• Healthcare Industry Finds Itself Falling Behind on Data Security Front

    by Tony Kontzer on April 28, 2017

    With the healthcare industry having put so much energy in recent years to the transition to electronic healthcare, and to protecting patient privacy through regulations like the U.S.'s Healthcare Insurance Portability and Accountability Act (HIPAA), one would assume the sector has been addressing security sufficiently. That would be a dangerous assumption. Recent events haven't just highlighted…

  • Managing the Machine: More Like Building the Machine

    by RSAC Contributor on April 28, 2017

    By Paul Yates I had the incredible opportunity to facilitate a Peer-to-Peer session at RSAC 2017. My session was called “Managing the Machine: Strategies for Effective SecOps Management.” The session focused on common managerial techniques that can be applied by Security Operations managers to overcome the several challenges we face. I began the session by doing a few straw polls of the room to…

  • Post Conference Highlights from the RSAC 2017 P2P Session on Protecting ICS Networks from Cyberthreats

    by RSAC Contributor on April 26, 2017

    By Olasupo Lawal Session Description: In this session, participants focused on sharing practical insights in protecting ICS networks from cyberthreats. Session Highlights: The P2P session focused on 3 key areas: What are the common practical challenges in implementing cybersecurity practises in ICS environments? What are the practical steps one can take to address these challenges? The focus…

  • Continuous Purple Teaming: “Red Teaming for Success”

    by RSAC Contributor on April 25, 2017

    By Col. John Burger This session focused on the need for continuous testing and followed with a discussion on testing approaches, best practices, and lessons learned from the collective group. The participants provided a great mix of both commercial and government industries. Commercial sectors represented included energy, automotive, retail, financial and automotive. Government entities…

  • AppSec Testing: An Often Overlooked Component of DevOps

    by Tony Kontzer on April 25, 2017

    No matter how much companies learn about the vulnerability of their applications, or how many people are urging them to address those vulnerabilities during development, they still don't seem get the message. Despite the fact that just about every DevOps and AppSec vendor is waxing poetic about the importance of AppSec testing, and independent studies are predicting huge growth for the market, …

  • J. Paul Reed on The Intersection of Release Engineering and Rugged DevOps

    by Mark Miller on April 24, 2017

    This is a review of J. Paul Reed’s’ session at DevOps Connect: DevSecOps at RSAC 2017 Vacuums: Good for cleaning carpets. Not great for teams who need to collaborate. DevOps without collaboration cannot succeed. I’ll guarantee that. In fact, collaboration is fundamental to the cultural changes required for successful DevOps evolutions. Gone are the days of development developing in a vacuum and…

  • Incident Response in the Public Cloud

    by RSAC Contributor on April 21, 2017

    By Alex Maestretti Description: We held a session to discuss the unique challenges of conducting incident response in the public cloud. We had a great mix of attendees at the P2P session on Incident Response in the public cloud, including practitioners from cloud native companies as well as those from mature organizations just starting to move out of the datacenter. We started the conversation with…

  • Leveraging DevOps for AppSec in Retail

    by Ed Moyle on April 20, 2017

    Application development is in a period of transition; it seems everyone is moving to faster-cycle development paradigms like DevOps and Agile while new release and deployment paradigms like application containers (Docker), platform as a service (PaaS) and microservices simultaneously gain traction. That change is happening everywhere, but in a retail context, there are special considerations that…

  • Wearables: Security of Things

    by RSAC Contributor on April 19, 2017

    By Marc Bown In this session, we discussed wearable security, taking into account considerations and constraints unique to wearables and IoT devices. In this session, we used Fitbit’s architecture and experience to frame a discussion around wearable security challenges and best practices. We explored threats that wearable devices face and considered how the unique constraints of wearable devices…

  • Security Sourcing: Peers Discuss What Functions to Outsource at RSAC 2017

    by RSAC Contributor on April 18, 2017

    By Kevin Fuller The Peer2Peer session "To Source or Not to Source. Is That Really the Question?" was very well-attended by security leaders across many verticals, offering a range of experience with regards to sourcing their security programs. Attendees shared what functions they have outsourced to a trusted third party, how they came to those decisions, and what their experience was in those…

Are you interested in contributing to the RSA Conference blog?  Download our 2017 Editorial Calendar for more info. 

This document was retrieved from on Sun, 30 Apr 2017 06:53:43 -0400.
© 2017 EMC Corporation. All rights reserved.