If you’re the type that likes talking about security-related topics with your colleagues (and who doesn’t?) then you should check out some of the Peer2Peer sessions at this year’s RSA Conference in San Francisco.
Peer2Peer sessions are group discussions around specific security topics, where participants get the chance to really dig deeply into a topic that that care about with a group of peers. This year we've once again asked the discussion facilitators to help explain what you can expect from their sessions so that you can choose the groups and topics that will be most beneficial and interesting.
This post features the following seven sessions:
- The Promise and the Peril of the App Era
- Managing Your Open Source
- Interns: A Creative Alternative to Off-Shore
- Wearables: Security of Things
- Mobile Devices: What Could Go Wrong? Discussion from the Frontlines
- It’s Not Just about Tech, It’s about Talent: Building a Workforce Program
- Incident Response in the Public Cloud
1. The Promise and the Peril of the App Era (P2P2-R04)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: A semi technical attendee with an interest in technologies that make mobile apps function, at a macro level. We won't be analyzing code. This discussion is to point out where problems in mobile apps can arise.
Q: Why is the topic of your session important for the information security industry?
A: This is currently being missed by most organizations, even ones that have good application security hygiene.
Q: What is the one thing you would like the attendees to really think about prior to the session to prepare themselves for the discussion?
A: We connect ourselves to the world in new and interesting ways every day, what are these connections doing with our data and why do we need to worry about it?
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: Curiosity and a better understanding of when we should be curious.
2. Managing Your Open Source (P2P3-T11)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: I’m expecting two main areas for attendees in this session. Operational security being one and development security being the other. There will be substantial overlap between these two areas due to the nature of open source. Problems such as Heartbleed affected not just operations but also development. The same held true for Shellshock. We need to discuss these problems together, not treat them as if there are two separate groups involved. The fundamentals of managing open source remain the same, and with the emergence of DevOps there isn’t even a difference between development and operations any longer.
The operational security focus is really the people who are responsible for ensuring their organization’s infrastructure is secured. Everything from applying patches, ensuring both internal and industry compliance is met, as well as keeping tabs on the risks associated with their data and network. This group must focus on the various pieces of open source that has been deployed inside their infrastructure. Every from containers to Linux distributions to development tools installed on workstations.
The other focus will be on development or application security. Every developer is including open source code in their projects. Everything from snippets found on stack overflow to larger projects cloned from GitHub. These create certain challenges in the context of how to understand, maintain, and update the open source code. Modern applications are like living systems that need constant care and attention, open source is one of the many inputs we see making this system grow and thrive.
Q: Why is the topic of your session important for the information security industry?
A: Everyone is using open source today. Everyone. It sort of snuck in the back door while nobody was looking and now it’s here to stay. Telling your developers and admins to stop using open source won’t work, they certainly can’t get their job done without it anymore. The only option now is to understand it so we can properly legitimize it. The first step is to admit you have a problem, the second step is to understand it.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: Think about the problems open source is solving for you. It’s important to not spend too much time obsessing about the open source itself or the risks you believe it adds to your environment. It’s easy to try to say “no”, but we understand that the result of that action is to have security missing from the critical conversations where these decisions are made. Instead of pretending open source isn’t there, let’s understand the problems so we can see how open source will fit into the solution in a way that allows us to understand and manage the risk that comes with it. The best way to see this in a positive manner is to focus on the benefits rather than the detractors.
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: They’re going to understand how to think about risk and open source. Open source is a tool to empower, but it’s easy to confuse it as a massive risk for our organization. All source code has security flaws, open source isn’t more or less secure than anything else. The primary difference is it’s not always easy to understand what happens if something goes wrong or you have a question. If you’re working with a vendor you can give them a call. Who do you call if your you have a question or concern about the open source running your cloud or deployed in your product? Once you understand the basics, it’s much easier to navigate the universe of open source. We’re going to empower the attendees of this session so they can find the answers they need.
3. Interns: A Creative Alternative to Off-Shore (P2P4-W04)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: Anyone in a security management or leadership role who is struggling to obtain enough budget for staffing to achieve all their program directives. This could range across the spectrum of Technical work to Governance and Risk Management.
Q: Why is the topic of your session important for the information security industry?
A: Information security, as an industry, faces 2 major hurdles when it comes to staffing critical work for the success of program directives:
- There is simply not enough qualified staff available in the market place
- Due to always present cost pressure, often having to sacrifice one area of focus for another in an overall cost benefit equation
Establishing an internship staffing program could work toward achieving positive changes on both fronts.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: What bodies of work do you have in your program that really do not require specialized InfoSec knowledge to execute effectively?
