Are you planning on checking out any of the Peer2Peer sessions at RSA Conference 2016? 

Peer2Peer sessions are group discussions around specific security topics, where participants get the chance to really dig deeply into a topic that that care about with a group of peers. This year we've once again asked the discussion facilitators to help explain what you can expect from their sessions so that you can choose the groups and topics that will be most beneficial and interesting.

This post features the following seven sessions:  

1. Hacking Inward—Implementing Effective Cyber “War Games”
2. Building Security Data Science Capability
3. Is Automation the Answer for Security in the Digital World?
4. A United Front: the Benefits and Challenges of Sharing Threat Intelligence
5. SHA-1 Anyone? Let's Hash It Out...
6. Xtreme RFP: Help Design a Live Vendor Review Session for RSAC 2017!
7. From SOC to Cybersecurity Center 

1. Hacking Inward—Implementing Effective Cyber “War Games” (P2P1-W13)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

This session will benefit security leaders in organizations who are fielding questions such as "Are we secure?" and "Can a breach happen to us?" from their CEO and board members. One way to tackle this is by "hacking inward," and having a proper framework in place to conduct effective war games that can unearth people, process or technology issues. This session will focus on more than table top exercises, it will discuss best practices that need to be in place to better plan for and respond to a cyber attack and deep dive into technologies that can facilitate this the following:

• Deconstruct the organization from the outside in
• Prioritize fixing the correct issues, not just the easy ones
• Model attacks that can kill

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

Despite more than $70 billion in annual cybersecurity spending today, companies are still getting breached. As RSA President, Amit Yoran says "Information Security is fundamentally broken." We need to change the paradigm and stop doing the same things we've been doing over and over again. Hacking inward is one of the missing pieces in cybersecurity today. Being able to put yourself in the mindset of the attacker, running through specific scenarios and executing effective cyber war games will yield insights on where your holes are and how effective your team can be under pressure. 

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

Attendees should think about how they implement cyber war games today and consider the challenges with their existing solutions. 

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

At the end of the discussion, we hope to have a set of best practices that security leaders can bring back to their organizations for cyber war game consideration. 

2. Building Security Data Science Capability (P2P3-W13)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

It’s for technically-minded security professionals. Developers, analysts, and architects will contribute the most to this session and managers, directors, and CISOs will benefit from hearing the perspectives. Some exposure to analyzing data is preferred. The hardcore data science practitioners won’t be hearing anything new.

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

Analytics gets thrown around a lot, and there are many vendors trying to capture market space. Too often technology is seen as the solution without truly defining the business problem and how technology helps to solve it. Black box magic analytics tools don’t exist—if they did everyone would have them. Instead there is significant effort required to bring the mathematical rigor to bear.

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

Are there any security problems where you are collecting enough data to really analyze? If you had a way of analyzing it, would your analysts be able to use it and would your leadership understand the statistics behind it?

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

The primary focus is education and to ground attendees in the potential of applying analytics to security. The hope is that audience members will be able to share lessons learned from trying to run COTS analytics software and build expertise in their organizations. 

3. Is Automation the Answer for Security in the Digital World? (P2P2-T10)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

Security practitioners who have responsibility for handling incident response; architects who are building integrated solutions using multiple security products; those that are looking to improve the effectiveness of security operations

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

We’re losing the war against attackers. People alone can no longer respond fast enough to protect valuable information and intellectual property. As adoption of digitization strategies grows, responding faster to attacks to minimize damage will become even more essential.   

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

What ways can you think of where automation of security operations might improve security defenses? What are the benefits, risks, and limitations of those approaches?

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

I’m hoping we have a constructive dialog where practitioners and architects identify opportunities for improving security operations through automation, and identify both near-term solutions as well as long-term strategic directions that can help guide the industry toward more effective security defenses.

4. A United Front: the Benefits and Challenges of Sharing Threat Intelligence (P2P3-W16)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

This session will be beneficial to individuals who see the value in sharing security data between companies and want a chance to discuss the obstacles that they are encountering.

Companies that are interested in participating in threat intelligence exchanges such as Facebook’s Threat Exchange will also have the opportunity to learn more about what type of information is shared and the methods for collecting and sharing data.

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

Malicious actors have such a wide variety of resources available to them and can work together to put together an attack.  The businesses who are the victims of these attacks need to be able to work together to share threat intelligence data in order to fight back.

