The RSA Conference whirlwind is only days away. Are you ready? Is it possible to be ready? Don’t forget to pack your Tylenol and your sensible shoes. Like many of you, even though the conference is for a full week, my free time at the conference is extremely limited with many competing priorities. Planning is required to make the best use of my time. Beyond working the Mimecast booth and meeting with customers, prospects, industry analysts, and journalists, what will I do with my free time? Attend some sessions.
In no particular order, here are the 5 sessions that have caught my eye that I will make every effort to attend:
- Lessons from a Billion Breached Records-Ever wonder what happens with all those stolen data and how they were stolen? And why do attackers often dump this data publicly? With breaches representing a billion breached data records in scope, it sounds like the speakers are in a pretty good position to sort this out for me.
- Cyber-Insurance: Fraud, Waste, or Abuse – Does this session sound a bit pessimistic about cyber-insurance? I frankly have not understood how insurers can reasonably underwrite a risk, in this case cyberrisk, for a loss whose probability of occurrence and size of impact is impossible to predict. I am expecting a cautionary tale in this session for sure – maybe even some anger!
- Practical Intelligence Sharing: ISACs and ISAOs– Intelligence sharing has certainly made progress, but it seems to me that we still have a long way to go. This session is closely related to my current strategy focus at Mimecast as we collect a tremendous amount of data by processing the email of our 20K+ customers and inspecting ~650M emails every day for threats. But how best to share the meta-information we glean from this data with customers and industry groups? I hope this series of sessions will add to my insights on this.
- Targeted Attacks Against Corporate Inboxes – A Gmail Perspective– Another session of the five that directly relates to what we do at Mimecast for email security. Always interesting to hear what one of the big email service providers is seeing and doing (and not doing) around email security.
- Psychology of an Eastern European Cybercriminal: Mindset Drives Behavior– Under the guise of knowing your adversaries, this session looks quite interesting as it will focus on making some of the nameless and faceless cybercrime bosses a bit more human. While I don’t expect to come out of this session with any sympathy for them, perhaps I can pick up some tricks to help our customers better defend against them.
In my 15 consecutive years of attending RSAC, I never cease to be amazed by the scale and scope of the conference. Let’s all try to attend some sessions this year! These are my 5 suggestions. What other ones do you think should be on my list?