20 Can’t-Miss Seminars, Sessions and Panels at #RSAC this Year

RSA Sessions 2019

If last year was any measure, the RSA Conference being held in San Francisco this year will host roughly 40,000 attendees and 700 speakers providing some 500 sessions. Needless to say, it’s a big conference and it can feel overwhelming given there are so many presentations and discussions.

To help you plan, we’ve poured over the entire agenda. We reviewed every single description and picked out 20 or so seminars, sessions, or panels we think are “can’t miss.”

For each entry we’ve selected, we provide a link to the full description on the RSAC site so those interested can view the full descriptions and reserve a seat. We’ve also linked to the social media profiles of the presenters, where available, as background and also offer additional links to related reading.

Finally, we want to present these sessions with three caveats.

First, Sunday and Monday have pre-conference seminars scheduled. Many of these seminars look exceptional – like the crash course on cloud security by (ISC)2 or the threat hunting seminar by SANS – yet we stayed focused on the formal conference agenda.

Second, there are many before- and after-hours events – from morning workouts to evening mixers. We didn’t include any of those, no matter how enticing some of them looked.

Finally, we look at the world through the lenses of network security, and while the selected sessions reflected the broad, if not interconnected, world of cybersecurity, we felt it was fair to make a note of this.

The “can’t miss” events we recommend at RSAC follow.

Events on Monday

1) First-Timers Orientation & Networking Reception

If this is your first time attending the conference, the orientation session can help you get the most out of the conference – and perhaps make some friends you’ll see around the show.

2) Welcome Reception Opens on the Expo Floor

The welcome reception is the official event kicking off RSAC for 2019. It will be held in the expo hall floor along with “drinks and hors-d’oeuvres as you preview the leading information security vendors.”

Events on Tuesday

The Trust Landscape (Key Note)

Trust is under assault, according to the description. The connectivity has made “information itself is a battlefield with the power to erode trust in society’s most sacred institutions.”  The talk promises to present ideas for better defining and understanding risk in the modern digital age.

  • Presenters:
  • When: Tuesday, March 5, 2019, from 8:10 A.M. – 8:35 A.M.

4) Future-Proof Cybersecurity Strategy

Several municipalities fell prey to ransomware attacks in the last few years, so we’re keen to hear from a city official on the concept of future proofing. Technology and threats may change, according to the description, however, “there are some fundamental things about cybersecurity that will never change.” The session promises to detail “the top three cybersecurity must-haves with real-case examples for CISOs to future-proof their cybersecurity strategy.

  • Presenter: Timothy Lee, CISO, City of Los Angeles/ITA
  • When: Tuesday, March 5, 2019, from 11:00 A.M. – 11:50 A.M.

Related: Build the Capacity to Hunt for Publicly Disclosed Indicators of Compromise

5) Building Security In—DevSecOps

“Comcast uses a DevSecOps approach which focuses on automation, speed and team ownership of end-to-end product security lifecycle,” according to the description. “It’s agile and developer-focused. It’s about building security in rather than bolting it on.”

  • Presenter: Noopur Davis, SVP, Chief Product and Information Security Officer, Comcast
  • When: Tuesday, March 5, 2019, from 1:00 P.M. – 1:50 P.M.

Related: How is the Relationship between DevOps and Cybersecurity?

6) The Women Driving Innovation in State Cybersecurity

Leaders from the great states of Colorado, Indiana and North Carolina will gather for a session that describes, “the innovative policies they are adopting to defend state systems from compromise, partner with private companies, and groom the next generation of cybersecurity leaders.”

  • Panelists:
    • Maggie Brunner, Program Director, Cybersecurity, Emergency Communications & Technology, National Governors Association (Moderator)
    • Deborah Blyth, CISO, State of Colorado
    • Chetrice Mosley, Cybersecurity Program Director, Indiana Department of Homeland Security Office of Technology
    • Maria Thompson, State Chief Information Risk Officer, North Carolina Department of Information Technology
  • When: Tuesday, March 5, 2019, from 2:20 P.M. – 3:10 P.M.

