Trusted forum for confidential collaboration since 2003
Overview
For over 20 years, the RSAC Executive Security Action Forum (ESAF) has been a trusted forum for Fortune 1000 security executives. Led by a program committee, the community shares information at confidential sessions throughout the year and at the annual meeting at RSA Conference, enabling security leaders at some of the world’s largest enterprises to collaborate and find actionable solutions to common challenges.
Sessions
RSAC ESAF information sharing sessions are invitation-only and closed-door, enabling candid discussion among peers. The selection of topics and speakers is entirely member driven.
Membership
ESAF members are a select group of the most senior information security and risk executives responsible for protecting information for the world’s largest enterprises. Membership is by referral.
Research
We are sharing some hard-earned wisdom with the broader cybersecurity community through the “CISO Perspectives” series of reports and blogs. The aim is to help all organizations improve the management of cyber risks.
“I’ve be going to ESAF for 15 years. It continues to deliver. As CISOs, we’re unbelievably busy but it’s worth it to spend time at ESAF sessions.”
“It’s not often you get a place like this where you can really talk to other CISOs. Getting exposure to people that I want in my network. Super amount of value.”
“Superb content with excellent insights into the different ways organizations are trying to solve problems.”
CISO Perspectives: Insights from Fortune 1000 CISOs
NEW! Blog Series: How Top CISOs Are Navigating the Risks and Opportunities of GenAI
Available now!
- CISO Perspectives: The Risks of Rapid Generative AI Adoption
- CISO Perspectives: Insights on Generative AI Governance
- CISO Perspectives: Practical Tips for Securing Generative AI Systems
- CISO Perspectives: Transforming Security with Generative AI
- CISO Perspectives: Tackling the Rise of AI-Powered Cyber Attacks
Research Reports
How Top CISOs Are Transforming Third-Party Risk Management
Traditional third-party risk management in information security is ineffective. What are leading CISOs doing instead?
This report covers pioneering initiatives at six Fortune 1000 companies in a range of industries. Use their ideas to accelerate your own efforts to transform third-party risk management.
What Top CISOs Include in Updates for the Board
CISOs from the ESAF community consider reporting to the board as one of the most important aspects of their job.
This report takes a deep-dive view, analyzing the content of actual board presentations contributed by ESAF members and includes examples of content, dashboards, charts, and visuals.
How Top CISOs Are Navigating the Risks and Opportunities of GenAI
Recently, GenAI has been one of the most intensely-discussed topics in the RSAC ESAF community. In this report, we share anonymized highlights of those conversations and insights from RSAC’s Fortune 1000 GenAI survey.
Use this report to unlock early strategies to deploy GenAI safely across the business, to build better defenses with GenAI, and to confront GenAI-enabled threats.