Submission Examples

All of the below submissions have different elements that stood out to our Program Committee judges.

In particular, note the attention paid to the “session detail” portion, which provides depth, validity, expertise and specifics that help the judges to uniquely understand the perspective of what the particular speaker has to offer and why they stand out from other similar submissions that may have been made.

You’ll notice all of these submissions are focused on teaching—not just awareness for the sake of being aware—and each is different. None are a pitch for a particular product or service, and each of the speakers have strong domain expertise—as illustrated in their bio—to support their case to present on this topic (the biographies and vantage point of the proposed speakers is hugely important in the evaluation process).

But these aren’t just good submissions—they were solid from the beginning all the way through to the end. Their submissions stood out to our Program Committee, they responded to Program Committee feedback and made updates accordingly within their decks, in many cases they took advantage of the speaker training and rehearsal options that RSA Conference offered and they delivered. We recommend reviewing their submissions, slides and actual recordings where available. 

Lenny Zeltser
Lenny Zeltser presented a Learning Lab. His Lab was titled “Evasion Tactics in Malware from the Inside Out.” Labs are all about the hands-on experience. For this particular one, attendees downloaded software and reviewed instructions even before entering the room. View his slides.

What stood out:

  • Lenny clearly understood what a Lab was about. His submission was geared toward a Lab delivery: very hands on, with well prepared exercises and experiences for attendees to complete. The pacing of the experience took attendees through progressively more advanced material, helping them learn and discover as they went.

  • Lenny’s bio showed experience and credibility in this sort of environment (teaching in a hands on setting), providing assurance to the Program Committee that he could succeed in this sort of environment.

  • The technical depth of the submission matched the technical depth of the RSA Conference audience. The “session detail” portion was very clear with what would be covered and Lenny’s expertise showed through with the level of depth conveyed.

View Lenny Zeltser's session submission.

John Strand
John Strand presented in the RSAC Sandbox. His session was titled” Hunt Advanced Attackers on a Budget Less than the GDP of a Small Country.” View his slides or his slides plus audio.

What stood out:

  • RSAC Sandbox is about live demos and cutting-edge trends. The detail portion of John’s submission made it clear he’d be in the weeds the whole time, with the energy and expertise to move quickly around the different threats he’d be highlighting.

  • Specifics! The session detail portion is very rich in detail, light on marketing fluff. Detail isn’t about long, flowing paragraphs; it’s about specifics that show flow, depth and perspective. This submission was packed and clear.

  • Focus on defenses to accompany the attacks. RSA Conference is about actionability—John’s care of making sure to balance attacks with response to the attacks was key, noting the defensive tools/approaches highlighted were not commercial offerings (very important!)—open source tools are well received by the Program Committee and our attendees.

View John Strand's session submission.

Nick Selby
Nick Selby presented on the C-Suite View track. His session title was “Inside the Timehop Breach Response.” View his slides or his slides plus audio.

What stood out:

  • Case study with detail, detail, detail across all stages of a breach response.

  • HONESTY! It’s easy to talk about what goes right; it’s harder to talk about when things go wrong. Yet those are the lessons that are often most valuable. The raw honesty of this session and commitment to helping the industry learn from and benefit from a bad experience was incredibly valuable and commendable. This presentation had something for every member of the security team.

  • Apply slides used THROUGHOUT the presentation (vs only at the end) helped attendees to take away many actionable recommendations throughout the presentation that were applicable to different pieces of their team. This approach was extremely well received by the Program Committee and, most importantly, the audience.

View Nick Selby's session submission.

Dave Shackleford
Dave Shackleford presented on the Cloud Security & Virtualization track. His session title was "Cloud Security: Automate or Die". View his slides or his slides plus audio.

What stood out:

  • Concrete examples--across applications!--and metrics (acknowledging this is buzzword territory): pure nirvana!

  • Mock architecture used to illustrate concrete points; speaker made it clear all of the categories he would cover with specific examples that would be used to illustrate key points. The level of detail provided (backed up by the speaker bio) made it clear to the Program Committee this speaker would deliver and was highly competent on this topic.

  • Additional comments section provided assurance this wouldn't be a general pass through (general sessions don't do well at RSA Conference--our attendees are very experienced!), acknowledging there would be demos, samples and code (again, matched the level of expertise promised by the speaker), which helped this submission stand out from others that were topically similar.

View Dave Schackleford's session submission.

Jack Jones
Jack Jones presented on the Professional Development track. His session title was "Tomorrow's Cyber-Risk Analyst". View his slides or slides plus audio.

What stood out:

  • The honesty of this presentation really helped it to stand out--topically it complimented the need for qualified analysts, but was provocative in what it promised to deliver, promising concrete takeaways.

  • Forward leaning perspectives were valued by the Program Committee, which sought to balance current and future challenges with the agenda picks.

