dcsimg

Top 10 Sessions to Catch at RSA Conference 2019

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Email  

With more than 500 sessions at RSA Conference 2019, it's a daunting task for attendees to decide which to catch.

The sessions are organized under more than a dozen core topics: Analytics, Intelligence & Response; Application Security; C-Suite View; Cloud Security; Cryptography; DevOps; Compliance; Hackers; Human Element; Identity; Law; IoT; Machine Learning; and Privacy. If there is an issue or concern you have with IT security, it's likely covered in a session somewhere at the RSA conference.

If you're looking for an overview of what to expect in general at RSA Conference 2018, check out our preview of the 2019 RSA Conference and our overview of the 10 finalists for the RSA Innovation Sandbox contest.

In this preview, we outline our picks for the top 10 sessions at RSA Conference 2019, listed in the order in which they occur in the schedule.

Building DevSecOps

Speaker: Noopur Davis, Comcast SVP, Chief Product and Information Security Officer
Date: Tuesday, Mar 05 | 02:20 p.m. - 03:10 p.m.

Location: Moscone West 2003

Integrating developer, security and operations practices into a unified workflow is the domain of the emerging concept known as DevSecOps. Getting those different groups to work together is no easy task, but it's one that Comcast has been able to implement. Comcast SVP, Chief Product and Information Security Officer Noopur Davis will detail in her session how DevSecOps works and outline a six-part process that attendees can apply in their own environments.

How United Airlines Stays Cyber-secure

Speaker: Emily Heath, VP & CISO, United Airlines
Date: Tuesday, Mar 05 | 02:20 p.m. - 03:10 p.m.

Location: Moscone South Esplanade

It stands to reason that a sizable number of attendees who come to RSA Conference fly into San Francisco, and of those a certain percentage will travel with United Airlines. United Airlines VP and Chief Information Security Officer Emily Heath is set to discus how her airline is constantly changing to stay ahead of cybersecurity risks in a session titled "Security at 36,000 Feet."

Reverse Engineering

Speaker: Robert Joyce, Senior Advisory, National Security Agency
Date: Tuesday, Mar 05 | 03:40 p.m. - 04:30 p.m.
Location: Moscone West 2005

The National Security Agency (NSA) has long built its own tools for a number of cybersecurity activities. Now it's making a new tool for reverse engineering known as Ghidra available as open source. The Ghidra tools and their usage will be detailed in a session titled "Come Get Your Free NSA Reverse Engineering Tool!" led by NSA senior advisor Robert Joyce. Joyce will explain the capabilities of Ghidra and how attendees can use it to help reverse engineer potential malware.

ERP Security

Speaker: Juan Pablo Perez-Etchegoyen, CTO, Onapsis
Date: March 5, 5:10 p.m. - 5:30 p.m.
Location: South Expo Briefing Center

Enterprise Resource Planning (ERP) software platforms are often among the most critical enterprise applications deployed within an organization, and not surprisingly, they are also actively attacked. In a session titled "Dissecting ERP Breaches: They’re More Common Than You Know," Onapsis CTO Juan Pablo Perez-Etchegoyen will outline some of the attacks that have occurred against ERP systems in recent years and how attackers were able to exploit systems. The session will also provide attendees with insight into what can be done to prevent ERP breaches and ensure application security.

Inside the Timehop Breach Response

Speaker: Nick Selby, Director of Cyber Intelligence & Investigations, New York Police Department
Date: Wednesday, Mar 06 | 09:20 a.m. - 10:10 a.m.
Location: Moscone West 2003

Back in July 2018, social media service Timehop reported that it was the victim of data breach that affected 21 million users. In a session at the RSA conference, Nick Selby, Director of Cyber Intelligence & Investigations for the New York Police Department, will offer insight into the breach and the breach response process. Attendees will learn what some of the best practices are for breach notification.

NSA Chief on Strategic Competition

Speaker: General Paul Nakasone, Commander, United States Cyber Command, National Security Agency (NSA)
Date: Wednesday, Mar 06 | 01:30 p.m. - 02:20 p.m.
Location: Moscone South Esplanade

Among the many federal officials at RSA Conference talking about the national security impact of cybersecurity is General Paul Nakasone, Commander of the United States Cyber Command at the National Security Agency. In a session titled "Strategic Competition: The Rise of Persistent Presence and Innovation" and moderated by CBS News reporter Olivia Gazis, Nakasone will discuss how the NSA acts to help defend the U.S. in the current cyber environment.

Threat Hunting

Speaker: Vernon Habersetzer, Sr. Enterprise Technical Expert, Walmart
Date: Thursday, Mar 07 | 08:00 a.m. - 08:50 a.m.
Location: Moscone West 2007

Threat hunting is a core component of cybersecurity operations, but it is often not well understood by IT security practitioners. In a session titled "Threat Hunting Using 16th-Century Math and Sesame Street," Vernon Habersetzer, Senior Enterprise Technical Expert at Walmart, will offer guidance into how to conduct threat hunting exercises that will yield results and identify risks.

Purple Team at Scale

Speaker: Jason O'Dell, Director of Incident Response and Hunt, Walmart
Date: Thursday, Mar 07 | 01:30 p.m. - 02:20 p.m.
Location: Moscone West 3002

Red Teams conduct adversarial exercises against organizations while Blue Teams are tasked with defensive operations. Bringing the two teams together is an integrated approach to cybersecurity exercises commonly referred to as Purple Teaming.

In a session at the conference, Jason O'Dell, Director of Incident Response and Hunt at Walmart, will explain how the world's largest retailer has experimented with the Purple Team concept and how the approach can be used to improve overall cybersecurity effectiveness.

Top 10 Security Risks

Speaker: Min-Hwei Liu, Director, Information Security, Aetna  
Date: Friday, Mar 08 | 08:30 a.m. - 09:20 a.m.
Location: Moscone West 2011

Risk mitigation is a complicated topic in an increasingly challenge cyber threat landscape. In a session titled "Do You Know Your Organization’s Top 10 Security Risks?" Min-Hwei Liu, Director of Information Security at Aetna, will explain how organizations can build and make use of a list of risks to help make companies more secure.

Cloud Security

Speakers: Amin Vahdat, Google Fellow and Networking Technical Lead, Google; Suzanne Frey, Vice President, Engineering, Google Cloud
Date: Friday, Mar 08 | 11:10 p.m. - 12:00 p.m.
Location: Moscone South Esplanade

Few organizations have as much experience operating cloud-scale operations as Google. In a session titled "Engineering Trust and Security in the Cloud Era, Based on Early Lessons," Google executives will outline what works and what doesn't for cloud security, based on Google's own experience operating one of the world's largest public cloud infrastructures.

Coming Next: Vendor News

Aside from 31 keynotes and more than 500 sessions, the exhibit hall is home to some 700 exhibitors. The RSA Conference is often the place where many cybersecurity vendors make major announcements for new products and innovations. Be sure to look for eSecurity Planet's upcoming list of vendors making news at RSA Conference 2019.

Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.