With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda.
Of course, there is always our session at 3:10 p.m. PDT on Wednesday, April 18 in the South Briefing Center, where CTO of STEALTHbits, Jonathan Sander will present on Pushing Machine Learning Down the Security Stack to Make It Effective.
I also have to plug our booth because what is an RSAC without some live product demos, cool SWAG to remind you to call us, and a game of Capture the Flag! We will be talking about Data Access Governance, our File System and SQL attack series’, and how to leverage our solutions to help identify threats, secure data, and reduce risk. Stop by the North Hall booth #3114 and we will chat about all of the cool things we have going on at STEALTHbits.
Logistics:
Transportation:
You can always use Lyft around the city but with the construction around Moscone and most folks coming/going at the same times, here are some of your better options:
- Walk – majority of restaurants, bars, coffee shops and hotels are within walking distance and it should be beautiful weather the week of RSA
- Muni: https://www.sfmta.com/muni
- Cable Cars: https://www.sfcablecar.com/
Restaurants/Food:
- Presidio Picnic
- https://offthegrid.com/event/presidio-picnic/2018-4-15-11am
- Sunday, April 15 (if you are in early)
- Fortune Cookie Factory
- Bay Area Coffee Shops that will get you AMPED for the conference
- Blue Bottle Coffee: https://www.yelp.com/biz/blue-bottle-coffee-san-francisco-21
- Philz Coffee: https://www.yelp.com/biz/philz-coffee-san-francisco-15
- Papito Hayes: https://www.yelp.com/biz/papito-hayes-san-francisco
- R&G Lounge: https://www.yelp.com/biz/r-and-g-lounge-san-francisco
- Betty Lou’s Seafood & Grill: https://www.yelp.com/biz/betty-lous-seafood-and-grill-san-francisco
Now that we have covered the fuel to get you through the day, let’s get to the reason that majority of us are attending, the SWAG…just kidding, the sessions!
Tuesday, April 17
From “No Data” to “Drowning in Data”—It’s Time for a Reality Check STR-T10
April 17, 2018 | 3:30 PM – 4:15 PM
Governance, Risk & Compliance | Security Strategy | Classroom
For years the information security community has argued that it is hamstrung by a lack of data. Now we’re hearing organizations complain that they don’t know what to do with all of the telemetry they get from their security technologies. In this sess…
Speaker: Jack Jones, EVP R&D, RiskLens
Get Cookin’ with GDPR—Practical Techniques and Recipes for Success GRC-T08
April 17, 2018 | 2:15 PM – 3:00 PM
Governance, Risk & Compliance | Classroom
This session follows last year’s “Charting the Course to GDPR” five-phase implementation approach. This year’s menu will focus on sustainable practices gathered from working with clients and inside IBM. Topics include: GDPR myths and realities, progr…
Speaker: Cindy Compert, Cybersecurity Leader, US Public Sector Markets – CTO Data Privacy and Security, IBM Security
Privacy Essentials for Security Professionals PRV-T07
April 17, 2018 | 1:00 PM – 1:45 PM
Governance, Risk & Compliance | Privacy | Classroom
Security officers and practitioners need to be versed in the privacy language, global privacy laws, and how to integrate security and privacy when building a security and privacy program. This session will explore US, Canadian and EU law, GDPR challe…
Speaker: Todd Fitzgerald, Managing Director/CISO, CISO Spotlight, LLC
Nobody Puts Privacy in a Corner: Privacy in Enterprise Risk Management PRV-T08
April 17, 2018 | 2:15 PM – 3:00 PM
Governance, Risk & Compliance | Privacy | Classroom
The importance of privacy is often alluded to in generalized, value-laden terms that while sincere don’t necessarily help privacy be taken seriously in the enterprise risk management process. This session will highlight how privacy stakeholder requir…
Speaker: Jamie Danker, Director, Senior Privacy Officer, National Protection and Programs Directorate, U.S. Department of Homeland Security
Speaker: Naomi Lefkovitz, Senior Privacy Policy Advisor, NIST
Cybersecurity Framework 1.1 Adoption Experiences and Opportunities P2P3-T10
April 17, 2018 | 3:30 PM – 4:15 PM
Governance, Risk & Compliance | Security Strategy | Peer2Peer
The Cybersecurity Framework (CSF) establishes a common language with which to describe and measure a cyber-risk management program across business units, an organization or an industry. In light of the release of version 1.1 of the CSF, this session…
Facilitator: Timothy Shea, Global Public Sector, RSA
Wednesday, April 18
Protecting GDPR, PII, PCI, PHI, NIST, NY DFS Data with Accurate Data Discovery & Data Classification in Today’s Perimeter-less, Collaborative Environment (Quadriga DLP) BC-W3ESE
April 18, 2018 | 10:30 AM – 10:50 AM
Governance, Risk & Compliance
Uzi Yair, Co-founder of GTB Technologies will talk about how with increased connectivity and cloud service use come an increased risk to data and privacy breaches. All of this has stirred an influx of regulations, including the European Union’s Gener…
Do Not Prepare for a Data Breach—On Second Thought, Prepare! LAB1-W03
April 18, 2018 | 9:00 AM – 11:00 AM
Analytics, Intelligence & Response | Governance, Risk & Compliance | Security Strategy | Learning Lab
Preparation is a key part of effective data breach response. From learning roles and responsibilities to developing strong cross-functional capabilities, tabletop presentations and exercises can provide important lessons to all involved. Through disc…
Facilitator: Kimberly Peretti, Partner; Co-lead Cybersecurity Preparedness & Response Practice, Alston & Bird, LLP
