62 Articles, Blog Posts and Links that Summarize the 2019 RSA Conference

The annual RSA Conference in San Francisco wrapped last week and left us with a flood of articles, blogs and links about news and events stemming from the conference.

If there was a theme that emerged in the digital records, we venture to say it was the human element of cybersecurity. The fatigue and stress of security jobs, the shortage of cybersecurity talent, and women in cybersecurity were all key themes that seemed to underscore many of the stories that emerged.

While we had our own staff in a booth on the expo floor, we also spent the week tracking and curating news and notes from the show. As we did with the Black Hat conference last year, we’ve curated and organized the links we saw into a useful resource here.

Top Picks from the RSA Conference

1) ITPro Today – Cybersecurity Experts: The Market Is Good, But Don’t Take Your Next Job For Granted via Karen D. Schwartz

“Companies today are looking for on-the-ground skills and experience.”

2) Dark Reading – To Improve Security, We Must Focus on Its People via Kelly Sheridan

“New technology can help cybersecurity bridge the talent gap, but tech won’t do much without people to operate it.”

3) eWeek – IDC Outlines Top Security Challenges for 2019 at RSA Conference via Sean Kerner

SDxCentral – RSA Conference: Rise of the Robots (and the Women) via Jessica Lyons Hardcastle

“So, the security landscape today is essentially AI versus AI. The white hats are using artificial intelligence (AI) and machine learning to protect data, networks, and people, while the black hats are using these same tools to find software vulnerabilities, steal credentials, and the like.”

4) Help Net Security – Growing mobile cybersecurity incidents spur plans for increased security investment via Help Net Security

5) InfoRiskToday – Highlights of RSA Conference via Nick Holland [podcast]

6) Threat Post – RSA Conference 2019 Recap via Lindsey O’Donnell [podcast]

7) BizTech Magazine – Understanding the Value of a CISO via BizTech Magazine

Observations from the RSA Conference

8) Marketplace – Cybersecurity is still really hard. Full stop. via Molly Wood

“The system only works if you actually implement it correctly and then you actually pay attention and act on what it tells you to do.”

9) The CyberWire – Published a daily roundup of links from the RSA Conference 2019: March 4th, March 5th, March 6th, March 7th and March 8th.

“This year the underlying assumption of most of the discussions we’ve heard has been that security is increasingly focused on the cloud, and on the application layer. And, of course, one of the themes is the enduring importance of sound digital hygiene.”

10) Help Net Security – Photo gallery: RSA Conference 2019 Expo, part one, part two, part three, part four via Help Net Security

11) Threatpost – An Antidote for Tech Gone Wrong via Tom Spring

12) eWeek – Humans Are Key to Improving Cyber-Security, IBM Stresses via Sean Kerner

13) San Francisco Chronicle – RSA cybersecurity conference tries to rehab image among women via Melia Russell

14) RSA Conference – Security’s Most Pressing Problems Get Fresh Looks From Startups in RSA Conference’s Innovation Sandbox Competition via Tony Kontzer

15) Silicon Angle – Security built in: At RSA Conference, cybersecurity intersects with DevOps via James Kobielus

>>> Also see: How is the Relationship between DevOps and Cybersecurity?

16) Information Age – What happened on the expo floor via Tom Patterson

17) BizTech Magazine – International Women’s Day: 3 IT Security Leaders to Know via Bob Keaveney

Notes from RSA Conference Sessions and Talks

18) eWeek – RSA Security Outlines a Path for the Trust Future via Sean Kerner

“We still have water. We still have trust. But there was a time we almost ran out of both.”

19) eWeek – NSA Director Praises Persistent Engagement Approach to Limit Risks via Sean Kerner

20) Dark Reading – Trust, or Lack of It, Is a Key Theme on RSAC Keynote Stage via Sara Peters

21) Security Intelligence – Women in Security Speak Out at RSAC 2019, But There’s Still a Long Way to Go via Jasmine Henry

22) Mashable – Helen Mirren to cybersecurity professionals: You’re ‘an eternal beacon’ in the darkness via Jack Morse

23) Infosecurity Magazine – The Power of People: Amplifying Our Human Capacity through Tech & Community via Sue Poremba

>>> Also see: Amid AI and Machine Learning, the Human Touch Remains Crucial to Cybersecurity in 2019, New Network Security Survey Finds

24) Infosecurity Magazine – Rethinking Third-Party Risk Management via Sue Poremba

25) Infosecurity Magazine – The Role of Security Technologists in Public Policy via Sue Poremba

26) Infosecurity Magazine – Realize Reality of Workplace Burnout via Dan Raywood

“…when you have a secret and hold onto it for too long ‘there is almost a radioactive half-life to it and a weight to it which we need to put down.’”

27) Infosecurity Magazine – AI – Lightning in a Bottle, or Burning Down the House? via Michael Hill

“Most people ‘don’t realize how fragile AI and machine learning can be.’”