Related: The Growing Surface of Attack and What Cybercrime has in Common with Street Crime [Q&A with Steve Morgan of Cybersecurity Ventures]

7) Come Get Your Free NSA Reverse Engineering Tool!

The NSA will demonstrate GHIDRA – a “software reverse engineering framework” – for the first time at RSA. The description notes, “the GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.”

  • Presenter: Robert Joyce, Senior Advisor, National Security Agency
  • When: Tuesday, March 5, 2019, from 3:40 P.M. – 4:30 P.M.

Sessions on Wednesday

8) We’re Not in Kansas Anymore: Measuring the Impact of a Data Breach

Verizon puts out several reports including one that focuses in on data breaches in an effort to determine “data-breach impact.” This session indicates it will share “finding from 4,000+ incidents studied.” The description puts forward the idea of “impact modifiers” which “increase the intensity of the breach, changing a relatively minor breach into a terminal event.”

  • Presenter: Suzanne Widup, Senior Analyst, Verizon Enterprise Solutions
  • When: Wednesday, March 6, 2019, from 8:00 A.M. – 08:50 A.M.

Related: Triage, Scoping and Threat Hunting: Maslow’s Hierarchy of Needs in Incident Response

10) What Tools and Techniques Work in Malware Analysis?

“Enterprises need a way of deriving meaningful threat intelligence from malicious software they discover during incident response.” This session seems to get after an important question: “What tools and techniques are most useful for examining malware in a modern enterprise?”

  • Presenter: Lenny Zeltserm, Instructor, VP of Products, SANS Institute
  • When: Wednesday, March 6, 2019, from 9:20 A.M. – 10:10 A.M.

Related: What is File Carving and How Does it Enhance Network Security?

11) Threat Hunting: Best Practices, Current Challenges and Lessons Learned

This session will cover down on the value threat hunting “brings to security operations, followed by best practices, and finalizing with lessons learned and challenges experienced.”

  • Presenter: Roger O’Farril, Information Security Manager, Federal Reserve Bank
  • When: Wednesday, March 6, 2019, from 10:40 A.M. – 11:30 A.M.

Related: 7 Simple but Effective Threat Hunting Tips from a Veteran Threat Hunter

12) No More Firewalls! How Zero Trust Networks Are Reshaping Cybersecurity

“Network firewalls are becoming irrelevant, and we can no longer assume that perimeter networks can be trusted,” reads the description. “With the adoption of bring your own device and bring your own cloud, we must evolve our defenses to devices and identities.”

  • Presenter: Matt Soseman, Security Architect, Microsoft
  • When: Wednesday, March 6, 2019, from 1:30 P.M. – 2:20 P.M.

Related: Study on Fileless Attacks Underscores Risk of Over-Reliance on Endpoint Security

13) Best Practices for Securing Enterprise IoT

This session aims to help security pros better understand newer protocols. “Internet of Things devices, along with BYOD, industrial IoT, control systems and embedded systems, are prevalent in the enterprise today,” the description reads. “The protocols they use are poorly understood by IT security and support teams.” The session promises show how some organizations are securing these newer devices that are connecting to enterprise networks.

  • Presenter: John Johnson CTO & Professor, RIG & Excelsior College
  • When: Wednesday, March 6, 2019, from 04:10 P.M. – 05:00 P.M.

Related: Network Visibility: Can You Analyze Encrypted Traffic for Cybersecurity Threats?

Sessions on Thursday

14) Threat Hunting Using 16th-Century Math and Sesame Street

Large and complex IT infrastructure makes threat hunting seem daunting. “This session will show how to hunt for threats in a way that transcends attack specifics, using the numbers to your advantage to uncover unique and unusual machine behaviors. This practical method that can be leveraged in almost any environment and can be applied to network and endpoint data.”

  • Presenter: Vernon Habersetzer, Sr. Enterprise Technical Expert, Walmart Speaker
  • When: Thursday, March 7, 2019, from 8:00 A.M. – 8:50 A.M.