- In what areas do you face challenges in keeping subject matter experts motivated to execute tasks that have become business as usual, but still maintain a high degree of importance to managing the objectives of your program?
- What challenges would you anticipate with a short term/high turnover labor pool?
- Could internships fill gaps program leaders have become accustom to turning to off-shore options to address?
- Can an overall increase in available internships assist in addressing the high costs of higher education in the US, by providing work options for college students and improving the likelihood of obtaining quality employment post-graduation?
Q: What information/skills/tools will attendees be armed with when they leave your session?
A:
- Techniques to successfully integrate internships into an overall staffing model
- Skills and traits to look for in the full-time resource pool to bolster the value added by internship staffing models
- Inventory of workloads to consider that lend themselves well to highly motivated, yet minimally trained staff members
4. Wearables: Security of Things (P2P3-T10)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: Anyone with an interest in advancing the security of IoT/Wearable devices will benefit from this session. Fitbit will be facilitating the discussion from its perspective as a manufacturer. Information security leadership, as well as engineering staff will be best positioned to contribute to the conversation.
Q: Why is the topic of your session important for the information security industry?
A: Continuing to improve the security of IoT/Wearable devices will be critical to helping fulfill their long-term potential while protecting the consumers who use them. Companies working in the IoT and wearable space need to work together to collectively improve our security to help reduce the risk of serious incidents and protect against lost consumer confidence.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: Attendees should think about which security controls are the most important in their work, which are the most challenging to implement in IoT/Wearable devices, and potential successful approaches.
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: Attendees can expect to learn about the types of issues manufacturers of IoT / Wearable devices are likely to encounter and explore options to prevent these issues.
5. Mobile Devices: What Could Go Wrong? Discussion from the Frontlines (P2P2-T10)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: Attendees should be involved in mobile device management, mobility, security, malware and email security. This session is ideal for heads of security, mobility, mobile security, threat defense, CIOs and CISOs.
Q: Why is the topic of your session important for the information security industry?
A: Mobile devices and apps are a threat vector that is growing because every employee has a mobile device, and protection is largely relegated to the operating system vendor and several app stores. Attackers are using vectors such as SMS messages, zero day exploits, side loaded apps, fake enterprise certificates, hostile device profiles, infected app development tools and infected advertising libraries to compromise employee devices and expose enterprise data. Even more insidious are “legitimate” apps that mine corporate data from address books and calendars for use in targeted attacks.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: How many apps are on your user’s devices and where are they sending your data? How many Wi-Fi networks are your users connecting to, and are they attacking user devices? What are your plans beyond BYOD?
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: Attendees will be armed with the information and skills to evaluate the dynamic threats to their mobile users and form strategies for assessment and defense.
6. It’s Not Just about Tech, It’s about Talent: Building a Workforce Program (P2P4-T10)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: Information security leaders who face challenges recruiting and retaining a qualified workforce. Managers, CISOs, human resources.
Q: Why is the topic of your session important for the information security industry?
A: Developing and maintaining a qualified cybersecurity workforce is a challenge. There are simply not enough qualified professionals in the world, which makes recruiting and retention a challenge. In addition, the constantly evolving threat and technology landscape means that we need to build programs to keep our people qualified over time through training, certifications, and growth experiences.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: How have or can you develop dynamic career development paths for different types of professionals within your organization, including those not suited to be a manager?
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: Ideas for creating or enhancing their workforce program.
7. Incident Response in the Public Cloud (P2P1-T09)
Q: What type of attendee will most benefit from, and be best positioned to contribute to, this Peer2Peer session? Do you have a specific role or job title in mind?
A: This session is intended for Incident Response practitioners and tool developers who are operating in a public cloud or hybrid datacenter model.
Q: Why is the topic of your session important for the information security industry?
A: The trend to public cloud confers many benefits and will no doubt continue if not accelerate; however, there are challenges in conducting Incident Response (IR) in these environments. It is important that we as an industry harness the advantages and identify and mitigate the weaknesses in this changing landscape.
Q: What is the one thing you would like the attendees to really think about prior to the session as a way to prepare themselves for the discussion?
A: How does a shared responsibility model change your approach to Incident Response?
Q: What information/skills/tools will attendees be armed with when they leave your session?
A: We will discuss themes as well as tactics to conduct incident response in a public cloud environment; pro's and con's. We encourage the group to share war stories, or theories, on how adversaries operate in a public cloud, and thus how we can detect and respond to them.
You can check out all of the Peer2Peer sessions on our agenda here: https://www.rsaconference.com/events/us17/agenda.