RSA Conference 2019 takes place next week in San Francisco. Here’s a brief overview of what to check out while you’re at the conference. Read more about keynotes here.
Not registered yet? Register now using Help Net Security’s promo code 5U9HLPNETXP for a free Expo Plus pass to RSA Conference.
Monday – March 4, 2019
Solving Our Cybersecurity Talent Shortage
10:00 A.M. – 12:00 P.M. – Moscone South 301 SEM
Cybersecurity is facing talent shortages at a time when problem-solving, innovation and productivity are critical. The talent pipeline seems to be improving, but valuable professionals are opting out of the profession in mid-career. In this seminar, you will hear from leaders driving innovation with culture, inclusion, equity and diversity, and from change agents on how you can make shift happen.
How-To for Innovators and Entrepreneurs
09:00 A.M. – 12:20 P.M. – Marriott Golden Gate A SEM
This half-day info-rich seminar will explore how to start a company from stealth to exit, find funding and financing in today’s competitive marketplace, provide an inside view of what makes a CISO take a shot on a startup, give tips and insights from brand makers and marketing gurus on how to rise above the noise. Each segment includes an opportunity for audience members to ask questions of the panelists and a networking break to meet with fellow entrepreneurs and speakers.
RSAC Innovation Sandbox Contest
1:30 to 4:30 PM – Marriott Marquis (Yerba Buena Ballroom)
Each year, emerging infosec organizations from around the world come together to compete at the RSAC Innovation Sandbox Contest. Come witness the 2019 top 10 finalists – Arkose Labs, Axonius, Capsule8, Cloudknox Security, Disrupt Ops, Duality Technologies, Eclypsium, Salt Security, ShiftLeft, WireWheel – grab the spotlight for a three-minute pitch while demonstrating groundbreaking security technologies to the broader RSA Conference community.
Tuesday – March 5, 2019
Get Your Head Out of the Cloud. Zero-Trust Access for Hybrid IT (Pulse Secure)
11:40 A.M. – 12:10 P.M. – South Expo Briefing Center
Multicloud is the new normal for many IT teams, but they are still looking for a simple and secure way to give appropriate application connectivity to the cloud and data center. The use of CASB and other disparate point solutions frequently complicates the user experience, limits IT visibility and yields inconsistent security policies. Nirvana is a zero-trust framework for hybrid IT.
Highlighting Security Blind Spots in the DevOps Butler (CyberArk)
01:40 P.M. – 02:10 P.M. – North Expo Briefing Center
Our in-depth research of the Jenkins automation server reveals just how secure your DevOps infrastructure really is (or isn’t). Our findings comprise 5 CVEs, 2 issues under responsible disclosure and other security issues—from credentials exposure, agent launch vulnerabilities, AD integration issues and more—and offer a new DevOps security approach: the zero trust model.
Cloud Revolution – Digital Transformation and Disruption of Data Protection (Gemalto)
02:10 P.M. – 02:30 P.M. – South Expo Briefing Center
Technological and commercial advances underpinning cloud introduce irreversible changes and compliance challenges, new threat vectors, but also significant opportunities. This session focuses on challenges facing today’s IT and security teams and how we overcome the disruption using the advanced automation, processing and intelligence technologies to deliver an increasingly diverse IT landscape.
Dissecting ERP Breaches: They’re More Common Than You Know (Onapsis)
05:10 P.M. – 05:30 P.M. – South Expo Briefing Center
In this session, hear from Onapsis’s CTO, Juan Pablo Perez-Etchegoyen, to learn about how critical ERP systems are involved in many of these breaches. Learn three key takeaways to understand what you can do to prevent these breaches and ensure that if you are breached, that you can quickly recover.
Wednesday – March 6, 2019
Getting Practical with Addressing Risks in OT Networks: Where to Start?
