If you’re attending the 2018 RSA Security Conference in San Francisco next week, here are a few things that are good to know before you go, especially if this will be your first time.
The conference began in 1991 as a small cryptograph conference. “RSA” are the initials of the last names of the founders of RSA Data Security, Inc. – Ron Rivest, Adi Shamir and Leonard Adleman. These founders, along with Whit Diffie and Marty Hellman, both legendary cryptologists, are responsible for ushering in modern cryptography. Every year at RSA they, along with one or two contemporary cryptographers, open the conference by holding “The Cryptographers’ Panel”. You don’t want to miss this discussion!
True to its roots, RSA 2018 offers content and programming all week long consisting of keynotes, panels, presentations, trainings, the Conference Expo floor and of course, the Cryptographers Ball to celebrate the end of the conference. There are multiple levels of passes to gain access to all the good stuff. The most basic pass is the “Expo Only” pass and will only give you access to the Expo floor. If you work in InfoSec, it’s worthwhile to spend a morning on the floor. It’s huge (over 50,000 attendees per year and more than 500 vendors) and will keep you occupied all week long. I personally find the Expo a bit overwhelming and can only handle it in small doses. To make RSA as meaningful and productive as possible, I highly suggest you walk the floor with some main objectives in mind:
#1 – See what people are selling and look for patterns. There are always multiple vendors selling similar products and I like to see what they have that sets them apart, what they have in common and what I think is missing.
#2 – Shopping. I have security problems and I need solutions. Depending on the year, the length of my shopping list varies. I think about what tools we use to secure Gigamon that could be improved or if we have any flat-out gaps. Currently we’re building a strong jump host proxy and this year I might look for a product that we could buy instead of build. It’s a good idea to make a mental list of what sorts of gaps you have and how your thinking about solving them, then see if anyone is selling something that might work for you.
#3 – Meetings. Go to the booths of companies you’re interested in and set up meetings. Meet the head of product or technology. Most companies have senior people that will take meetings if you’re serious about buying their product. While you’re at it, make sure to swing by Gigamon booth #N4321 in Moscone North! Come say hello, meet with our team and watch demos and presentations from Gigamon and our partners on inline bypass threat prevention and cloud security.
#4 – Load up on swag. Fun fact, I have a VMware bottle opener I got at RSA 2006 in San Jose that finally broke. I’m planning on picking up a new opener this year.
The next level of pass RSA offers is a full conference pass. There are a few different tiers that allow you access on different days. These generally cost more than a thousand dollars and not every company will spring for one but, if you work in InfoSec, it’s worth making a compelling argument to your management to buy you one.
The full conference level gets you access to the keynotes, panels and presentation and this is where the meat of the conference is. This year there are 23 different topics and tracks. There is a Cryptography track, a DevOps track, an Industry Experts track and more. The full list is here. The tracks will help you find talks that relate to what you work on or want to hear about. For example, if you’re implementing crypto check out what will be presented at the Cryptography track. If you work in legal you might want to look at the Policy or the Law track.
If you get a full conference pass, log in to RSA and reserve seats in the talks you want to see. To figure out how to spend your time, start by looking at who is presenting followed by checking their abstracts. I put my list into a public Google calendar. The ones that say “SI” are the ones I am attending. The others are ones I would like to attend but conflict with ones I’m attending. You can see the calendar here.
RSA is an incredible place to make connections, both personal and professional. As you navigate the multitude of sessions and activities make sure to leave time for meeting people. Much of the InfoSec world spends time at hotel bars having drinks. There are generally lots of good parties at night (so take it slow) but make a point to network. You never know what introduction or conversation could lead to the next move in your career.
My next tip is to have a conference buddy. Don’t go it alone. Either bring someone from work or call your network and see if someone you like will be there. There is a lot going on at RSA. It’s huge and if you’re like me, fascinated by InfoSec, it’s easy to get overwhelmed. I always have a conference buddy to share what we saw on the Expo floor or go over a presentation we heard. It’s important to take in as much as you can but it’s also important to retreat somewhere quiet and take short breaks. Vendor hospitality suites are nice for this and give you a good opportunity to network. Mostly, go to RSA to learn from people in your field. Hear what they’re working on, what problems they have solved and get a feeling for where the industry is going.
I look forward to seeing you at the Gigamon booth. Follow @simonhg on Twitter if you want to get in touch.
Have a good #RSAC2018!
Author’s Note: I support a nonprofit called Project Alloy. We believe that attending technical conferences has played a key role in shaping our careers and want to ensure that people who are early in their tech careers and underrepresented in the industry have the same opportunity to take their skills to the next level. Check out Project Alloy and learn how we give financial support to grantees so they can attend tech conferences, network and benefit from a more inclusive tech industry.