  • The background of the speaker (and related blog) made it clear the speaker could deliver against the topic, which was grounded in specifics and actionable guidance.

View Jack Jones' session submission.

James Lyne and Stephen Sims
James Lyne and Stephen Sims presented on the Hackers & Threats Advanced track. Their session title was "Demystifying Debugging and Disassembling Applications". View their slides.

What stood out:

  • Live demonstrations promised….matched by assurances in the bios (and other samples of past presentations) the presenters can pull it off successfully

  • Topically of interest to our attendees--variety of tools mentioned made it clear this was not a pitch or an endorsement; educational focus clear (no theoreticals!)

  • Co-presenters both highly qualified *and* additional comments field was utilized to provide a nod toward the synergy of the co-presenters....chemistry is very important when presenting!

View James Lyne and Stephen Sims' session submission.

Masha Sedova
Masha Sedova presented on the Human Element track. Her session title was "Expanding your Blue Team by Creating Security Culture". View her slides or her slides plus audio.

What stood out:

  • Case study! Our audience appreciates real experiences with real results and tangible lessons learned and approaches.

  • Past success of presenter--use that "additional comments" field to sell yourself and why you are uniquely qualified to best present on the topic. 

  • Previous speaker results are provided to the Program Committee and aren't a guarantee of acceptance (more than 60% of our speakers were first timers in 2017), but are a good baseline for the Committee knowing the speaker's style. Scores/experience with other events is interesting as well.

  • Topical relevance--the "people" part of the equation is of growing interest to our audience.

View Masha Sedova's session submission.

Sarah Squire
Sarah Squire presented on the Identity track. Her session title was "Measuring Authentication: NIST 800-63 and Vectors of Trust". View her slides or her slides plus audio.

What stood out:

  • First time presenter! She also maximized her own personal experience @ RSAC by hosting a birds of a feather event....great way to get to know people! 

  • Timely topic with domestic and global implications with careful review of key standards

  • Expertise of speaker is clear across the subject domain.

  • Standards is tricky territory--important to our audience, but they can become "pitch potential" just like products; in this case it was clear the speaker had depth of knowledge and experience with a wide range of standards important to identity community and was not favoring or promoting any one direction but rather looking holistically and analyzing impact on authentication measurement.

View Sarah Squire's session submission.

Dr. Avril Salter
Dr. Avril Salter presented on the Technology Infrastructure & Operations track. She delivered a short form version of her presentation via a “QuickLooks” preview that was available before RSA Conference. Both her slides and the QuickLooks (so you can hear her summary session preview) are available here.

What stood out:

  • Session detail!—questions people should ask and the lessons they will learn

  • Technical depth of presenter (which was backed up in the bio details and other assets linked to for Program Committee review)

  • Specifics of what would be covered—not just generalizations, but bullets that help the Committee understand flow, prioritization, and detail and how what will be presented can be applied

View Dr. Salter's session submission.

Christopher Romeo
Christopher Romeo presented on the Human Element track. 
His presentation and bio is available here.

What stood out:

  • Videos/examples to share—specifics on how they will be used, what they will illustrate, etc. Gets away from long series of bullets—presents good variety.

  • Real life case study—specifics on process followed, how received, and impact achieved

  • “Top 10 secrets of success”—again, specifics that an organization can take and apply what is being presented with a gauge of what to expect

View Christopher Romeo's session submission.

Marcus Murray
Marcus Murray presented in the Hackers & Threats track. 
He also delivered a short form version of his presentation via a “QuickLooks” preview that was available before RSA Conference. Both his slides and the QuickLooks (so you can hear his summary session preview) are available here.

What stood out:

  • Live hack—reviewers like to see this opportunity for interactivity and “unscripted engagement”—so much better than slides with a series of bullets! (NOTE: brand new research is well received for this same reason)

  • The key learnings at the end—the judges want to see this isn’t a hack just for the sake of hacking, but rather a session that will teach and that attendees can respond to

  • Session detail is exactly that—an expansion of the specifics vs a cut and paste of the short abstract

  • This submission was very intriguing to the Program Committee from the beginning—the element of surprise (in this case that a JPEG could do such extensive damage) jumped out and made them want to learn more

View Marcus Murray's session submission.

Theresa Payton
Theresa Payton presented on the RSAC TV studio track, so her slides are available for download (note how few bullets are in the deck!) and you can see her actual recorded presentation as well.

What stood out:

  • Depth of expertise based on background of speaker

  • Specific questions that will be answered and the actionability of what would be presented

  • As a RSAC-TV session, applicability of this topic broadly to audiences within and outside of RSA Conference attendees

View Theresa Payton's session submission.


This document was retrieved from on Sat, 20 Jul 2019 22:24:14 -0400.