Keynote Variety on Full Display at RSAC 2022

Posted on by RSAC Editorial Team

At this year’s RSA Conference, you may have noticed a bit of a format shift – kicking things off earlier on Monday and filling the day with keynotes, sessions and tracks that used to begin on Tuesday. On the tail end, the Hugh Thompson Show wrapped up the event on Thursday late afternoon. During those four days, the keynote presentations were plentiful which allowed for attendees to choose from a bevy of topics, speakers and variety throughout the week. Here are a few keynote highlights from the week, in case you missed them:

Words & Actions Matter: Leading as a Change Agent

Michael Cunningham, Chief Information Security Officer at Graphic Packaging International delivered a powerful messaging, saying, “no one should have to push through something that doesn’t allow them to be their authentic self.” Cunningham went on to say that the pattern of not great treatment he experienced early in his career is not necessarily indicative of the future. He also mentions that being receptive to other ideas, new ideas, is the way to grow at scale for the cybersecurity industry and to address the shortages currently facing the industry.

Betty Elliott, Senior Vice President and Chief Information Security Officer at Freddie Mac, reflected on the tough road she faced early in her career when she transitioned into IT security. She led a team of men, reported to a man, and often times felt the burden and stigma of being the only women in the room when people approached her asking to speak to her boss or asked her to go make copies, even as she rose the ranks to become a senior leader within an organization.

The Five Most Dangerous New Attack Techniques

Katie Nickels, a SANS Certified Instructor and Direct of Intelligence at Red Canary led off with new attack techniques: moving from living off the land to living off the cloud as a new method of attack based on the increased use of the cloud. The second new technique she mentioned involved multi-factor authentication bypass becoming more frequent.

Dean of Research at the SANS Technology Institute Johannes Ulrich then talked through backup vulnerabilities through “ghost backup” attacks and why we shouldn’t just ignore our backup methods as hackers are starting to move towards more vulnerable systems and areas that are less secure.

New takes on old techniques was where DFIR Curriculum Lead at the SANS Institute and Senior Director of Digital Intelligence at Cellebrite Heather Mahalik pitched the next form of new techniques. That centers around Stalkerware where threats come from the same methods but with greater access. Mahalik emphasized the importance of using proper cyber hygiene on our devices to help counteract these threats.

Finally, Chief Curriculum Director and Faculty Lead for the SANS Institute Rob T. Lee discussed the digital war in Europe that stemmed from an inevitable “digital Pearl Harbor” that was bound to happen eventually and has caught the attention not only of Europe but the world at large in terms of securing vital systems in time of war.

Spoiler: check out the full session video as more than five new attack methods are included!

How a Musician Used Sheet Music Encryption to Help Soviet Defectors

Dr. Merryl Goldberg, a professor of music at California State University San Marcos, visited the Soviet Union in the mid 1980’s on vacation while specializing in Eastern European music. Working to keep a low profile while entering the Soviet Union, Goldberg and the rest of her party were questioned by Soviet officials as to the purpose of their visit, background information, travel plans, etc. The Soviet officials searched their belongings, including sheets of music, and allowed them to continue on their journey. What the officials didn’t realize was that the some of the sheet music was encoded with messages that they would later pass along to Soviet residents looking to defect.

Hugh Thompson Show: Exploring Information Disorder

Former Director of Cybersecurity and Infrastructure Security Agency (CISA) Chris Krebs shared that he found out that he was terminated from his job at CISA on Twitter. In addition, he found about ransomware attacks WannaCry and NotPetya via Twitter as well.

President of Color of Change Rashad Robinson discussed how his racial justice organization came about following the aftermath of Hurricane Katrina when many people of color were left to die by the government. It drew a spotlight on generational poverty, geographic segregation and structural racism. Now with more than 7 million members, Robinson’s organization fights for truth, racial equality and humanity while combatting information disorder.

Katie Couric, renowned journalist and founder of Katie Couric Media, discussed the absolute need to vet and properly source information, in today’s world in particular. It’s not to say that didn’t happen earlier in her career in the days before the internet, but with misinformation running rampant, Couric presses her team on due diligence before incorporating any official news or scoops out to the larger audience and viewers.

RSAC Editorial Team

Editorial, RSA Conference

Human Element RSAC Insights C-Suite View

social engineering disinformation campaigns/fake news professional development cryptography practitioner perspectives innovation

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs