RSA Conference

With the increased scale and pace of automated processes along with migrations to the cloud, proper design of security architecture becomes a critical component of your overall IT architecture implementation. Considering this, what should your business prioritize as the ultimate driver for security architecture decisions - and where does risk, privacy and compliance fit into the picture? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Principal Program Manager, Microsoft Aparna Murthy, Aparna Murthy, CA, CPA, Principal Risk and Compliance Consultant Kacy Zurkus, Content Strategist, RSAC

Turku Energia - a Finnish energy distribution company - secured its power supply & IT network for the city’s 200,000 citizens. Utility SCADA systems are hacking targets, due to the damage that can be inflicted by sending cities dark or damaging the grids. The utility’s IT team ensured data integrity, visibility, and rapid threat detection and remediation within both IT and OT environments. Speakers: Vikram Sharma, Senior Engineering Manager, IoT, Cisco Kacy Zurkus, Content Strategist, RSAC

Study after study shows cybersecurity job descriptions lack clarity across most roles and industries — stifling talent recruitment, development and retention efforts. Infosec Institute and Aspen Cybersecurity Workforce Coalition will provide data-backed insights into how organizations are aligning job descriptions and training to tools like the NICE Framework, including what’s working and what’s not. Speakers: David Forscey, Senior Policy Analyst, National Governors Association Megan Sawle, VP of Research & Marketing, Infosec Kacy Zurkus, Content Strategist, RSA Conference

Rachel Tobac hacks people based on publicly available information. Camille Stewart encourages people to mitigate risk and defend against Rachel’s methods. We’re bringing these two industry leaders together for this one-of-a-kind podcast that will explore social engineering risks and highlight some best practices to help protect users and organizations. Presenters: Camille Stewart, Cyber Fellow, Harvard Belfer Center and Head of Security Policy, Google Play & Android, Google Rachel Tobac, CEO, SocialProof Security, White Hat Hacker Kacy Zurkus, Content Strategist, RSA Conference

The FBI’s Internet Crime Complaint Center received more than 791,000 complaints in 2020—a record number, representing a 69% increase over 2019. Join us for an in-depth discussion as we examine details of the report with FBI’s Cyber Division's Deputy Assistant Director Herb Stapleton. Speakers: Herb Stapleton, Deputy Assistant Director, Cyber Division, FBI Kacy Zurkus, Content Strategist, RSA Conference

Hotel chain data breaches have resulted in huge financial loss and reputational harm. Unlike other consumer-facing businesses, such as retail stores, hotels must hold onto payment card data for extended periods passing this valuable data among many participants in the payment security ecosystem as customers make reservations and complete travel. In this podcast, our guests will identify and discuss how organizations can reduce the risks associated with handling payment card information for hotels and, in turn, begin to strengthen the cybersecurity of the property management system (PMS). For more information, visit NIST’s project on Securing Property Management Systems. https://www.nccoe.nist.gov/projects/use-cases/securing-property-management-systems Speakers: John T. Bell, Founder and Principle Consultant, Ajontech LLC Arshad Noor, CTO, StrongKey Bill Newhouse, Cybersecurity Engineer, National Cybersecurity Center of Excellence (NCCoE) Kacy Zurkus, Content Strategist, RSA Conference

Business email compromise (BEC) has made a comeback. Vishing calls have proven profitable for cybercriminals as well. How can you stay ahead of these threats and detect fraud before any money is sent? Join us for a podcast that discusses how these attacks work, who they target and why. Our guests will also offer tips on what to do both professionally and personally to limit risk—from small things like training those who are handling the financial transactions to working with the banks and the cyber team. Speakers: Nicole Beckwith, Staff Cyber Intelligence Analyst, GE Aviation Ursula Cowan, Threat Research Analyst, FireEye/Mandiant Kacy Zurkus, Content Strategist, RSA Conference

