RSAC USA 2015: My Agenda Day 1 Monday

The RSA Conference USA for 2015 wrapped up last Friday.  I am using this blog to share with you my personal schedule for the five days of the conference, to indicate what interested me and what I experienced.  I’ll separate each day into a separate blog posting, complete with session descriptions from the RSAC catalog.

Please write to me if you have any questions about these sessions.

  • SEM-M02 : Information Security Leadership Development: Surviving as a Security Leader

In conventional security training, there are few opportunities to learn how to develop and direct a successful information security program. Experienced security leaders delivered a morning seminar focused on bridging this gap.

  • As a New CISO – How to Assess Your Security Program for Success – Gary Hayslip
  • Are you Fighting the Wrong Battles? – Bill Burns
  • Being a CISO – What They Don’t Tell You – Jack Jones, Evan Wheeler, Rick Howard, Julie Fitton, Amy Butler
  • Stepping Inside the Boardroom – Trey Ford
  • SEM-M03 : Advancing Information Risk Practices

Many challenges face today’s Risk Management programs, including how to risk rank security gaps, handling business interactions and forming a qualified resource pool. This half-day seminar was packed with useful information from a series of respected industry leaders. Discussing successes and pitfalls, these leaders have set out to challenge conventional ideas and pursue cutting edge tactics.

  • Practical Quantitative Risk Analysis – David Musselwhite
  • An Inside Look at Cyber Insurance – Jake Kouns
  • Metrics That Matter – Scott Borg, Alex Hutton, Evan Wheeler, Kymberlee Price, Michael Werneburg
  • Leveraging Threat Analysis Techniques – Mark Clancy
  • ISB-001 : Innovation Sandbox

RSAC Innovation Sandbox has been selecting the most innovative information security companies and products for the past 10 years.  Previous RSAC Innovation Sandbox Contest victors have garnered venture capital investment, large company buyout and increased media coverage. RSAC Innovation Sandbox Contest has rewarded a range of information security solutions, including cloud security, mobile and app security, physical security and analytics.

In addition, the Innovation Sandbox Contest program includes valuable content on how to establish a start-up, start-up trends and the future of information security.

  • Introduction – Hugh Thompson
  • Most Innovative Company at RSA Conference 2015 Top 10 Presentations

Three-Minute pitches followed by Q&A with judges.

  • Participating finalist companies:
    • bugcrowd
    • cyberreason
    • Fortscale
    • Nex Defense
    • SecurityDo
    • SentinelOne
    • Trust In Soft
    • Vectra
    • ticto – runner-up
    • waratek – Winner
  • Requirements:
    • Have an awesome product that has been in the market for less than one year; has the potential to make a significant impact on information security; can be demonstrated live and on-site during the event.
    • Have a great company that has a management team track record to successfully deliver products to market; is privately held, with less than $5M in revenue in 2014.
  • Judging panel:
    • Asheem Chandna, Partner at Greylock Partners
    • Asheem Chandna, Vice President of Security Engineering at Google
    • Renee Guttman, Vice President for Information Risk at Accuvant
    • Patrick Heim,Hhead of Trust and Security at Dropbox
    • Paul Kocher, President of Cryptography Research
  • How to Get Funded

Don’t let your groundbreaking idea sink out of sight for lack of funding. Find out where the money is and how to get it. UC Berkeley’s Jesse Goldhammer will guide this discussion between DARPA’s Dr. Angelos Keromytis, Trident Capital’s Alberto Yepez and Kickstarter campaigner Tiffany Spencer to sort out the challenges and benefits of conventional vs. unconventional funding routes to inject capital into nascent start-ups.

  • When to Build or Buy Your Security Solution – Panel

Jason Chan, Engineering Director, Netflix; Anup Ghosh, Ph.D., Founder and CEO, Invincea; Rick Holland, Principal Analyst, Forrester Research; Martin Roesch, Vice President and Chief Architect, Cisco Security Business Group

In today’s threat landscape, companies of all sizes need a technology investment strategy to protect their assets. Firms are often faced with either accepting the current toolsets available in the market, or b building their own tools to address their unmet needs. Rick Holland led a discussion on the tradeoffs of building or buying information security technologies with Anup Gnosh, Marty Roesch and Jason Chan.

  • Future Crimes: Why Cyber Was Only the Beginning – Marc Goodman

As ubiquitous as technology seems today, the scientific progress just over the horizon will leave our heads spinning. Today’s cyber attacks are only the beginning of our technological security risks. The Internet of Things, robotics, 3D printing, artificial intelligence and synthetic biology will provide unprecedented opportunities for entrepreneurs and criminals alike. Marc Goodman explored emerging threats and opportunities in securing the technologies of tomorrow.

  • Award Ceremony and Winner Announcement