Rsa Conference

Furthering the White House Cybersecurity EO, the OMB just released a Zero Trust Architecture Strategy with one of its 5 pillars focused on identity, and requiring implementation of strong, phishing-resistant MFA for agency and citizen access. This session explores the gatekeeper role of identity in ZTA, and the business and technology challenges faced in managing access while passwords persist. Speakers: Mario Duarte, Vice President of Security, Snowflake Tom (TJ) Jermoluk, CEO and Co-Founder, Beyond Identity Kacy Zurkus, Content Strategist, RSA Conference

In 2021, artificial intelligence emerged as a viable technology, which warranted a conversation about the legal and policy considerations underlying modern society. We’ll look back at the ethical, legal, and policy considerations discussed in May of 2021 and ask where are we now? What more needs to be done in order to maximize a successful implementation and minimize potential risk? Speakers: Behnam Dayanim, Partner, Global Chair of Privacy & Cybersecurity Practice and Chair, Advertising & Gaming Practice, Paul Hastings LLP Kacy Zurkus, Content Strategist, RSAC

In a world where the terms “AI” and “machine learning” are used liberally to describe new products and technologies, creating an assessment framework for buyers (and sellers!) to evaluate these products is essential. In this session, we’ll follow the Cost and Vulnerability dimension of MITRE’s AI Relevance Competence Cost Score (ARCCS) Framework and consider the security and privacy implications of AI for smart cities and the humans that travel them. Speakers: Anne Townsend, Department Manager and Cybersecurity Engineer, The MITRE Corporation Kacy Zurkus, Content Strategist, RSAC

Protecting Data & the Supply Chain so deeply intertwined with everything from software to identity. Join Program Committee members Edna Conway and Diana Kelley as they discuss the challenges that folks are struggling with right now and some potential mitigation strategies. We'll explore what’s happening with Log4j and other vulnerabilities as well as the need for a software Bill of Materials (SBOM). Speakers: Edna Conway, Vice President, Security & Risk Officer, Azure, VP, Chief Security & Risk Officer, Azure Microsoft Diana Kelley, CTO and Co-Founder, SecurityCurve Kacy Zurkus, Content Strategist, RSAC

Countless conversations with students, politicians, and leaders about cybersecurity suggest that the term ‘cybersecurity’ does not invoke the personal sense of responsibility necessary, nor is it inviting to the majority of the public including minorities, women and young adults who we want to seek a career in this field. How do we change that? Let's start with Data Care. In this podcast, our guests will discuss what’s missing from the term ‘cybersecurity’ and how taking a ‘Data Care’ approach can help us all to build a more secure world. Speakers: Britta Glade, Senior Director, Content & Curation, RSA Conference Ron Gula, President, Gula Tech Adventures Cyndi Gula, Managing Partner, Gula Tech Adventures

The Rise of Privacy Tech (TROPT) recently released a whitepaper categorizing the privacy tech landscape. It explores privacy tech's relationship to its adjacent industries, which include cybersecurity, identity management, and data governance, among others. Join this podcast for a look at key takeaways and insight into the 8-month-long working group drafting process. Speakers: Lourdes Turrecha, Founder and CEO, The Rise of Privacy Tech Kacy Zurkus, Content Strategist, RSAC

Recognizing that the security of our interconnected world is as interdependent and fragile as a Jenga puzzle, how do we ensure that the entire system doesn’t fall apart when a single block is pulled? What do we ow each other, and how do we work together to ensure those organizations—be they non-profits, NGOs, or public schools and institutions—have the resources they need to be resilient in the face of a cyberattack? In this podcast, we’ll examine the security poverty line and our systemic dependencies and explore what we owe each other in order to ensure a more secure world. Speakers: Dr. Kelley Misata, Founder and CEO, Sightline Security Kacy Zurkus, Content Strategist, RSAC

How much responsibility should people really bear in the big data realm? Does informed consent equate to waiving rights? Is it realistic that they understand how data travels and is there an incorrect underlying assumption that data is their priority when they are consenting to its collection or use? In this podcast, we will examine the reasons people sign consent forms (to access care or information), the limited ability of informed consent to protect people from hacking and cybersecurity breaches, and its irrelevance to compensating people whose data is aggregated, sold, and resold. We will explore the limitations of informed consent in governing data collection and use in the healthcare arena. Speakers: Anne Zimmerman, Founder, Modern Bioethics Kacy Zurkus, Content Strategist, RSAC

The Program Committee for the RSAC 2022 Privacy track was challenged with selecting the top session that would make it onto the agenda, but privacy topics were not limited to this one track. So why is privacy trending, and what are this year’s privacy trends? Join two members of the Privacy Program Committee as they reveal their favorite picks and what attendees have to look forward to at Conference. Speakers: Bernard Brantley, Chief Information Security Officer, Corelight Francesca Ginexi, Privacy Policy Manager, Facebook Kacy Zurkus, Content Strategist, RSAC

Migrating to public cloud introduces new attack surfaces commonly the exploitation of misconfigured resources. In a cloud landscape that contains millions of resources, how do we detect these threats. This session explores the journey from security policy documentation to scanning and detecting security compliance violations in product infrastructure from the start of the development life cycle. Joe McCrea, Cloud Security DevOps Engineer, SAP Mariam Triki, DevSecOps Engineer, SAP Kacy Zurkus, Content Strategist, RSAC

