Shostack + Friends Blog Archive

 

RSA Planning

Have a survival kit: ricola, Purell, gatorade, advil and antacids can be brought or bought on site.

Favorite talk (not by me): I look forward to Sounil Yu’s talk on “Understanding the Security Vendor Landscape Using the Cyber Defense Matrix.” [link to https://www.rsaconference.com/events/us16/agenda/sessions/2498/understanding-the-security-vendor-landscape-using no longer works] I’ve seen an earlier version of this, and like the model he’s building a great deal.

Favorite talk I’m giving: “Securing the ‘Weakest Link’.” [link to https://www.rsaconference.com/events/us16/agenda/sessions/2460/securing-the-weakest-link no longer works]

A lot of guides, like this one, are not very comprehensive or strategic. John Masserini’s A CISO’s Guide to RSA Conference 2016 [link to http://www.securitycurrent.com/en/ciso_journal/ac_ciso_journal/a-cisos-guide-to-rsa-conference no longer works] is a very solid overview if you’re new, or not getting good value from a conference.

While you’re there, keep notes for a trip report. Sending a trip report helps you remember what happened, helps your boss understand why they spent the money, and helps justify your next trip. I like trip reports that start with a summary, go directly to action items, then a a list of planned meetings and notes on them, followed by detailed and organized notes.

Also while you’re there, remember it’s infosec, and drama is common. Remember the drama triangle and how to avoid it.