What the 2014 RSA Conference means for government: Top things to do

Even if you are not going to California, you still need to pay attention.

by / February 21, 2014 0

Moscone Center

Moscone Center, San Francisco, credit moscone.com

It’s that time of year for security pros to pack their bags and make the annual pilgrimage to San Francisco for the RSA Conference and the week’s other surrounding events.

This is the most attended cyber extravaganza in the world. Last year, there were over 24,000 attendees. Event organizers say even more people are planning to attend in 2014.

There are also numerous alternative seminars, workshops and security conferences in San Fran during the next week, such as BSides and TrustyCon, as well hundreds of receptions, dinners and informal gatherings. The networking opportunities are immense.

Virtually every technology and security company will be there. The goals: to learn, to share a business case, to build trust and to connect in personal ways.

But even if you are not going to California, you still need to pay attention.

Why?

Think of this next week as either the cyber industry’s (pick one): Super Bowl, World Cup (soccer) or the Motion Picture Academy Awards. Even if you don’t have tickets, many thousands come to just tailgate and enjoy the surrounding atmosphere.

More important, you can watch and learn from anywhere via the global media online. Keep an eye out for security industry trends, big announcements, new vendor products and video interviews with VIPs – such as these videos from 2013.

When thinking about outcomes, ask: What are the latest security developments and cyber plans? What’s hot, and what’s not?

Themes worth watching at RSA 2014 include:

1) Building cyberecurity for: Cloud, mobile, big data, social media or the Internet of things.

2) Privacy should be a major topic of conversation. This is our first post-Snowden RSA conference in the USA, so how do speakers address mining and sharing data with appropriate privacy considerations. What do keynote speakers say (or not say) about their dealings with the National Security Agency (NSA)?

3) Government speeches will cover the new NIST Cybersecurity Framework, the new National Infrastructure Protection Plan (NIPP) released in December 2013, FEDRAMP, and progress on security surrounding data center consolidations in federal and state governments. Also, watch out for announcements on incentives and government programs to speed implementation of the Cyber Framework in state and local governments.

A few of the keynotes that I am looking forward to include:

1) RSA executive chairman Art Coviello will take the stage Tuesday morning to discuss identity in the age of intelligence. There is speculation as to whether Coviello will address the NSA allegations in the same direct manner as he did the RSA SecurID breach at the 2012 RSA Conference.

2) Scott Charney from Microsoft will cover the topic: Conundrums in Cyberspace: Exploiting Security in the Name of, well, Security.

3) FBI Director James Comey will cover how the FBI is addressing cybersecurity with the private sector to close gaps in protection.

4) Stephen Colbert’s closing keynote on Friday is bound to be funny.

5) Kevin Mandia’s two sessions – especially the topic: State of the Hack – One year after the APT1 report.

 

Some other top government-focused sessions and intriguing panels include:

1) Cybersecurity in a world of borders by Michael Daniel, the Special Assistant to President Obama on Cybersecurity

2) All three panel sessions with Phyllis Schneck, who is the new Deputy Under Secretary for Cybersecurity. Attending these sessions will give attendees a good view on where DHS is at now and where they are going.

3) Securing our nation’s datacenters – with Jamie Dos Santos, Mark Weatherford, Richard Schaeffer and Bob Carey.

4) Government x 2 - Federal – State Collaboration on cybersecurity – with Cheri Caddy from the White House, Mike Senna, Tom MacLellan and yours truly. (I know. Just a tad of self-interest here, but it will be a fun panel.)

Final thought:

Get ready for the unexpected this week as well. Just as in soccer or football scores, or with motion picture awards, unexpected outcomes sometimes appear out of nowhere during the RSA conference week.

Surprises can happen when walking the expo floor by discovering a new cyber startup company. Or, you can learn about some new product, service or technology that you’ve never heard of that solves a difficult long-standing problem. Or, perhaps you will connect with someone new or see a long-lost friend or two.

Regardless of what happens, it should be an interesting week.

Time to fasten our safety-belts and put our seats in the fully upright position.

And pay attention. 

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso