With RSA Conference 2019 USA just two weeks away, we asked Sandra Toms, Vice President and Curator, RSA Conference, to tell us more about the challenges involved in developing a broad educational resource for information security professionals the event is known for. Read the Q&A to discover how the conference brings security professionals together, what you can expect at this year’s event, and what RSA Conference plans for the future.
The information security industry has changed considerably in the last 20 years, and we’re seeing a threat landscape change faster than ever before. With submissions for talks due a long time before the conference starts, how does RSA Conference make sure it stays relevant and includes topics people will want to hear about?
Content planning for RSA Conference is a year-round process, and we are constantly exploring new topics and considering current issues that arise in the industry to add to the discussion. We have two invaluable resources for determining themes, tracks and topics – the RSA Conference Advisory Board and the RSA Conference Program Committee. Both are comprised of experts in cybersecurity who bring a variety of experience and perspectives to the table.
Each year both groups talk through the most important themes and topics to address at RSA Conference based on what is happening in the industry and what is bubbling up from submissions. Once content is chosen, we work with speakers to allow for updates and the latest information to be included so that all topics stay timely and relevant through RSA Conference. Our end goal, is to have attendees leave RSA Conference with an expanded network and knowledge base, armed with the information to execute what they have learned, and feeling inspired to help the industry grow for the better – our theme for this year’s RSA Conference.
RSA Conference is a massive event catering to more than 40,000 attendees. What are the biggest challenges for you as Vice President and Curator? How much time do you have to spend on research to deliver a broad and cutting edge educational resource for information security professionals?
Something we do each year on the heels of RSA Conference to kick-off planning for the next year is hold boot camp – an intense three-days of actively planning, breaking and rebuilding programs, ideas and concepts to develop the next RSA Conference experience. Prior to boot camp, we review results of attendee surveys, speaker scores and every verbatim comment provided to us to understand what resonated well and what may have missed the mark.
Our goal is to understand the hearts and minds of our attendees to create the ‘must attend’ event for the next year. From there, determining the content and themes present at RSA Conference each year is an enormously collaborative process where many perspectives and pieces of feedback are considered, and our 16 Advisory Board members and 95 Program Committee members, comprised of security experts and professionals, academics, government employees, attorneys, scientists, technology experts and researchers, are invaluable resources.
How is the profile of RSA Conference attendees changing over the years? Do you cater to all types of security practitioners?
RSA Conference welcomes over 40K attendees annually from security backgrounds ranging from public and private sectors to education and government, and from college students and entrepreneurs to multi-decade veterans in the space. And from around the world.
Since its inception in 1991, RSA Conference has been an industry gathering of the brightest minds in security; diverse in experience, neutral in presentation and built upon the idea of a free-flowing discourse. RSA Conference is, and always has been, about bringing all people in the cybersecurity industry together and empowering the collective “we” of the cybersecurity industry to stand against cyberthreats around the world.
We are committed to reaching diverse audiences, through all genders, orientations, physical abilities, religions, ethnicities and experiences, to ensure all are included. To strengthen diversity and inclusion throughout Conference, we’ve implemented new programs and initiatives like an Intro to Capture the Flag program in conjunction with SANS and Women’s Society in Cyberjutsu, a seminar around Solving Our Cybersecurity Talent Shortage, a Youth STEM program, an extended College Day program, a prayer room and more. We believe the wider a net we can cast to attract security practitioners from different backgrounds and with different areas of expertise, will only make our industry stronger, so we strive to deliver content that is interesting and applicable to the entire security community.
What is your long-term strategy for RSA Conference? How do you see the event evolving in the near future?
We make it a point to remain tapped in to the cybersecurity landscape through our Advisory Board members, Program Committee members, and Conference attendees, among others, that equip us with insights into industry topics, and help us anticipate future trends and problems that can shape new programs and initiatives for RSA Conference.
So far, these insights have lead us to create innovation programs like Early Stage Expo and RSAC Launch Pad, Learning Labs for more hands on technical training, CISO Boot Camp to provide specialized content for this level audience, College Day and Security Scholars to broaden interest and accessibility to the cybersecurity industry, our Diversity and Inclusion initiative to ensure diversity and inclusion in every aspect of RSA Conference, and so much more.
We work to consistently be evolving and expanding our reach to audiences from various backgrounds and areas of expertise so that RSA Conference can achieve its ultimate purpose as a resource and community that empowers security professionals to make the industry and the world better.