The importance of cloud security has, perhaps, never been more critical, following massive shifts to remote workforces and ramped up digital transformation across organizations of all sizes. In this podcast, two members of the Cloud Security & Cloud Sec Ops Program Committee discuss trends observed in their selection process for 2022 RSA Conference and what matters most as organizations look to secure and further mature their multi-cloud and hybrid deployments. Speakers: Britta Glade, Senior Director, Content & Curation, RSA Conference Shawn Harris, Director, Information Security, Starbucks Rich Mogull, CEO/CISO, Securosis

Refreshed and updated to include the latest technologies and best practices in cybersecurity operations, guests will share key takeaways from the new 11 Strategies for Operating a World Class Cybersecurity Operations Center (CSOC) book that will be coming out later this year. We will discuss the 11 strategies, how to balance the CSOCs core incident response mission with supporting functions such as threat intelligence and threat hunting, the importance of growing staff in house, and why the CSOC can never stop evolving. As with the original book, this new edition will include a free electronic version available to everyone. Speakers: Kathryn Knerler, Department Manager, Cyber New Professionals Development Program, The MITRE Corporation Ingrid Parker, Chief Engineer, Homeland Security Enterprise Division, The MITRE Corporation Kacy Zurkus, Content Strategist, RSAC

In today’s world, data is currency. With that in mind, organizations need to consider the fiduciary duty they owe to data subjects, especially when they suffer a ransomware attack. This session outlines what types of fiduciary duties organizations have, why paying a ransom falls under those duties, how negotiations mitigate harm, and three steps for effectively responding to a ransomware attack. Speakers: Robert Fitzgerald, Founder and CEO, Arcas Risk Management Karen Walsh, CEO and Founder, Allegro Solutions Kacy Zurkus, Content Strategist, RSAC

Have you been wondering how to get into Cybersecurity? It may seem that you have to be a security tester or expert. It's not true! There are many paths into Cybersecurity using your existing experience, skills, and schooling. This talk will show the multiple paths people have followed into the Schneider Electric IT Security and Application Security organizations. Cassie Crossley, Director, Product Security Office, Schneider Electric Kacy Zurkus, Content Strategist, RSAC

You've gotten the job in tech—congrats! So now what do you do? We’ve heard stories from those who struggled with overcoming unexpected obstacles while new to the job. Let’s talk about what you can do to prepare for the unexpected. In this podcast, you’ll hear from an industry expert on ways to level up your career. This talk will provide various tools and resources to help navigate the tech space and make the most of what you have and help you in reaching your future goals. Speakers: Mari Galloway, Chief Executive Officer and Founding Board Member, Women’s Society of Cyberjutsu Kacy Zurkus, Content Strategist, RSAC

Humans engage with Android technology in myriad ways, but how has the technology been used to date and how is it evolving? This podcast will explore the ways in which the Android ecosystem has evolved by looking at Android from a techno-sociological, security, and privacy context. We will discuss dimensions of privacy, the impact Android has had on humans, the kinds of threats we are seeing in the wild, the security challenges that need to be addressed, and the evolution of features like Digital Well Being. Speakers: Aditi Bhatnagar, Product Security Engineer, Atlassian Kacy Zurkus, Content Strategist, RSAC

In this podcast, we discuss how countries have influenced worldwide elections historically and in modern day using cyberwarfare. We explore how countries and critical infrastructure respond to these attacks and how they should respond in the future. By the end, we brainstorm the ways to disrupt a future election in order to understand how to better protect it. Geoff Hale, Senior Cybersecurity Advisor, Cybersecurity and Infrastructure Security Agency Allie Mellen, Analyst, Security and Risk, Forrester Research

Throughout 2020, ransomware was consistently amongst the most challenging cyber exposures for organizations to manage. The insurance market can provide critical insights on how to understand the evolving ransomware landscape, given the volume of insurance claims being seen and emerging data on loss and exposure trends. This session will bring together experts from across the cyber insurance and breach coach space and give end to end insights on the financial and organizational impact of ransomware, risk implications, and challenges that will be seen in the market. Speakers: Marcello Antonucci, Global Cyber & Tech Claims Team Leader, Beazley Benjamin Di Marco, Cyber Specialist, Willis Towers Watson Christina Terplan, Founding Partner and President, Atheria Law This episode is brought to you by Axonius. Axonius helps organizations immediately know what assets they have, and shows which devices, cloud instances, and users adhere to or deviate from security policies. Try it free at axonius.com/rsac

Drawing on original research, the speakers will dive deep into one of the most prominent ransomware strains today: Sodinokibi/REvil. By tracking its operators’ activity in affected organizations, on the dark web, and through the group’s public blog, we will bring our collective insights to the audience, detailing how Sodinokibi operates, its malware uniqueness, and the damage it has inflicted. Speakers: Limor Kessem, Executive Security Advisor, IBM Security Camille Jackson Singleton, Strategic Cyber Threat Lead, IBM Kacy Zurkus, Content Strategist, RSAC

With the increased scale and pace of automated processes along with migrations to the cloud, proper design of security architecture becomes a critical component of your overall IT architecture implementation. Considering this, what should your business prioritize as the ultimate driver for security architecture decisions - and where does risk, privacy and compliance fit into the picture? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Principal Program Manager, Microsoft Aparna Murthy, Aparna Murthy, CA, CPA, Principal Risk and Compliance Consultant Kacy Zurkus, Content Strategist, RSAC