InfoSec Conversations With Your People, Partners

Posted on by Fahmida Y. Rashid

Let's talk about what we've done so far this year. You have projects for making your organization more secure. You probably already dealt with some fires. You are also having regular conversations about security with your executives, users, and the board.Planning and Talking about security

Are you talking with your suppliers? We've seen over the past few months how attackers can come at you by targeting suppliers. Organizations are also increasingly relying on third-party providers and services to run mission-critical operations. Are you having regular conversations with your providers to make sure that security is still on their to-do list?

We will be talking this month about user awareness training and securing the supply chain. Share with us your tips as we dig into what the conversations should be, when they should happen, and who should be involved.

RSA Conference is just a short seven weeks away, and there are a lot of things to look forward to this year. The agenda is jam-packed with sessions offering valuable insights from industry experts, hands-on demonstrations in the Sandbox, and plenty of opportunities to network and socialize with industry peers. Time to make sure you have a plan.

Yes, six weeks is a lifetime in information security, but it's also not a lot of time. Let's consider an internal project rolling out new technology to employees. You would hope that at six weeks before live date the team is beginning to think about what would (and also what would not happen) when they flip the switch. No one is expecting a concrete plan; a rough outline of what to expect will do at this point.

The same idea applies to the conference. In years past, I winged much of the show and never looked at the agenda until the weekend before I was to leave. I wound up spending the time on the flight trying to squeeze in time to attend interesting talks around all the meetings I'd previously scheduled. Don't do that. The show is just too big.

Set aside this month to look over the agenda and pick out talks that seem interesting. Notifications for peer-to-peer (P2P) sessions go out this month, so expect to see lots of interesting talks there. The submissions period for the crowdsourcing track is now closed, and voting will start soon. As experiments go, this will be a fun one to watch. What talks do the information security community want to see?

And content isn't the only reason to go to RSA Conference. Take the opportunity to engage with industry peers and experts. Take part in the hands-on demonistrations at Sandbox, check out innovative security comopanies at the Innovation Sandbox contest, and visit the Cyber Safety Village. We will be talking more this month about things to check out at RSA conference, as well as sharing tips from veteran attendees on how they prepare for the intense week. If you have tips that have served you well over the past few years, let us know. I, for one, need a new strategy this year.

Fahmida Y. Rashid

Information Security Journalist, Editor-in-Chief, RSA Conference

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community