Topics & TracksAnalytics, Intelligence & Response
Analytics, Intelligence & Response covers the application of investigative and analytic techniques that help organizations plan for, identify, contain, investigate, and resolve incidents in the enterprise, manufacturing (OT), and integrated technologies (IOT). It also explores threat intelligence, automating response, and broad information sharing. Finally, AIR covers response to cognitive security attacks (dis-/misinformation) against companies, products, and services.
The battle against online fraudsters continues to rapidly evolve, with social engineering-based attacks increasing. Leading organizations are deploying new policies, technologies and methodologies to enhance fraud prevention, detection, response and recovery programs. Hear use cases and best practices focused on sharing practical knowledge and lessons learned on how to approach the most pressing challenges of anti-fraud professionals.
Association Special Topics
Navigate the association landscape and learn about opportunities in training, best practices, credentialing, special programs, and career development from leaders in the field.
This track focuses on the intersection of business and security. It features experiences and opinions of CXOs, exploring how to assess risk from a business perspective and then communicate cyber-risk to the board. Sessions will explore ways to leverage limited resource to manage and mitigate risk as well as the latest trends and issues in information security that impact the executive suite.
Cloud Security & Virtualization
The Cloud Security & Virtualization track includes sessions on the security aspects of using and leveraging cloud services, virtualization technologies/services, segmentation, container technologies, network function virtualization and hybrid architectures. Critical staffing and skills requirements will also be explored as well as business continuity planning related to rapid cloud-native transformations.
This academically focused and refereed track for mathematicians and computer scientists offers presentations of the very latest papers about the science of cryptography.
DevSecOps & Software Security
DevSecOps & Software Security focuses on the intersection of application, product security and DevOps. Sessions focus on sharing real-world, enterprise-level successes (and failures), covering DevSecOps for risk and compliance and working in step with modern development teams. Expect to see topics on secure software development, SDL, safety engineering, adding resiliency to software, and how-to’s for building security support, compliance, and diagnostics into software and products.
Hackers & Threats (Regular and Advanced)
Hackers & Threats sessions include discussions around the growing underground economy, advanced threats, ransomware, cyber-weapons, new classes of vulnerabilities, exploitation techniques, reverse engineering, and how to combat these problems. Hackers & Threats Advanced features more advanced content, including highly technical live demos, exploit code walk throughs, code dissection and reverse memory analysis.
This track explores how people make trust choices by relying on user behavior analytics data to inform innovative ways of securing the human and foster internal and external security communities. Topics include social engineering, insider threats, information operations, organizational change, building partnerships and how classic attacks and emerging threats now include a human element.
This track covers the processes, technologies and policies for managing and controlling digital identities for the enterprise and its customers.
The Law track explores topics at the intersection of cybersecurity, data protection and the law, including developments and trends in new laws and regulations, cases, liability, risk management, transactions, investigations, governance and related topics.
Machine Learning, Artificial Intelligence & Automation
Sessions examine the practical applications and limitations of machine learning and artificial intelligence in cybersecurity, with an eye on issues of ethics and bias as well as democratizing ML&AI. This track will explore defensibility, fundamentals, real-world examples, potential risks, and future evolution of capabilities. Expect to see topics around automated robots and defensive automation as well as the ways in which ML, AI and automation are enabling humans to do a better job and be more efficient.
Open Source Tools
This track provides technical case studies of open-source software and highlights new and innovative open source security tools. The track offers attendees exposure to open-source solutions that have been created and utilized by enterprise practitioners to solve real challenges. Sessions will cover the business challenges addressed and how the presenter utilized open source tools to resolve them. Attendees will be able to download the tools to follow along.
Policy & Government
This track features sessions on current and proposed government strategies, policies, legislation and standards that could shape the direction of emerging technologies, cyberthreat intelligence sharing, industry standards and security compliance requirements for years to come.
This dedicated track explores the privacy and security of personal data issues related to artificial intelligence, facial recognition, biometrics, surveillance and differential privacy enhancing technologies, as well as state, federal and international laws and regulations, including as CCPA, GDPR and HIPAA. It also focuses on standards and programmatic strategies for compliance.
Professional Development & Personnel Management
This track looks at the “you” side of things, with two distinct paths geared toward advancing careers and positively impacting our profession. Professional development is about improving ourselves, expanding our capabilities and skills, soft skills, and increasing our security career possibilities. Personnel Management focuses on those who lead and manage people, build inclusive and diverse teams for 365 visibility, and help our teams mature and develop themselves to achieve even more.
Risk Management & Governance
This track covers the selection and implementation of risk management methodologies, compliance-related sessions on standards, assurance, and instituting governance across the extended enterprise. This track also contains sessions on metrics and measurements that make a difference in reducing risk.