08:00 A.M. – 08:50 A.M. – Moscone West 3001
Practical lessons from dozens of large organizations as they embarked on this journey across people, process, technology. From getting executive support and clear accountability to understanding the true extent of the exposure, this session will discuss case studies and best practices. Prioritizing the concrete measures based on ROI and expanding the governance and IR process to encompass OT networks.
Weaponization of the Internet
11:15 A.M. – 11:55 A.M. – Moscone West Street Level
The internet promised all an equal voice in public discourse, but bots and rogue advertising are being used to manipulate public opinion, critically threatening public dialog. Globally, nation states, partisan agencies and political parties have grabbed the internet & social media reins to spread disinformation. This panel explores issues involved in controlling the internet, censorship and the impact on democracy.
What Lurks within Your IT: Spotlight on the Dark Side of the Supply Chain
02:50 P.M. – 03:40 P.M. – Moscone South 201
Altered components, tainted software and shipments diverted to allow unauthorized “modifications” are alive and well in ICT. IT/OT experts on this third-party risk will explore the breadth of the risk and what can be done to address it. They will explore policy, operations and technology essential to secure the growing number of devices on which private enterprises, governments and citizens rely.
Thursday – March 7, 2019
Container Security at the Speed of CI/CD
08:00 A.M. – 08:50 A.M. – Moscone South 205
Containers are everywhere! But how do you deal with the security challenges of using containers? You have to secure the application, the code, the web server and the host itself. And how do you do this at the speed of DevOps? This session will talk about containers, why they are complex to secure and then walk away with an easy-to-implement container security solution.
Mental Health in Cybersecurity: Preventing Burnout, Building Resilience
09:20 A.M. – 11:20 A.M. – Moscone West 3009
Mental health is a key element in the human factor, and directly impacts the way in which cybersecurity professionals function in their daily work. This session will cover the psychosocial stressors unique to cybersecurity, discuss burnout and identify management mechanisms. Attendees will learn how to build the foundations for mental resilience, for use in their workplace.
The Future Is Hybrid: Key Considerations for Cloud and DevOps
01:30 P.M. – 02:20 P.M. – Moscone South Esplanade 154
The elasticity and short lifespan of servers, paired with the up-and-coming wave of containerization, bring unique challenges to securing cloud infrastructure. This session will explore how to expand security operations to the cloud and DevOps—from managing configuration and vulnerability risks, to securing confidence across multiple cloud solution providers.
Everything You Need to Know about Cybersecurity and Privacy Law in Two Hours!
02:00 P.M. – 04:00 P.M. – Moscone West 3018
Do you want to understand cybersecurity and privacy law? With today’s rapid pace of business decisions and incidents you need to be able to spot issues quickly and accurately. Join us for a two-hour tour of the most critical laws and regulations and then we’ll have some fun issue-spotting exercises. Next time be the person who can spot and avoid costly issues on your team and save the day.
Friday – March 8, 2019
12 Ways to Hack 2FA
09:50 A.M. – 10:40 A.M. – Moscone West 3014
Passwords are finally being left behind in favor of two-factor (2FA) and multifactor (MFA) authentication. Some vendors are promoting “unhackable” 5FA solutions. It’s all a lie. All authentication solutions can be hacked. Come learn at least 12 ways 2FA can be hacked, how 2FA really works behind the scenes, what the holes are, how to hack it and how you can defend against those attacks.
Why Data-Driven Personalized Journeys Are the Future of Security Training
09:50 A.M. – 10:40 A.M. – Moscone South 207
When it comes to security training, one size does not fit all. Learn how Autodesk rethought security awareness training by leveraging behavioral data to create ongoing personalized security snapshots for each employee. These enabled individual recommendations and action items for each person resulting in successful changes to security behaviors companywide.
Law Enforcement: The Secret Weapon in the CISO’s Toolkit
11:10 A.M. – 12:00 P.M. – Moscone West 3002
This session will show you how to get the most out of working with law enforcement agencies (LEA) before, during or after a security breach. Learn why partnering with law enforcement can be a valuable strategic asset in the CISO’s ever-expanding toolbox of security measures.