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

• What data would they most like to be able to share?
• What are the major challenges to sharing the threat intelligence data that they have?  
• What are the major challenges to getting others to share the threat intelligence data that they have?  
• What have they tried so far to move things forward? 

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

I’d like each attendee to have two actionable steps that they can take back to their company to work on to move the process of sharing threat intelligence data forward.

5. SHA-1 Anyone? Let's Hash It Out... (P2P1-T10)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

• IT professionals who are responsible for their Enterprise migration away from SHA-1.
• Thought Leaders and anyone with ideas on how the industry can cycle through algorithms more effectively.
• A mix of hands-on Engineers, Industry Experts and opinionated individuals will enrich the session.

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

Whether you are mobile banking or uploading your health stats, the value of secure transport to Global electronic transmissions cannot be overstated. Josh Aas, Executive Director of Internet Security Research Group (ISRG), does well to frame the backdrop here: "Vital personal and business information flows over the Internet more frequently than ever, and we don't always know when it's happening."

During the TLS Crossfire Peer2Peer session at RSA Conference 2015, most Delegates declared the SHA-1 migration a major challenge for their Enterprise through 2017. Whatever your opinion may be about SHA-1, the fact is the end-of-support train left the station years ago and is nearing its 2017 destination!

For many in the industry, the research results of “The SHAppening: freestart collisions for SHA-1” further highlighted the urgency of moving away from this outdated hashing algorithm.

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

As you prepare for the session, think about the questions posed here. Most importantly, please bring your ideas of how to improve the transition to new algorithms. In this context, the future move from SHA-2 to SHA-3.

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

Enterprise IT Conference Delegates can share their approach to the SHA-2 migration and learn from their peers. I think back to 2015, after the TLS Crossfire Peer2Peer session ended, one attendee said: "Now I know I'm not alone"—capturing the spirit of Peer2Peer sessions and RSA Conference at large. By the end of the session, we may have solid leads on how to better cycle these algorithms through the Cybersecurity ecosystem.

6. Xtreme RFP: Help Design a Live Vendor Review Session for RSAC 2017! (P2P1-T11)

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

We're looking for senior information security professionals and others who have been part of the core RFP selection group for vendor(s) for key information security projects or program elements.  Anyone with significant sourcing or vendor management experience would be particularly welcome, because his or her expertise will enrich the discussion.

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?            

Picking the wrong vendor(s) for a critical security project is expensive in every sense. (You'll overspend, your company will be stuck with a sub-optimal solution, and your credibility will suffer.)  The RSAC 2017 XTreme RFP session that we're working on in this session will give us all more tools to avoid those disasters.

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

Think about the best RFP process you've participated in. What made it the best? Why? If they have examples of great RFPs that they're willing to share confidentially, that would be fantastic—they should get in touch with us beforehand or bring them on the day.

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

We're going to bring an RFP scenario draft with us for attendees to work on—we'll bring paper. They'll get to keep those RFP scenarios and any improvements we make as part of the session. If possible, we'd love for attendees to also join our earlier panel session in the "Practitioner's Dilemma" track, "PDIL-T10: Secrets of Building the Ultimate Security RFP."

7. From SOC to Cybersecurity Center (P2P3-R15) 

Who are the attendees who will most benefit from—and contribute to—this Peer2Peer session? Do you have a specific role or job title in mind? Or even the kind of skills and mindset you are looking for?

This session is aimed towards those running a SOC and wanting to evolve to address the current threat landscape, data analysts willing to share current indicators of compromise and the capabilities required to detect the, and those who have successfully set up enterprise-wide operations to address the evolving threat landscape.

Why do you believe that your topic is important for the information security industry—and your attendees—to be thinking about?

The threat landscape is evolving—how must the defenders evolve to keep pace with the attackers?

Can you describe one or two things you would like the attendees to think about prior to the session, as a way to prepare themselves for the discussion?

What experience have you had with your SOC? What capabilities are missing? What is your SOC roadmap? How do you engage the enterprise outside of IT?

What kind of outcome are you hoping for at the end of the session? What will attendees walk away with afterwards?

They’ll walk away with insight into how others have evolved their capabilities to keep abreast of current threats.

You can check out all of the Peer2Peer sessions on our agenda and read about more sessions here and here.