pro’s View of the Profession
Wednesday, Mar 06
08:00 A.M. - 08:50 A.M.

Given my lifelong passion with the ISSA and as the current International President for the association, I will be checking out many of the sessions regarding the security skills gap and staffing shortage. And, of course, I need to make a push for the session I will be co-presenting with Jon Oltsik from ESG on the sneak peak of results from our recent research survey on the profession. Understanding that (ISC)² will be presenting at the same time as we are, our session will include some of their results and compare how our findings matched up or didn’t. Very suspenseful!

My RSAC adventure will begin with the ISSA Executive Forum and International Board meeting prior to the actual RSAC week. Then I head off to the Moscone Center to check out the ISSA booth and our new layout. Be sure to stop by and hang out with us. You’ll be glad you did! It will be one of the few places you can just sit, chat and not have to listen to a “barker” trying to sell you something.

I will also be participating in some private executive panel sessions which are always interesting. Let’s face it – the RSA Conference is the place to go and learn about the security industry, the cybersecurity profession, and to reunite with friends and acquaintances — some of which have become my cybersecurity family.

So my advice to you — plan your week, have some fun, drink lots of fluids, wear good walking shoes, make new friends, and absorb as much as you can. It’s like a holiday – it only comes once a year!

Looking for more itineraries on the road to RSA Conference 2019?

You're in luck! We have many more to share with you. Go on, check them out!

Have one to share? Let us know!

Podcast Time!

Sean Martin connected with Candy and Jon for a preview of their 3rd annual global survey on the life and times of cybersecurity professionals.

Have a listen!

About Candy Alexander


Candy has 30 years of information security experience working for various high-tech companies. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a Virtual CISO and Executive Cyber Security Consultant assisting companies large and small to improve their security programs through effective security initiatives.

Candy is very active within the profession, where her contributions include Information Systems Security Association (ISSA) International President, chief architect for the Cyber Security Career Lifecycle and a long-standing Director on the International Board. She is also the inaugural President and past Board Member of the ISSA Education and Research Foundation. She remains a loyal member at the local level with the New England Chapter and the ISSA New Hampshire Chapter.

More About Candy

Find Candy on LinkedIn
Find Candy on Twitter