Day 4 Recap: Keynote Highlights, Capture the Flag, Public Interest Tech and More

Posted on by RSAC Editorial Team

Tired yet? Have the first four days been information overload or are you ready for more? We’re hoping it’s the latter because we have one more day of awesome content for you, and a special treat at the end of Friday when RSAC program chair Hugh Thompson sits down with actress and comedian Tiny Fey. Stick around!

On Thursday the rain let up, the sun came out, and attendees were treated to a bevy of rich content and new faces on stage. Here’s a look back at day four at RSAC:

The day started off bright and early at the Marriott with our first-ever SANS Core NetWars Experience – Intro to Capture the Flag. Designed for women and hosted by RSAC, Women’s Society in Cyberjutsu (WSC), and SANS, attendees spent the morning in a CTF competition gaining real-life hacking experience. After every seat was filled, SANS led the group through the first CTF, then the group played themselves. The winner was a woman who had never done a CTF before!

Cybersecurity expertBruce Schneier, in partnership with the Ford Foundation, led a full-day session in Moscone South on bridging the gap between cybersecurity and public-interest tech. A new profession is emerging: a community of people using their skills in technology to change the world for the better. Topics throughout the day included cyber’s role in the growing debates about human society, Silicon Valley’s unique position and role in public interest, public interest tech’s impact on the U.S. government, and how/why higher education needs to incorporate a public interest perspective in technology departments and a tech perspective in public policy departments.

The South keynote stage opened this morning with a fireside chat titled Stress, Burnout and You: Fireside Chat with Dr. Christina Maslach. Josh Corman, CTO of PTC, spoke with Maslach, a renowned psychology expert and a professor at UC Berkeley, about a rampant issue in cybersecurity: burnout. She pointed out that burnout is a research measure, not a diagnostic tool, and noted the three main measures she has for burnout: exhaustion, cynicism and futility. Maslach also listed six areas where burnout imbalances are important (including workload, rewards, values and fairness), and looked at what is causing burnout and some responses.

“Colleagues are the number one stressor for workers and they should be your support,” she said. “Recently I’ve been seeing a lot of top-down fixes [for burnout], but they’ve not been informed by the ground up so they’re often ineffective.”

Alan Paller, research director and founder at the SANS Institute, moderated a panel of fellow SANS members titled The Five Most Dangerous New Attack Techniques and How to Counter Them. Among the new attack techniques were domain name system (DNS) and targeted individualized attacks. Paller then opened up the conversation to field questions from the packed audience.

In Moscone South this afternoon, J. Trevor Hughes interviewed privacy executives from LinkedIn and Uber in The Future of Data Protection: Adapting to the Privacy Imperative. “Privacy is having a moment,” said Hughes, who focused the discussion around GDPR and the responses from both companies. “I think of GDPR like a baby: we waited two years for the baby to be born and we can’t just leave it in its high chair with nothing to eat. It needs to be fed,” said Ruby Zefo, Chief Privacy Officer, Uber.

At LinkedIn, the company’s Head of Global Privacy Kalinda Raina said, “we used GDPR to help the company understand data privacy isn’t just a legal issue, it extends throughout the company and is something everyone at the company has a responsibility for.” Hughes asked both panelists about the right to be forgotten, GDPR enforcement, executive response, the 72-hour notification mandate and the complexities of Brexit.

“What’s key for companies from a tech standpoint is what it means for your relationship with business in the UK and the rest of Europe,” said Raina. “You also have to think through your contracts; is a transfer of data to the UK the same as one to the EU?” Zefo offered this suggestion to companies concerned about privacy around Brexit: “You should keep following GDPR guidance and ICO (Information Commissioner’s Office).”

Hopefully you got a chance to attend today’s afternoon session at Moscone West, Tales of a Teenage Security Supergirl. 16-year-old Kyla Guru, founder and CEO Bits N’ Bytes Cybersecurity Education, took the stage in a full house and shared her own unique story, what she sees for the future of the industry, and how we can make radical change to our current state of cyber-insecurity.

Moving from a cybersecurity newcomer to a seasoned vet, Guru’s talk was followed by a conversation with former Cisco Chairman and CEO John Chambers, who took the stage with columnist Diane Brady to discuss their new book, Connecting the Dots: Lessons for Leadership in a Startup World. They discussed Chambers’ leadership roles serving through his current position as founder and CEO of JC2 Ventures, where he works with startups from all around the world.

Friday: A Preview Snapshot

  • Keynotes: We encourage you to check out the full schedule, and keep in mind thatConference will also be livestreaming some of this year’s keynotes. Here are a few you won’t want to miss on Friday:
  • RSAC College Day8 AM-1:35 PM, all Conference venues. Friday is the final day of College Day. Today’s programming was lively and well-attended by students and recent graduates, we expect tomorrow’s events to be great as well!

The Expo floor is closed Friday. We encourage those who are unable to join us on site to check out RSAC OnDemand, featuring some of Conference’s most anticipated moments.  

Seen in the News

RSAC Editorial Team

Editorial, RSA Conference

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs