As those in cybersecurity and related industries know, the 2019 RSA Conference just concluded. It billed itself as the largest event of its kind, “where the world talks security,” and the 42,000+ attendees would no doubt agree. This was my 11th consecutive RSA show, and as I entered, I was taken aback by the contrast of the bright, newly renovated Moscone Center and sea of dark suits, hoodies and other attire security pros prefer.
After all, cybersecurity has been called a dark industry, right?
We were all there for one overarching reason: to combat cybercrime. And, the tone was similar to what CloudShare CEO Zvi Guterman recently experienced at Cybertech. Both events “cut right to the chase,” focusing less on technology flash and more on the cybersecurity challenges we all face.
Still, this time RSA felt a little different.
For starters, in the past, English and Hebrew were dominant at RSA – a reflection of these security tech hubs – but now many other languages were being spoken. Women played a larger role in the event, too. And while competitors were once closely guarded, this time there was greater collaboration.
Maybe the realization that we are not just targets of malicious hackers, but “victims-in-waiting” has finally sunk in? After all, regardless of our companies or countries, we will all be directly impacted by cybercrime – it’s only a matter of time. That said, perhaps one day we’ll look at this RSA show as one in which the industry matured, not just in specific areas like technology, but more holistically.
Diversity and inclusion
Women hold about 26 percent of tech jobs, according to research from The American Association of University Women (AAUW). When it comes to cybersecurity, studies show women make up less than 14 percent of the U.S. workforce and men are nine times more likely to hold managerial spots.
RSA received some negative feedback in the past because of a lack of female presenters. However, it seems the planners took that commentary to heart; this year, women played a much more significant role. There were all-women sessions and dozens of female leaders in every track. I would guess over 40 percent of all panelists and keynote speakers were women – it was inspiring.
Still, on the show floor, it seemed as if only 10 percent of female attendees held security posts – but that’s an industry issue. We must recognize that seeing mostly male headliners and attendees just reinforces people’s thinking that this is a masculine field. A more diverse lineup will eventually help ease the skills gap plaguing the industry. If we want to make a difference in this industry, it’s important to recognize diversity and inclusion doesn’t just pertain to gender. This is a small community, when a senior person leaves one cybersecurity outfit, they often become a decision-maker at another. Diverse geographies, cultures, ages and skillsets provide different perspectives – which results in fresh ideas.
The pipeline of talent in the industry is thin to begin with and more needs to be done to bring new blood into the space. It was fantastic to see 16-year-old Kyla Guru’s presentation, “Tales of a Teenage Security Supergirl,” garner so much attention at the conference. As Government Technology noted, this presentation was “empowering for Gen Z,” and something to be shown to “teenage relatives and friends for a ton of reasons.”
Trust and frenemies
Dark Reading’s Sara Peters’ take on the need for trust — in machines, in systems, and in one another — was a perfect exploration on a central theme from RSA.
Technology-wise, a lot of discussions at RSA focused on machine learning, artificial intelligence, cloud, and perhaps most of all, the Internet of Things (IoT), which has changed the scope of security. There is also lot of exposed technology and information in the wild. The more that’s made accessible, the more vulnerable we are.
Still, it was particularly gratifying to see the cybersecurity community at RSA speaking more globally and collaboratively – it’s vital we trust and work together. It does present a bit of a Catch 22, particularly for newfound “frenemies” whose knee jerk reaction would typically be to erect walls aimed at protecting their company’s interests and gaining a competitive advantage.
There are already plenty of walls in security between countries, but that’s quickly changing. For example, 38 countries were represented at RSA this year. There were pavilions designated to Japan, Korea, Germany and more; one was even focused on the U.S. state of Georgia (where I graduated from college and which has established an impressive reputation in the industry).
Cooperation and collaboration has grown tremendously in the last year – governments sharing information, vendors working together and selling more joint solutions – and it was good to see this activity at a peak during the RSA show.
A holistic and global approach
While it was inspiring to see so many using CloudShare for sales and training on the RSA floor, the spark that ignited my purpose for attending the conference was hearing so many attendees talk about the use of training to combat cybercrime. According to Ponemon’s 2018 “Cost of a Data Breach” study, the third best way to decrease the toll of a data breach is training – only an incident response team and encryption has a greater direct impact.
Information is being shared. It’s a more holistic and global approach, one that’s time has come. On the RSA show floor, as in real-life, the greater good was recognized and the solution is apparent – together we are stronger.
Need to train your employees for better cybersecurity outcomes? Check out our e-book, “Under Attack! How CISOs Should Respond to the Cybersecurity Crisis.”