Facilitator: Dr. Christopher Pierson, CEO, Binary Sun Cyber Risk Advisors
Plan On Moving from ISO 27001/2 to NIST CSF? How? When? P2P4-W16
April 18, 2018 | 4:15 PM – 5:00 PM
Governance, Risk & Compliance | Security Strategy | Peer2Peer
By discussing the move from ISO 27001/2 to NIST CSF the attendees can openly review the business decision, identify the critical steps and outline the resources. In this discussion, NTT Security will facilitate the discussion around the security fram…
Facilitator: John Petrie, Global Chief Information Security Officer, NTT Security
The EU’s General Data Protection Regulation—Beauty or Beast? PRV-W12
April 18, 2018 | 1:45 PM – 2:30 PM
Governance, Risk & Compliance | Privacy | Panel Discussion
The European Union will soon begin enforcing a new General Data Protection Regulation that governs how EU personal data is processed both within and outside of the EU. Besides obvious effects on data privacy, the GDPR will radically change how compan…
Moderator: Paul Rosenzweig, Principal, Red Branch Consulting PLLC
Panelist: Michelle Dennedy, Chief Privacy Officer, Cisco
Panelist: Ariel Silverstone, Principal, GDPR Pros, LLC
Panelist: Mark Weatherford, SVP and Chief Cybersecurity Strategist, vArmour
Implementing a Quantitative Cyber-Risk Framework: A FinSrv Case Study STR-W02
April 18, 2018 | 8:00 AM – 8:45 AM
Governance, Risk & Compliance | Security Strategy | Classroom
This session will review the Cyber-Risk Framework implemented by TIAA that scales from the granular level up to business-level aggregate risk reporting, avoiding some typical pitfalls by avoiding being too narrow or broad. Included in this session wi…
Speaker: Dr. Jack Freund, Director, Cyber Risk, TIAA
The NIST Cybersecurity Framework: What’s Next! AST2-W02
April 18, 2018 | 8:00 AM – 8:45 AM
Governance, Risk & Compliance | Panel Discussion | Association Special Topics
This panel includes the NIST program manager for the Cybersecurity Framework and Framework practitioners who will discuss the new updates within the Framework and areas where NIST is continuing to research for future cybersecurity guidance such as cy…
Moderator: Thomas Conkle, Cybersecurity Engineer, G2 Inc
Panelist: Matt Barrett, Program Manager, NIST Cybersecurity Framework, NIST
Panelist: Kelly Hood, Cybersecurity Engineer, G2
Panelist: Greg Witte, Security Engineer, G2 Inc
Issues of Quantifying Risk around Identity and Access Management (IAM) GRC-W14
April 18, 2018 | 3:00 PM – 3:45 PM
Governance, Risk & Compliance | Identity | Panel Discussion
Identity and access management (IAM) has been a longtime domain for information security. How much energy should we be investing in these programs? How much risk is there for managing identities? This session will feature top risk professionals to ge…
Moderator: Steve Kruse, Director, Clango
Panelist: Jack Jones, EVP R&D, RiskLens
Panelist: Tony Martin-Vegue, Director of Technology Risk, Lending Club
Panelist: Evan Wheeler, CISO, VP Risk Management, Financial Engines
Thursday, April 19
The Top Nine Factors for Effective Data Protection Controls PDAC-R04
April 19, 2018 | 9:15 AM – 10:00 AM
Governance, Risk & Compliance | Protecting Data & Applied Crypto | Classroom
The lead author of the 2017 Payment Security Report, Ciske van Oosten, will present the global state of payment security, the value of compliance, geographic and vertical industry insights, introducing the control management life cycle, and how to me…
Speaker: Ciske Van Oosten, Senior Manager, Verizon
Quantitative Information Security Risk Management BOF-R01B
April 19, 2018 | 7:00 AM – 7:45 AM
Governance, Risk & Compliance | Birds of a Feather
Are you currently performing or interested in implementing quantitative risk management in your organization? This is your chance to meet other risk managers in the information security field, trade tips, methodologies and discuss advanced techniques…
Facilitator: Tony Martin-Vegue, Director of Technology Risk, Lending Club
Friday, April 20
Big Little Lies—Truth on the New EU Regulations for ID and Data Protection IDY-F01
April 20, 2018 | 9:00 AM – 9:45 AM
Governance, Risk & Compliance | Identity | Privacy | Classroom
The EU commission has put into action new regulations on identification (eIDAS) and data protection (GDPR). What does this imply for European and non-European companies? What are the guiding principles behind these regulations, and how do we have to …
Speaker: Dr. Kim Nguyen, Managing Director, D-Trust GmbH
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Corin Imai is a Director of Marketing for STEATHbits. Corin began her career working on server, application and desktop virtualization, networking, software-as-a-service, and cloud computing technologies before delving into application and data security. In her current capacity at STEALTHbits, she manages the industry-leading StealthAUDIT suite that enterprises around the world depend on to defend their most critical information. Corin can be found on Twitter @corinimai
Related Posts
- Sensitive Data Discovery for Compliance
- Using The Azure Information Protection (AIP) Scanner to Discover Sensitive Data
- Advanced Data Security Features for Azure SQL- Part 1: Data Discovery & Classification
- How to Protect Office 365 by Classifying Your Data with Microsoft’s AIP Labels
- 2019 Verizon DBIR Key Findings
- 5 Cybersecurity Trends for 2019
- EU GDPR: Paving the Way for New Privacy Laws?
- Announcing Stealthbits Activity Monitor 3.0 & StealthINTERCEPT 5.1
- Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report
- Where Real Organizations Are with EU GDPR 10 Days from Launch
Leave a Reply