Related: How Enhanced Network Metadata Resolution Facilitates Network Threat Hunting

15)  Diversity and Inclusion: Impacting Culture to Create a More Creative Environment

According to the session description: “Diversity and inclusion initiatives are positively impacting security organizations, in terms of better security postures, productivity, retention, growth and sustainability, but there’s still a lot of work to do. Learn through the experience of these CISOs who will provide practical advice and tangible guidance around their drive to change cultures within as well as outside of their organizations.”

  • Panelists:
  • When: Thursday, March 7, 2019, from 9:20 A.M. – 10:10 A.M.

16) Stop That Release, There’s a Vulnerability!

This session promises to show you how to prioritize security fixes. The description notes, “Software companies can have hundreds of software products in-market at any one time, all requiring support and security fixes with tight release timelines or no releases planned at all.”

  • Presenter: Christine Gadsby, Head of Product Security Operations, BlackBerry
  • When: Thursday, March 7, 2019, from 09:20 A.M. – 10:10 A.M.

Related: The Race Against Time Between Vulnerability and Patch

17) SANS Core NetWars Experience 5

Who said it can’t be all fun and games? The SANS NetWars is a “hands-on information security challenge.” It is “designed for novices to advanced professionals, compete with your peers and enhance your skills as an infosec professional in this multilevel game play.”

  • Presenter: Chris Elgee, Builder & Breaker, Counter Hack Challenges
    When: Thursday, March 7, 2019, from 11:40 A.M. – 01:40 P.M.

18) Communicating with the Board

This session is pitched as a “fireside chat.” It will show attendees “how to establish strong two-way communication between the CISO and the board, how to build trust and why this conversation should not be one-way.”

  • Presenters:
    • Tim Callahan, SVP of Global Security and Chief Security Officer, Aflac Inc.
    • Richard Clarke, CEO, Good Harbor Security Risk Management
  • When: Thursday, March 7, 2019, from 1:30 P.M. – 2:20 P.M.

Related: Cybersecurity: The Best Defense is a Good Offense

19) Measuring Cybersecurity Effectiveness in a Threat-Based World

This panel promises to “help increase understanding of how DHS, NSA and NIST are using threat data to help agencies protect information and detect and respond quickly to adversarial actions.” Specifically, the session will cover “how DHS CISA fuses threat intelligence with agency vulnerability data to improve” information sharing.

  • Panelists:
    • Jeanette Manfra, Assistant Secretary, Office of Cybersecurity and Communications (CS&C), Department of Homeland Security (moderator)
    • Marianne Bailey, Deputy National Manager (DNM) for National Security Systems (NSS) and Senior Cybersecurity Executive, National Security Agency
    • Kevin Cox, Program Manager, Cybersecurity and Infrastructure Security Agency
    • Matthew Scholl, Chief, Computer Security Division, NIST
  • When: Thursday, March 7, 2019, 2:50 P.M. – 3:40 P.M.

Related: The Top 10 Network Security Challenges in 2019

Sessions on Friday

20) Developing Key Performance Indicators for Security

Senior business leaders including executives and board members are all looking for ways to understand organizational security risk. This session says it will show you “steps to creating meaningful key performance indicators that can be communicated to leadership to facilitate helping the organization to meet their goals.”

  • Presenter: James Tarala, Principal Consultant, Enclave Security, LLC
  • When: Friday, March 8, 2019, from 9:50 A.M. – 10:40 A.M.

Related: The 10 Tenets of CISO Success Frank Kim Presented at RSA

* * *
If you make it out there, please do be sure to stop by booth #4139 in the North Expo to see us – and safe travels!

If you enjoyed this post, you might also like:
96+ Articles, Blogs and Links that Summarize the Black Hat Conference 2018

Back to Blog


Bricata Included as a Representative Vendor in a new Market Guide for Intrusion Detection and Prevention Systems by Gartner, Inc.
“IDS is still a widely deployed use case. Despite claims of IDS being dead, it is alive and well, and in use by a large percentage of Gartner clients,” wrote Gartner analysts.
+ +