Lance RSA 2019

Many of us recently completed the annual pilgrimage known as RSA Conference, and it wouldn’t be complete without sharing some key takeaways.  

After having attended this conference for six years now, my overall impression was that the event was seemingly calmer and less chaotic than years past.  There seemed to be more room on the vendor floor, perhaps due to the Moscone remodeling and moving some vendor booths between Moscone South and North.  But there also seemed shorter lines at the restaurants, bathrooms, and less overall chaos. 

As some have already noted, there was no single theme people were hammering on the vendor floor.  I felt there was a large number of excellent talkstutorialslearning labsand events - with the biggest challenge trying to figure out what to attend.

One of my favorite events is RSA’s Security Scholar program. Invited speakers are asked to have dinner and interact with cybersecurity college students from around the word.  What I loved about this group of students is their diverse backgrounds and degrees.   It’s great to see so many highly motivated and really smart kids looking to enter into this field.  Kudos to RSA Conference for sponsoring these kids and giving them a hands-on feel for what this industry is all about. This new generation will be far better prepared than most of us were twenty years ago.

I was also excited to see so many human-related talks at the event, with over 40 talks focused on the human side of cybersecurity.  It was not until three years ago that RSA Conference even had a Human Element track. Now ‘the human’ has become one of the most popular topics, not only on how to secure people, but also to develop our cybersecurity workforce, improve CISO communications skills, and much, much more. 

Cybersecurity is growing out of our awkward teenage years, and that means moving beyond just technology and understanding that our world touches all aspects of almost any organization (or person).  You can grab the slides from my RSA talk CISO: How to Understand and Manage Your Human Risk or find a summary of the talk from TechRepublic here.

Overall, I think RSA Conference does a great job of bringing together the largest group of cybersecurity professionals in the world, to include promoting diversity, encouraging new ideas and helping develop the next generation of cybersecurity experts. They listen to our community and work hard to build the most professional and valuable event possible. Is the vendor floor overwhelming, over-commercialized and over-hyped?  Absolutely. But that is not a statement about the conference, that is a statement about our industry.  There were a lot of new ideas and energy this year, which we will need to fight the bad guys.  I’m definitely looking forward to next year. I hope to see you there!

About the Author
Thumbnail

Lance Spitzner

Director, SANS Security Awareness
Lance Spitzner has over 20 years of security experience in cyber threat research, security architecture, awareness and training. He helped pioneer the fields of deception and cyber intelligence and founded the Honeynet Project. In addition, Lance has published three security books, consulted in over 25 countries and helped over 350 organizations build programs to manage their human risk. Lance is a frequent presenter, serial tweeter ( @lspitzner ) and works on numerous community security projects. Mr. Spitzner served as an armor officer in the Army's Rapid Deployment Force and earned his MBA from the University of Illinois.
Article
Courses Offered at the 6th Annual SANS Security Awareness Summit
The SANS Security Awareness Summit takes place this year in San Diego, August 7th and 8th. It continues to be one of the largest and most interactive global gatherings of security awareness professionals. Packed within this two-day Summit are expert awareness-focused talks, interactive discussions, networking events, and so much more. As you sit down to make plans for the summit and set your schedule, remember there is not only a new, optional 3rd half-day, but you can also register to attend a dynamic set of SANS courses scheduled before and after the summit.
Thumbnail
Apr 2, 2019
2019 Security Awareness Summit
US Security Awareness Summit
Events
Article
RSA Conference: Perhaps 'Failing' Isn't a Dirty Word Anymore
During a morning keynote session from RSA Conference, Change Your Approach to Get it Right, the hosts, challenged the notion of striving for perfection in your security awareness program and indicated we need to look to build a culture that knows that failing is a part of getting better. They believe it is the basic element of progress.
Mar 19, 2019
RSA
EndUser Training
Security Awareness Planning
Events
Article
RSA Conference 2019 – Lance’s Key Takeaways
Many of us have completed the annual pilgrimage known as RSA Conference (as well as many deciding to pass on the chaos). No RSA Conference is complete without sharing thoughts of the event, so I thought I would share mine. After having attended this for six years now, my overall impression was the event was somehow calmer.
Thumbnail
Mar 14, 2019
RSA
Events