It’s not exactly “crunch time” yet, but we’re getting there. Three weeks from today tens of thousands of cybersecurity professionals will swarm into San Francisco and the Moscone Center for the 2019 RSA Conference. I already told you that if you are attending RSA 2019, you should plan ahead to make sure you get the most out of the event. Now I am going to give you guidance on specific sessions I think you should attend if you want to get the most out of the conference.
Vendor parties and collecting swag are both perfectly valid things to do, but the parties pretty much only happen at night, and you can only walk the aisles of the Expo Halls for so long. Joking aside, many of the keynotes sound interesting as well, and the RSA Conference offers an overwhelming array of educational and information sessions. Honestly, aside from the benefits of making new connections and networking with peers, the sessions are where you receive the real value of RSA.
Here are 7 sessions you should try to fit into your RSA schedule, and the descriptions from the RSA Conference website:
CSV-T08 – Using Automation to Help Achieve Security in a Multicloud Environment
Tuesday, March 5: 2:20pm – 3:10pm
Adobe has a large and growing footprint in multiple public clouds, as well as a significant private cloud fleet. To help ensure consistency in security policies and compliance, it is best to invest in infrastructure that automates as much as possible. This session will discuss the most critical components in developing an increasingly automated multicloud operational security stack.
- Understand what makes sense to automate and what doesn’t in a successful cloud security infrastructure stack.
- Learn about the tools and technologies developed and used by Adobe to tackle the challenge.
- Learn how to make use of the data gained from automation to better inform executives and boards.
CSV-T09 – Security at the Speed of DevOps: A Reality Check
Tuesday, March 5: 3:40pm – 4:30pm
DevOps teams are adopting cloud and CI/CD toolsets to iterate on the solutions and shorten time to value to their stakeholders. Learn how DevOps security fits into daily iterations between the bookends of corporate policies and periodic audits? Join this session to hear how Cisco’s infosec team is enabling DevSecOps and along the journey what has worked and what has been challenging.
P2P3-W05 – Overcoming the PaaS Dilemma: What You Do Not See
Wednesday, March 6: 10:40am – 11:30am
Platform as a Service is realizing amazing savings for traditional computing platforms in the cloud, and democratizing access to analytics and development services. Work with colleagues to overcome the lack of visibility and abstraction of security controls when using PaaS services.
STR-W10 – Deep Modernization of a Corporate IT Infrastructure
Wednesday, March 6: 1:30pm – 2:20pm
Presenting the lessons learned by KuppingerCole analysts while designing a future-proof IT infrastructure based on zero-trust and cloud-native principles for a European company in a highly regulated industry.
- Understand security and compliance challenges companies in highly regulated industries are facing.
- Identify technologies and solutions cybersecurity market is offering.
- Learn how to design a flexible and future-proof IT infrastructure for a modern agile business.
General familiarity with compliance challenges companies operating in highly regulated industries are facing, especially with regards to personal information processing.
P2P2-W12 – Meeting Cybersecurity Regulatory Requirements with Cloud Delivery Models
Wednesday, March 6: 2:50pm – 3:40pm
A discussion about the challenges in transitioning to a cloud delivery model while meeting regulatory requirements to implement a safe and sound cybersecurity program.
BC-R3ESE – DevOps, Cloud Sprawl and Security: A Complicated Relationship
Thursday, March 7: 10:30am – 10:50am
DevOps changed how we build applications and the cloud gave us a seemingly endless horizon of capacity. Unfortunately, problems creep in when DevOps introduced automation doesn’t properly enforce security and lifecycle controls. When everybody has programmatic access to your cloud environments cloud sprawl can happen quickly. Paul McCarty, Founder and Engineer at SecureStack will talk about how you can implement real DevSecOps adoption.
SP03-R09 – The Future is Hybrid: Key Considerations for Cloud and DevOps
Thursday, March 7: 1:30pm – 2:20pm
The elasticity and short lifespan of servers, paired with the up-and-coming wave of containerization, bring unique challenges to securing cloud infrastructure. This session will explore how to expand security operations to the cloud and DevOps—from managing configuration and vulnerability risks, to securing confidence across multiple cloud solution providers.
Learn about SIEMless Threat Management
The rsa agenda is online and you can reserve a seat at these (and hundreds of other sessions) right now. Of course, I assume you will also make time to walk the aisles of the Expo Halls to learn about the vendors and the products and solutions they have to offer. Make sure you leave time to visit Alert Logic at Booth 1627 in the South Hall to learn about SIEMless Threat Management, and how we deliver the right threat coverage for the right resources to help customers secure workloads across any environment.