Securing All the Things
This track explores the security policies of interconnected devices and the implications of the home network becoming an extension of the corporate network. Securing All the Things demands that we look at the ways in which the architecture, infrastructure, policy and strategy of non-traditional technology affects security. Sessions will cover managing mobile security and emerging threats to mobile platforms as well as the challenges posed by the interconnectivity of everything. Topics will include product security as well as the security of Industrial Control Systems, OT and manufacturing.
Securing the Remote Workforce
This track will cover best practices that emerged from organizations that were forced overnight to secure a remote workforce. It will explore next stages of transformation—what projects have been accelerated or decelerated and how organizations are adjusting for quickly made changes as well the normalization of changes that may have been implemented, both technologically and within the workforce. It will also look into the future and deliver concrete ideas around what lies ahead and how organizations can thrive when change is thrust upon them.
This track includes interesting speakers and sessions on a wide range of topics not found anywhere else during the week.
Security Strategy & Architecture
Security Strategy & Architecture covers the policy, planning, and evolving areas of enterprise security architecture and the management issues of implementing successful security programs. Sessions will include the structures and tools needed to build a security program that enables and enhances business processes, communication, resiliency and hygiene.
Sponsor Special Topics
Listen to a spectrum of experts and security issues delivered and discussed by leading-edge companies.
Technology Infrastructure & Operations
This track focuses on the most interesting and challenging elements of current and emerging security infrastructure. Sessions will include topics on strategic planning and implementation lifecycle for all things network and security infrastructure and operations.
*Tracks listed here are subject to change.
Join one of our association partners for a focused seminar with content designed to complement the RSA Conference agenda.
Birds of a Feather
It’s our popular Birds of a Feather format—with an online twist. Participate in published, planned topics facilitated by leading industry experts. You never know where the conversation may lead! Birds of a Feather sessions are open to All Access Pass holders only. Note: Press is not permitted in Birds of a Feather sessions.
Classroom sessions are traditional presentations delivered by 1-2 presenters, following slide decks that are available from the VE. Presentations include audience Q&A.
RSAC College Day offers events and sessions to help college students explore and learn about the cybersecurity industry. Discover career options, hear from the best in the field and network with leading companies. These events are limited to students/faculty registered for RSAC College Day.
RSAC keynote speakers are inspiring leaders, thinkers, and innovators that will share perspectives and knowledge on the information security industry.
Learning Labs provide highly interactive, facilitated learning experiences. All of the content is very hands-on and small group oriented. Seating is limited in Labs, assuring maximum engagement and participation. Capacity limits vary and only one Learning Lab can be scheduled and attended during Conference. Labs are open to All Access Pass holders only. Note: Press is not permitted in Lab sessions.
RSA Conference offers great opportunities to get to know other attendees and build your professional network. Explore these here.
Panel sessions are traditional format, featuring a moderator and several panelists representing different viewpoints. The discussions include audience Q&A.
RSAC Sandbox 2021 offers hands-on experiences addressing, discussing and simulating threats and vulnerabilities that impact our ability to protect tomorrow’s future. Explore 6 different sandboxes focused in areas such as IoT, industrial control systems, supply chain, and bio-hacking. Also featured is App Sec Village, the SANS NetWars experience and capture-the-flag activities from Red Team Web App Hacking. Open to All Access Pass holders.
Get tactical help with pressing challenges. Technical experts from our Digital Expo vendors present short demonstrations to help attendees with strategic plans and purchase decisions.
Tutorials & Trainings $$
Immerse yourself in an intensive, skill-building multiple-day session the week prior to RSA Conference. Tutorials & Trainings are led by respected authorities from the SANS Institute, FAIR Institute, and (ISC)². Please note, the Tutorials & Trainings are available for purchase.
Events & Networking
RSA Conference offers great opportunities to get to know other attendees and build your professional network. Explore these here.
Expand your network while you learn through doing and interacting, with sessions including Birds of a Feather, Learning Labs and RSAC Sandbox.
Our sponsor partners provide the content for these sessions, delivering insights on security issues that focus on today’s most pressing matters.
Programs with dedicated initiatives or events for specialized audiences.
Session format follows a "traditional" presenter to audience format with a formal presentation or panel discussion followed by Q&A.
This classification is used for compelling strategic sessions and introductions to new technology.
General - Technical
Session includes content deemed "general technical" by the presenter.
Focused on principles and concepts that would appeal to attendees with more than 5 years of experience. Little, if any, time is spent on definitional terms and concepts. Contains instructive demos, management tools, deep process discussions, or similar level of content.
Intermediate - Technical
Session includes content deemed "intermediate technical" by the presenter.
Focused on advanced principles and concepts, geared toward attendees with deep subject knowledge and 10 or more years of experience. Little/no time is spent on defining terms and background. These sessions are high in demand and should contain demonstrations, line code, advanced architecture discussions, tools that can be shared, or similar level of content.
Advanced - Technical
Session includes content deemed "advanced technical" by the presenter.