Topics & Tracks
Analytics, Intelligence & Response
Analytics, Intelligence & Response covers the application of investigative and analytic techniques that help organizations plan for, identify, contain, investigate, and resolve incidents in the enterprise, manufacturing (OT), and integrated technologies (IOT). It also explores threat intelligence, automating response, and broad information sharing. Finally, AIR covers response to security attacks against companies, products, and services.
Sessions tagged to this topic feature interesting speakers and sessions on a wide range of issues that impact business considerations and approaches.
This track focuses on the intersection of business and security. It features experiences and opinions of CXOs, exploring how to assess and manage both cyber and human risk from a business perspective and then communicate risk to the board. Sessions will explore ways to leverage limited resource to manage and mitigate risk as well as the latest trends and issues in information security that impact the executive suite.
Cloud Security & Cloud Sec Ops
This track includes sessions on the security aspects of using and leveraging cloud services, virtualization technologies/services, segmentation, container technologies, network function virtualization and hybrid architectures. Critical staffing and skills requirements will also be explored as well as business continuity planning related to rapid cloud-native transformations.
Connected Devices & Cyber-Physical Security
This track explores the security policies of interconnected devices and the implications of the home network becoming an extension of the corporate network. Connected Devices & Cyber-Physical Security demands that we look at the ways in which the architecture, infrastructure, policy and strategy of non-traditional technology affects security. Sessions will cover managing mobile security and emerging threats to mobile platforms as well as the challenges posed by the interconnectivity of everything. Topics will include product security as well as the security of Industrial Control Systems, OT and manufacturing.
This academically focused and refereed track for mathematicians and computer scientists offers presentations of the very latest papers about the science of cryptography.
DevSecOps & Application Security
DevSecOps & Software Integrity focuses on the intersection of application, product security and DevOps. Sessions focus on sharing real-world, enterprise-level successes (and failures), covering DevSecOps for risk and compliance and working in step with modern development teams. Expect to see topics on secure software development, SDL, safety engineering, adding resiliency to software, and how-to’s for building security support, compliance, and diagnostics into software and products.
The battle against online fraudsters continues to rapidly evolve, with social engineering-based attacks increasing. Leading organizations are deploying new policies, technologies and methodologies to enhance fraud prevention, detection, response and recovery programs. Hear use cases and best practices focused on sharing practical knowledge and lessons learned on how to approach the most pressing challenges of anti-fraud professionals.
Hackers & Threats (Regular & Advanced)
Hackers & Threats sessions include discussions around the growing underground economy, advanced threats, ransomware, cyber-weapons, new classes of vulnerabilities, exploitation techniques, reverse engineering, and how to combat these problems. Hackers & Threats Advanced features more advanced content, including highly technical live demos, exploit code walk throughs, code dissection and reverse memory analysis.
This track explores how people make trust choices by relying on user behavior analytics data to inform innovative ways of securing the human and foster internal and external security communities. Topics include social engineering, insider threats, information operations, organizational change, building partnerships and how classic attacks and emerging threats now include a human element.
This track covers the processes, technologies and policies for managing and controlling digital identities for the enterprise and its customers.
The Inclusive Security agenda features sessions focused on how we can identify, train, and retain the future workforce, including changing existing cultures and hiring practices to be more inclusive of under-represented members of the community. As we all strive toward using more inclusive language, we refer to this resource from our Community Partner, Women in Cybersecurity (WiCys).
Innovation & Startups
Sessions tagged to this topic will be of particular interest to those focused on emerging technologies and approaches specific to start ups, including the ever popular RSAC Innovation Sandbox contest.
The Law track explores topics at the intersection of cybersecurity, data protection and the law, including developments and trends in new laws and regulations, cases, liability, risk management, transactions, investigations, governance and related topics.
Machine Learning & Artificial Intelligence
Sessions examine the practical applications, limitations, and potential biases of machine learning and artificial intelligence in cybersecurity, with an eye on issues of ethics and democratizing ML&AI. This track will explore defensibility, fundamentals, real-world examples, potential risks, and future evolution of capabilities. Expect to see topics around deepfakes, privacy and compliance for AI, legal and policy considerations as well as assessing vendor AI claims about the ways in which ML/AI are enabling humans to do a better job and be more efficient.
Our sponsor, association, and media partners provide the content for this track. Sessions feature experts from across the industry and are open to all attendees with any badge type.
