The world of security on center stage at RSA Conference 2011

Sandra Toms LaPedis, Area Vice President and General Manager of RSA Conferences, is responsible for global promotion and successful execution for the conference. In this Q&A she talks about what you can expect at RSA Conference 2011 in San Francisco.

What have been the major security threats in 2010 and how have these informed the conference agenda for 2011?
As we close out 2010, the security landscape has been shaped by several events. A myriad of stories about Facebook privacy policies dominated the news, as well as the Google hacking incident, Stuxnet and increasing concerns over cyberwarfare. Most of the challenges IT/IS professionals have been dealing with can be summarized in four broad categories:

Privacy – government regulation and impending legislation, consumer protection, social media sites, privacy in the cloud, trusted identity government initiative

Mobile security threats – increasing use of smart phones and mobile apps, cybercrime on mobile networks, next generation malware

Advanced Persistent Threats (APT) – targeted attacks against individuals and corporate confidential information, online espionage, social engineering

Cloud computing – the next stage: implementation issues – best practices and pitfalls to ensuring security in the cloud.

There are quite a few security conferences in the U.S. What do you see as your strengths? Has your strategic focus changed from previous years?
RSA Conference is strong because it is inclusive industry event with content selected by members of the industry and designed for the greater benefit of the community. The program committee for each track selects all the sessions and vets all slides before they are presented onsite, with the goal to avoid commercialism.

The event is open to all who play a role in information security, it is a conference filled with great debate, interactive discussion and where news is made. Based on feedback expressed by attendees, the conference focus has become increasingly vendor “neutral” throughout the years.

Additionally, we collaborate with the information security community to regularly introduce new programming – such as the Pecha Kucha sessions (returning this year), Peer2Peer On-Demand sessions (in addition to our scheduled ones), free pre-conference sessions, and varying session lengths.

How much has the event grown in the past few years? Has the recession made an impact on your number of attendees?
RSA Conference started as a meeting for 50 very inspired cryptographers and has become an industry event hosting 15,000 people at the 2010 event. Recessions impact all events – because corporations and other enterprises do more belt tightening, as well as instituting travel restrictions and more often than not, reducing training budgets. However, due to the business imperative of information security, recessions have impacted RSA Conference less than other general technology events.

What will be different or new at RSA Conference 2011? What aspects of the event are unique to the U.S. event compared to Europe or China?
As RSA Conference gets ready to celebrate its 20th Anniversary, we’ll be focusing on the true “giants among us”, and honoring the founders of information security such as Ron RIvest, Adi Shamir, Len Adleman, Whit Diffie, Bruce Schneier, and Marty Hellman. The 20th anniversary theme will be highlighted throughout the conference week in various keynote sessions and other conference program elements.

In terms of content, each year we review the previous year’s attendance and evaluations to get a “read” on the information security industry and then determine what tracks are most relevant.

For RSA Conference 2011 we added a cloud security track and also combined many of our security infrastructure tracks (e.g. network and wireless security, endpoints) to create a technology infrastructure track that is better adapted to changing infrastructure issues and technologies.

When we found that many delegates forgo the Professional Development track in favor of other track sessions during the week, specifically those dealing with technologies, processes or issues they need to address in their organizations, we opted to move the Professional Development track to Monday. Focusing these sessions here before the conference moves into full swing, we’ve split the track into two half day sessions – one on security leadership and one on security career development.

Content is localized by each market RSA Conference serves. The U.S. event is focused on regulations that impact organizations in the U.S. first and global organizations second.

Who are the keynote speakers this year and what topics are they discussing?
We have an inspired keynote program including some of the largest vendors in information security. Audience favorites include Art Coviello (RSA/EMC), Scott Charney (Microsoft), Enrique Salem (Symantec) and the annual Cryptographers Panel, moderated by Ari Jules of RSA Labs.

We’re adding exciting new faces to the lineup such as: Bill Veghte, Executive Vice President, Software & Solutions, Enterprise Business, HP, Michael Denning, General Manager, Security Customer Solutions Unit, CA Technologies, and Tom Gillis, Vice President & General Manager, Security Technology Business Unit, Cisco Systems, Inc.

We also have an exciting guest list- President Bill Clinton will be closing the RSA Conference, and we’ve lined up by Michael Capuzzo, author of The Murder Room who will be telling the true stories of a group of crime fighters and forensic experts who solve cold cases together – certainly inspiration that information security professionals can learn from.

What tracks and workshops would you highlight?
Already mentioned are the new Cloud Security and Technology Infrastructure tracks. We have two Monday seminars, free to delegates: Security Basics was introduced last year as a fast track for the rest of the week for security newcomers with three years or less experience and taught by some of the best known names in the industry.

We’ve also brought over a very successful seminar from our recent Europe conference: Know Your Threats and Countermeasures: Improving Application Security for those with three years or more experience -also taught by some of the well-known experts in the field.

We always like to highlight the Industry Experts track. We will have some very interesting sessions on cybercriminals, cyberwarfare, critical threats, and the latest in cloud security. Jacob West and Brian Chess’s session: Extreme Makeover – Open Source Edition and Kevin Poulsen’s session, based on his imminent new book on Max Vision, are two highlights among many.

The two Hackers and Threats tracks are usually very popular and the topics this year will provide a wide range of detailed sessions on threats and vulnerabilities. Business of Security provides viewpoints across the security spectrum including financial markets, industry analysts and future predictions for technology and the industry.

Stay tuned for our Hot Topic sessions that will be announced in January and designed to ensure that the most recent security events and threats will be covered at RSA Conference 2011.