In the industrial space, we’ve seen more organizations bringing in Chief Product Security Officers—with good reason. Security needs to be baked into the products that companies are delivering to customers, particularly when there is a life/safety impact. But the need for product security extends beyond ICS and OT. Join us with our guests Megan Samford and Patrick Miller who will look at why product security is the new frontier of the cybersecurity industry. Presenters: Patrick Miller, Founder, Director & President Emeritus, EnergySec and US Megan Samford, Chief Product Security Officer, Schneider Electric Kacy Zurkus, Content Strategist, RSA Conference

The majority of applications contain at least one security flaw and fixing those flaws typically takes months. Automating scanning and scanning via API can help development teams fix faster by a pretty wide margin. Veracode’s Chris Eng and Cyentia’s Jay Jacobs explore what’s driving the volume of code flaws, what factors influence fix rates, how organizations with higher fix rates are tackling the problem successfully, and automation as a best practice for DevSecOps and an action developers can take to "nurture" their apps to better security. Presenters: Chris Eng, Chief Research Officer, Veracode Jay Jacobs, Co-Founder and Chief Data Scientist, Cyentia Institute Kacy Zurkus, Content Strategist, RSA Conference

Principles of epidemiology can be effectively applied to cyber security, with some adaptations. What do travel quarantines and firewalls, social distancing and port closures have in common? Learn how much cyber incident responders can learn from the recent pandemic that effectively shut down so many of the human connections in the modern world. Presenters: Steve Faruque, Cyber Security Manager, IBM Dr. Manisha Juthani-Metha, Associate Professor of Medicine and Epidemiology and Infectious Diseases Specialist, Yale School of Medicine and Yale New Haven Hospital Kacy Zurkus, Content Strategist, RSAC This podcast is sponsored by Axonius. Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security solution coverage gaps, and automatically validates and enforces security policies.

The submissions and decisions have been made. The Program Committee’s selections will soon be announced. Before that happens join me and two members of a Hackers & Threats PC to discuss what trends they saw come through in this year's RSA Conference submissions. They'll also give a sneak peak into what attendees of RSAC 2021 have to look forward to on the Hackers & Threats track. Greg Day, VP and Chief Security Officer, EMEA, Palo Alto Networks Nicole Little, Walt Disney Studios Kacy Zurkus, Content Strategist, RSA Conference

TikTok and Huawei are probably two of the most notable Chinese technology companies that are enveloped in policy debates. The US government's most recent actions against TikTok could be an indication of future actions that could be taken against Chinese technology companies. Join us for the important discussion about how geopolitical motivations impact technology regulations and international interference operations. We'll look at how Western businesses are changing their technology development, operations and staffing strategies in Greater China and much more. Gabo Alvarado, Managing Director, Pointe Bello Katherine Koleski, Program Analyst, Defense Innovation Unit Aaron Turner, President and Chief Security Officer, HighSide Kacy Zurkus, Content Strategist, RSAC

Sometimes the greatest obstacles we must overcome are the ones we put in front of ourselves. It’s no different for businesses or even for an entire industry. In cybersecurity, one of the greatest barriers to entry could be the perception people have of what cybersecurity is. Many outsiders believe a job in cybersecurity equals sitting in front of a screen and coding all day. So, how do we rebrand ourselves in order to develop talent from various diverse sources? Join us to discuss different strategies for addressing the talent shortage.

What is OT systems management and why is it so critical to protecting our critical infrastructure? What are the necessary controls to ensure ICS/OT cybersecurity? A comprehensive program includes a range of controls and design efforts, In this podcast, industry leaders will discuss the challenges and requirements of protecting Operating Information Technology systems, which includes the need for establishing OT Systems Management, a holistic approach to hardening, updating, maintaining, and monitoring the endpoints and networks in industrial environments.

Though concerns over election security did not begin with the 2016 Presidential election, new and emerging threats coupled with an expanding attack surface have exacerbated what were already major security concerns for municipalities, states and the federal government. So what is the current risk environment and what has changed in CISA and the FBI’s cyber missions? We’ll answer these questions and offer tips on how the tech community and citizens can get involved in this can’t miss podcast.