Policy & Government
This track features sessions on current and proposed government strategies, policies, legislation and standards that could shape the direction of emerging technologies, cyberthreat intelligence sharing, industry standards and security compliance requirements for years to come.
This dedicated track explores the privacy and security of personal data issues related to artificial intelligence, facial recognition, biometrics, surveillance and differential privacy enhancing technologies, as well as state, federal and international laws and regulations, including as CCPA, GDPR and HIPAA. It also focuses on standards and programmatic strategies for compliance.
Professional Development & Personnel Management
This track looks at the “you” side of things, with two distinct paths geared toward advancing careers and positively impacting our profession. Professional development is about improving ourselves, expanding our capabilities and skills, soft skills, and increasing our security career possibilities. Personnel Management focuses on those who lead and manage people, build inclusive and diverse teams for 365 visibility, and help our teams mature and develop themselves to achieve even more.
Protecting Data & the Supply Chain Ecosystem
This track explores the cascading security requirements of the extended enterprise and the classification, tracking, and protection of data. It covers data protection regulations, DLP and threats to sensitive data, and emerging trends in software supply chain security as well as vendor and partner SLAs, supply chain mapping, continuous enforcement, and how to future-proof vendor contracts and risk assessments for evolving requirements.
Risk Management & Governance
This track covers the selection and implementation of risk management methodologies, compliance-related sessions on standards, assurance, and instituting governance across the extended enterprise. This track also contains sessions on metrics and measurements that make a difference in reducing risk.
RSA Conference Sandbox explores various disciplines of cybersecurity in new and innovative ways. RSAC 2023 will feature eight different sandboxes with dozens of interactive experiences. A Full Conference Pass or Expo Plus Pass is required.
This track includes interesting speakers and sessions on a wide range of topics not found anywhere else during the week.
Security Strategy & Architecture
Security Strategy & Architecture covers the policy, planning, and evolving areas of enterprise security architecture and the management issues of implementing successful security programs. Sessions will include the structures and tools needed to build a security program that enables and enhances business processes, communication, resiliency and hygiene.
Technology Infrastructure & Operations
This track focuses on the most interesting and challenging elements of current and emerging security infrastructure. Sessions will include topics on strategic planning and implementation lifecycle for all things network and security infrastructure and operations.
Birds of a Feather
Participate in focused discussions around planned topics facilitated by leading industry experts. You never know where the conversation may lead! Birds of a Feather sessions are open to Full Conference attendees only. Note: Press is not permitted in Birds of a Feather sessions.
Listen as inspiring leaders, thinkers, and innovators share perspectives and knowledge on the information security industry on the RSAC Keynote stage.
Engage in highly interactive learning experiences. Learning Labs are hands-on, small group-oriented sessions designed to deepen your understanding on a topic and help you build your network of colleagues with similar interests. Labs are open to Full Conference attendees only. You may reserve a seat in only one Learning Lab. Note: Press is not permitted in Lab sessions.
Enjoy an action packed session with rapid-fire talks followed by a moderated Q&A session with the presenters.
Build your professional network and enjoy engaging with other attendees at these events.
Join our association partners for a focused seminar with content designed to complement the RSA Conference agenda.
Learn from our sponsor partners in these sessions that deliver insights on security issues focused on today’s most pressing matters.
Attend sessions that follow a "traditional" presenter-to-audience format with a formal presentation or panel discussion followed by Q&A.
Immerse yourself in an intensive, skill-building two-day session on Sunday and Monday of Conference week. Trainings are led by respected authorities from CSA, FAIR Institute, (ISC)2, and InfraGard National Members Alliance.
This classification is used for compelling strategic sessions and introductions to new technology.
General - Technical
Sessions include content deemed "general technical" by the presenter.
Sessions focused on principles and concepts that would appeal to attendees with more than five years of experience. Little, if any, time is spent on defining terms and concepts. Session may contain instructive demos, management tools, deep process discussions, or similar level of content.
Intermediate - Technical
Sessions include content deemed "intermediate technical" by the presenter.
Sessions focused on advanced principles and concepts, geared toward attendees with deep subject knowledge and 10 or more years of experience. Little/no time is spent on defining terms and background. May contain demonstrations, line code, advanced architecture discussions, tools that can be shared, or similar level of content.
Advanced - Technical
Sessions include content deemed "advanced technical" by the presenter.