28) Data Breach Today – Consumer Privacy: Reasons for Optimism As Well As Concern via Scott Ferguson

29) Bank Info Security – Digital Transformation Needs Security Transformation, Too via Scott Ferguson

30) VMWare – Are We Losing the Fight against Cyberattacks? via Blakely Thomas-Aguilar

31) ZDNet – FBI head Christopher Wray: We can’t let criminals hide behind encryption via Laura Hautala

32) Fifth Domain – FBI director wants the Bureau to be a fixed answer in a world of blended threats via Kelsey D. Atherton

33) Fifth Domain – At RSA, governments still prove to be more powerful than cyber via Kelsey D. Atherton

34) Fifth Domain – The roastings will continue until security improves via Kelsey D. Atherton

35) Cyber Security Hub – RSAC Day 1 Theme: People and Tech Are ‘Better Together’ via Alarice Rajagopal

36) Cyber Security Hub – RSAC Opening Day Focuses On Cyber Security Talent

37) Threatpost – NIST’s Privacy Framework Starts to Take Shape via Tara Seals

Cloud Security News from the RSA Conference

38) Bricata – How Large Enterprises are Securing the Cloud [Q&A with Richard Stiennon, author of Secure Cloud Transformation]

“…your savings won’t come until year 2, 3 or 4 but also, my advice is, whenever you save money, hold on to that budget. Do not let someone use it for something else because this is where you can hire better people to do more refactoring, or spend money moving applications to the cloud, or invest in that breach detection tool that you need and should have been doing all along.”

39) Forrester – Tech Titans Alphabet And Microsoft Are Transforming Cybersecurity via Jeff Pollard and Joseph Blankenship

>>>Also see: Here is How Open Source DIY Fatigue Saps Cybersecurity Resources

40) Forrester – What To Expect At RSA Conference 2019: Cloud As Security Improvement And The Possible End Of The Infosec Gilded Age via Laura Koetzle

41) BizTech Magazine – RSA 2019: Tech Pros Will Learn to Stay Safe in the Cloud and On-Premises via Bob Keaveney

“But have we truly stopped and said, wait a second, if the cloud is truly that ephemeral in nature, are there things we can do to make it harder for the bad guy to not only get a foothold but to also maintain a foothold? If I can set up and tear down servers and rebuild accordingly, why isn’t it harder for the bad guy to grab hold within my environment and stay, if I’m truly taking advantage of the cloud?”

42) Wired – An Alphabet Moon Shot Wants to Store the Security Industry’s Data via Lily Hay Newman

43) eWeek – Alphabet’s Chronicle Launches Backstory Security Data Platform via Sean Kerner

44) Dark Reading  –  Chronicle Releases Chapter One: Backstory via Kelly Jackson Higgins

Announcements Published at the RSA Conference

45) Press Release – RSA Conference 2019 Announces Recipient of Annual Award for Excellence in the Field of Mathematics via RSA Conference

“Tal Rabin, RSA Conference 2019 Recipient of Annual Award for Excellence in the Field of Mathematics”

46) Wired – The NSA Makes Its Powerful Cybersecurity Tool Open Source via Lily Hay Newman

47) ZDNet – NSA releases Ghidra, a free software reverse engineering toolkit via Catalin Cimpanu

48) CyberScoop –  NSA puts ‘Ghidra,’ its reverse-engineering tool for malware, in the hands of the public via Sean Lyngaas

49) Dark Reading – Axonius’ ‘Unsexy’ Tool Wins RSAC Innovation Sandbox via Sara Peters

Vulnerabilities Examined at the RSA Conference

50) Threatpost – Ultrasound Hacked in Two Clicks via Tara Seals

“In a proof-of-concept hack, researchers penetrated an ultrasound and were able to download and manipulate patient files, then execute ransomware.”

51) Threatpost – Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes via Tara Seals

“The flaw allows attackers to hide exploits in weaponized Word documents in a way that won’t trigger most antivirus solutions, the researchers said.”

52) Threatpost – Container Escape Hack Targets Vulnerable Linux Kernel via Tom Spring

53) Threatpost – The Dark Side of Machine Learning via Tom Spring

“…data scientists have found exploitable weaknesses in the way computers handle large data sets used in machine learning.”

54) Threatpost – The Sky’s the Limit For Satellite Hacks via Lindsey O’Donnell

55) Threatpost – UniKey Patches BleedingBit Flaws Granting Access To Hotel Rooms, Cars via Lindsey O’Donnell

56) Threatpost – Picking Apart the Foreshadow Attack via Lindsey O’Donnell

57) Threatpost – Data-Wiping Cyberattacks Plague Financial Firms via Lindsey O’Donnell

58) Search Security – At RSAC 2019, speculative execution threats take a back seat via Rob Wright

“The Meltdown and Spectre vulnerabilities disclosed in early 2018 dominated much of the infosec discussions and news coverage last year, including those at RSA Conference 2018. But at this year’s event, speculative execution threats are virtually non-existent.”

59) Search Security – Security automation on display in 2019 RSAC Innovation Sandbox via Peter Loshin

60) The Register – Level up Mac security, and say game over to malware? System alerts plus Apple game engine equals antivirus package via Shaun Nichols

61) The Register – Schneier: Don’t expect Uncle Sam to guard your web privacy – it’s Europe riding to the rescue via Iain Thomson

62) Dark Reading – Lazarus Research Highlights Threat from North Korea via Robert Lemos

* * *

If there is an important article or blog post you like to see added, please send us a note at media -at- bricata -dot-com and we will consider it.

If you enjoyed this post, you might also like:
7 Simple but Effective Threat Hunting Tips from a Veteran Threat Hunter

Back to Blog


Bricata Included as a Representative Vendor in the Inaugural Market Guide for Network Traffic Analysis by Gartner, Inc.
“Applying behavioral analysis to network traffic is helping enterprises detect suspicious traffic that other security tools are missing,” wrote Gartner analysts.
+ +