My First RSA Conference: Exciting Professional Diversity and a Pinch of Fear

Posted on by Rita Heimes

My good friend Jon Stanley invited me to speak on his panel at RSAC 2015. This will be my first time at the conference, let alone as a speaker.RSAC crowds can be intimidating

Over the past two decades as a lawyer and law professor, I’ve been to plenty of conferences: grand ones organized by professional membership associations with fancy keynotes speakers and high production value; little academic ones where only the twenty people in attendance know about (or care about) the subject. They all have something in common:  They are professionally monocultural by design, with lawyers teaching other lawyers about law.

RSAC will be refreshing. When I filled out my registration form, it was not even possible to select “counsel” or “lawyer” as my job title. The information security world is professionally multicultural. It requires cross-disciplinary training and exposure to solve complex security challenges. I cannot be a good data privacy and security lawyer without learning to speak IT security. Information technologists now need to be familiar with the difference between a security breach and a contract breach.  Mixing us all together in the high-tech capital of the world is simply brilliant. I can’t wait.

I confess, of course, to nervous anticipation. My primary expertise is intellectual property law, which typically involves working with scientists, technologists, and entrepreneurs when they are optimistic, hopeful, excited and looking toward what they hope is a promising and lucrative future.

IP represents novelty and innovation, people taking advantage of their creativity and intelligence to improve their lives and those of others. The fundamental purpose behind patent and copyright laws is to promote human knowledge and scientific progress, to incentivize people to generate art, music, poetry, and other expressive works for society to enjoy. These laws spring from constitutional foundations and inspire productivity and creativity.

Information security is necessary because people cannot be trusted. They make mistakes, they act maliciously, they are spiteful, and they commit crimes. Laws around data protection have sprung up very recently to require enterprises that handle data to manage that information in particular ways. Liability is shifted from client to vendor through contracts, cyber insurance products are now for sale, and fear drives the purchase of technology products, and consulting and legal services. I happen to like this dark world because it’s just as intellectually intriguing as the creative one. The people who work in information security are excited by discovery too – catching the mouse, perhaps, rather than creating the trap. They love the science and technology that drives information management, and they are smart, motivated and curious.

So, thanks for having me, RSA Conference. I am impressed by your history of bringing diverse experts together in acknowledgment of the complexity of these problems.  I’m excited by the technology topics as well as the legal and policy ones.  I’m thrilled at how many people (like me) have discovered what a terrific event this is.  And I’m looking forward to meeting you all! 

Rita Heimes

General Counsel and Privacy Officer, IAPP


Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community