Monday – February 24, 2020
DevOps: 2020 DevSecOps Days at RSA Conference
9:00AM – 5:00PM – Moscone West
Last year was a turning point for DevSecOps Days at RSA Conference, with over 800 practitioners engaging in the day-long Monday event. This year, the focus will be on how practitioners are handling the transformation to DevSecOps within their company, the types of problems they are surfacing which impeded their progress and how they are getting buy-in from all levels of the company.
She Speaks Security: Amp Up Your Impact
12:00PM – 4:00PM – Moscone West
Empower your inner advocate with a voice and a mission! Hear personal stories of challenges and success, tips and techniques to be heard, and how to have critical conversations with confidence. Take part in table talks and exercises designed to let you practice what you’ve learned. This unique session will bring together women from around the world committed to improving themselves and being heard.
Personnel Management and Building Successful Cybersecurity Teams
1:30PM – 5:00PM – Moscone West
Diverse, healthy cybersecurity teams are critical to an organization’s success. Join this half-day seminar to learn from global leaders about programs that build culture, effective cross-team communication, nontraditional hiring practices and programs that find extraordinary talent from across generations, geographies and genders to build more effective teams, and how to fortify against talent exfiltration.
Tuesday – February 25, 2020
We the People: Democratizing Security
8:55AM – 9:15AM – Moscone West
The industry is still building security based on an outdated model. Where enterprises used to purchase, issue and manage the means of computing, now we need to distribute security to mobile users globally. How do we adapt? We have to change hearts and minds as well as technologies. Democratizing security means thinking differently about the people we serve. Users are not “the weakest link”; they are powerful industry drivers. We have to give up the beliefs and control we once held as unquestioned. It’s time for radical change.
Fear and Loathing in Cybersecurity: An Analysis of the Psychology of Fear
11:00AM – 11:50AM – Moscone South
For too long, the cybersecurity industry has attempted to use FUD to engage with the human element. This engaging talk will draw on extensive research in the sociology and psychology of fear, as well as real-world case studies, to explain why we can’t simply scare people into security, but how we can harness human bias to have a more positive impact on cybersecurity awareness, behavior and culture.
Open Source: Promise, Perils and the Path Ahead
11:00AM – 11:50AM – Moscone West
This informative discussion will explore security ramifications and implications of open source tools as well as what needs to be done differently. Have questions about open source issues? Bring them to this interactive panel where open source leaders will engage the audience to discuss the state of the industry and some of the most pressing issues from release strategies and processes to code maintenance.
Wednesday – February 26, 2020
The Cybersecurity Workforce Shortage and How We Can Combat It
8:00AM – 8:50AM – Moscone South
Awareness of the cybersecurity skills shortage has been growing worldwide. Nevertheless, the workforce gap continues to grow, putting organizations at risk despite increasing tech budgets. This will be a review of the specifics of the (ISC)2 Cybersecurity Workforce Study that estimates the current cybersecurity workforce. The presentation will outline the methodology behind the research.
Enhancing Aviation Cybersecurity Capacity or How I Learned to Love a Hacker
8:40AM – 9:10AM – Moscone South
Loss of the flying public’s trust in reliable, safe and trustworthy air travel could impact national security. While the US government and the aviation industry are working hard, individually and cooperatively, an untapped resource remains. By dispelling hacker myths, trust among these communities can increase their collective ability to contribute more effectively to bolstering safe air travel.
Microsoft’s Security Team Changes the Employee Training Playbook
9:20AM – 10:10AM – Moscone West
In this session, Ken Sexsmith, director of security education and awareness at Microsoft, will share the unconventional approach his team has taken to train employees in being our first line of defense in helping to protect one of the most valuable companies in the world.
Thursday – February 27, 2020
Clearing the Clouds: Incident Response in AWS (Isn’t as Bad as You Thought)
8:00AM – 8:50AM – Moscone West
As you dive deeper into AWS, you realize that the architecture and various components consist of a jungle of new terms and products uniquely Amazon. However, your approach to security incident response isn’t necessarily as unique. Yes, new skills are needed, but the session will also demystify the approach by looking at detailed use cases of how to respond to AWS-specific security incidents.
Extracting Secrets from Locked Password Managers
8:00AM – 8:50AM – Moscone West
Are your secret entries kept safe by your password manager? Even when you log out of it and place it in a locked state? This session will dive into what happens to your master password and the secrets it guards when you unlock a password manager and more importantly what happens when you log out or lock it. Password Managers covered: 1Password, Dashlane, KeePass, LastPass.
9:20AM – 10:10AM – Moscone South
A computer security mindset is essential to understanding the security of complex technological systems. As we move into a world where all social, economic and political systems are to some extent technological, we need to extend this way of thinking. Come learn how to hack—and then defend—society’s core systems: elections, the market economy, lawmaking, tax policy, journalism and more.
Friday – February 28, 2020
Cyber-Hygiene for All: An Introduction to the CIS Controls
8:30AM – 9:20AM – Moscone West
The CIS Controls are one of the most popular cybersecurity standards in the world, used by auditors, CISOs and security professionals like you. This session will explore the CIS Controls and highlight the free tools, techniques and guidance CIS provides to overcome pitfalls and barriers to adoption in your organization.
Coordinated Vulnerability Disclosure: You’ve Come a Long Way, Baby
8:30AM – 9:20AM – Moscone South
Examples abound of clashes between security researchers and companies over disclosing software flaws, yet there is little quantifiable data delving into vulnerability disclosure. With the help of new research data on coordinated disclosure, this presentation will focus on the views of security researchers and organizations alike to highlight behaviors, preferences and established practices.
How Generational Psychology Impacts Your Security Strategy
11:10AM – 12:00PM – Moscone West
Not every generation is alike, nor should they be treated the same way. This session will discuss the importance of understanding how multigenerational psychology and attitudes impact your security strategy. You will learn about best practices to address vulnerabilities, risks, privacy concerns, policies, security controls and communication strategies for each unique generation.