Rsa Conference

Davi Ottenheimer, of MongoDB, interviews Tim Jenkin, winner of the Excellence in Humanitarian Service award at RSA Conference 2018.

Here’s something to ponder: In an alternate universe, where would cybersecurity be today without the continuous pursuit of innovation? While we can only guess, one thing is pretty certain. Cyberattackers would be a lot happier in that universe than they are here. In this episode, we take a look at multiple aspects of industry growth—from revenue and investments to tech advancements and opportunities. Some of the topics we cover include: •What investment strategies are VCs employing in 2018, and how do they differ from previous years? •What criteria should buyers consider in choosing startups to add to their security portfolios? •Based on where the industry is headed, what new and exciting developments can we expect at the RSAC 2018 Early Stage Expo?

What do AppSec and DevOps have in common besides two-syllable monikers? A lot. Which is why their importance—especially from a risk management and compliance perspective—has not gone unnoticed. Nor has their ability to learn from each other along the way. In this episode, we talk with two guests who draw on their very relevant experiences to weigh in on where AppSec and DevOps are situated today and where they’re possibly headed in the future. Some of the topics we cover include: •With a variety of threats slipping through a growing number of cracks, is threat modeling at speed a viable solution? •What skill set is needed for secure coding, and should companies be responsible for ensuring these skills are met? •What is the single greatest impact that DevSecOps is having within organizations?

It used to be that cities set themselves apart based on population density, cultural attractions and historical significance. But intelligence? Welcome to the intersection of modern living and the Internet of Things. In this episode, we’ll be talking with two guest speakers who weigh in on whether smart cities have rescinded the welcome mat for privacy. Take a look at some of the topics we’ll be covering: •Given how much smart cities “know” about us, can individual and company privacy still be protected? •What steps should corporations take to safeguard all the data they are gathering on smart city citizens? •What are the privacy implications of inviting smart assistants like Alexa and Siri into our homes?

It’s never good news when potential security exploits are detected. But when they affect all personal computers, mobile devices and cloud infrastructure dating back to 1995, it creates a problem of a whole new magnitude. In this episode, we’ll be talking with Paul Kocher, the researcher credited with co-discovering Spectre and a co-author of the Meltdown research paper. Some of the topics that we cover include: •How did these vulnerabilities happen, and why were they not detected sooner? •Did the rush to bring technology to market play a role in allowing these exploits to slip through the cracks? •What are the main concerns to look out for—both as an individual and as a CISO?

The holiday season is upon us. And our gift to you? An insider look at the potential threats and countering strategies that could have the greatest impact, for better or worse, in 2018. In this year-end episode, we talk with two cybersecurity luminaries who weigh in on the latest trends as part of a word game. Sound too fun to be enlightening? We promise you’ll learn as much as you’ll laugh. Some of the topics that we cover include: •Does threat intelligence sharing have a future now that IOCs are longer relevant? •Will NotPetya--a new class of attack that allowed only seven seconds to respond--be replicated? •How can we help build the next generation of cybersecurity talent to carry on the battle?

People, process, and technology. It’s an interlocked trio that’s vital to most organizations today. And when there’s a shift in security operations or strategy, all three will feel the jolt. In this episode, we’ll be talking with two guest speakers who draw on their firsthand experiences to share must-do and avoid-at-all-costs security operations and strategy advice. Some of the topics that we’ll cover include: •Skills that are most needed for today’s security operations and analyst roles •Differentiating between product security and IT security •How to adapt security operations and architecture for public cloud deployments

Big numbers have a way of getting our attention. And in the case of recent data breaches, they’re eye-poppingly notable. According to Gemalto, 1.9 billion data records were exposed in the first half of 2017—which equates to 122 records exposed every second in breaches worldwide. In this episode, we’ll be talking with two guest speakers whose cybersafety sessions drew some of the highest scores at RSA Conference 2017. Some of the topics that we’ll cover include: •Are data breaches getting worse, and if so, why? •How do you best measure security awareness? •What role does positive incentives for employees play in keeping data safe?

What’s the good, the bad and the future of the increasingly close relationship between technology and security? Find out as Ben Jun, CEO, HVF Labs, and Ed Amoroso, CEO, TAG Cyber, share the latest insights into the technology development process.

What exactly happened? And how can you best protect yourself? Get answers to these questions and more as Lance Spitzner, Director at SANS Securing the Human, weighs in on the data breach affecting 143 million Equifax users

You know “Must See TV”? Well, this is a must-hear podcast. This episode is focused on professional development, and we’ll be talking with two guest speakers who have very different backgrounds but share a strong commitment to growing the infosec profession. Some of the topics that we’ll cover include: •How we can help develop future cybersecurity aspirants to fill in the current worker-shortage gaps, knowing that purple unicorns remain elusive •How cybersecurity as a profession has changed over the past 10 years, and what to expect moving forward •How contributing to the community and giving back helps shape and enhance your professional development

Our first episode focuses on policy and government regulations in information security, including: •How the Cybersecurity Framework (CSF) is holding up against the recent wave of attacks •Strategies for keeping up with regulatory CSF changes •Positive and negative aspects of government involvement in cybersecurity

There are more chips being made then there are people on the planet now, Paul Kocher, President and Chief Scientist of the Cryptography Research Division of Rambus, tells RSA CTO Zulfikar Ramzan in this StoryCorps @ RSAC podcast. Technology evolves so quickly that we don’t even know what challenges and threats we may face from what we’re developing now. “To me information security has to co-evolve with the development of information technology,” Ramzan says. “To me this is part of a longer journey with many, many interesting factors.” How can we always keep our eye on the horizon and make sure we are implementing the fundamentals? Where do the challenges of the future lurk, and where can we find inspiration and optimism in the face of adversity? You can hear more of their conversation here.

It took a long time for the RSA algorithm to grow from theory to practice – almost 20 years from the time it was invented until it was widely deployed. In this StoryCorps @ RSAC podcast, Jim Bidzos, the founder, CEO and Chairman of Verisign, and former RSA CEO, strolls down memory lane with Burt Kaliski, SVP and CTO of Verisign, and the Founding Scientist of RSA Laboratories. The two discuss the creation of RSA the company and of the RSA Conference, which evolved from a small gathering to a global event that people from the highest levels of industry and government would attend. Along the way, people would contact them telling them they’d found a way to break the RSA algorithm, and would share it for a price. So they created the RSA Factoring Challenge. You can listen to their conversation on the impact of RSA on the connected digital world here.

Even as a child, Chris Young, Senior VP and general manager of Intel Security Group, was interested in building. And it was the combination of problem-solving, innovation and building that drew him to technology. On the other hand, “I so didn’t choose it,” Mischel Kwon, president and CEO of MKA Cyber tells him. A chance encounter in a shopping mall, where she was asked to take a test by a computer school, changed her life. They talk about technology as a great equalizer, and how bringing more diverse groups into the cybersecurity fold comes with challenges as our nation talks more openly about its divisive past and as the industry embraces inclusion across class, race and gender lines. You can hear more of their conversation here.

What did two cybersecurity luminaries study to get into the industry? Turns out, Bruce Schneier, CTO of Resilient Systems and Hugh Thompson, a member of the RSA Conference Program Committee, took very different paths to where they are today. Thompson came from the world of math, and Schneier moved through rolls in startups and government and has wound up at Harvard University, as a fellow at the Berkman Center for Internet and Society. “I find that now, being able to be in such a heady soup of smart people doing things that I never thought would be interesting, and having it affect what I’m doing is absolutely fricking fantastic,” Schneier tells Thompson. “The best compliment I ever get is when someone says you changed the way I think,” he says. You can hear more of their conversation here.

This month's podcast features Dave Martin, Technology and Innovation Leader, IT Risk and Cybersecurity at GE, and John Stewart, Senior VP and Chief Security and Trust Officer, Corporate Security Programs Organizations, Cisco, in conversation about the roads they took to where they are today, leading cybersecurity programs for some of the world's biggest companies.

The biggest impact you can have is working with kids to teach them about cybersecurity and cybersafety, according to Ben Jun, security architect and CEO of HVF Labs, and Theresa Payton, privacy expert and CEO at Fortalice.

Security and perimeter experts Rich Mogull, CEO and analyst at Securosis, and Jim Routh, CSO and leader of the global information security function for AETNA, sat down at RSA Conference 2016 to discuss what it takes to be successful in the information security industry, and what it's like to be on the front lines of the battle against cybercriminals.

“I think there’s a new way for us to think about how we live in a post-perimeter world,” says Niloofar Razi Howe, an ex-venture capitalist and RSA’s Senior VP and Chief Strategy Officer, and Asheem Chandna of Greylock Partners, in a conversation at StoryCorps @ RSAC. The two met in San Francisco at RSA Conference 2016 to talk about the future of technology, artificial intelligence, and the way cybersecurity will have to rethink itself to meet those challenges.