Plus, a Bonus Hot Topic Prediction
As the cybersecurity world prepares to descend upon the Moscone Center in San Francisco in just over a week, vendors, trainers, conference staff, and attendees are making final preparations for what should be an eventful week for everyone involved. While many attendees are veterans of RSAC, there are undoubtedly a large number of attendees for who this will be their first time experiencing RSAC in person. For those folks, here are three ways to ensure your visit to the city by the bay is worthwhile.
Make a Vendor Plan
While most, if not all, attendees already have the session agenda set (click here to view the agenda), don’t sleep on making a plan for the exhibit hall.
With hundreds of vendors across Moscone North and South and the walkway between the two sides, aimlessly walking the floor can make your head spin in minutes. RSAC put together a Marketplace where you can search by keyword, company, or product or use pre-defined categories to hone in on vendors you want to meet during the conference. You can create a favorite vendor list in the marketplace to search the Moscone North, South, or Early Stage Expo floor plans. Even better, many vendors have created conference landing pages, like ours, where you can see what the vendor has planned for the event. Sometimes, you can request a private meeting to use your time better. An hour or two spent preparing for vendor discussions ahead of time can save you countless hours of frustration at the event. That said, it is worthwhile to allot a couple of hours of “window shopping” in the exhibit halls. Every year new companies are popping up at RSAC that you probably didn’t know existed that have interesting tech for you to learn about, not to mention all the freebies and prize giveaways. If you are lucky, you might walk out with some nifty prizes.
Sidebar: RSAC Hot Topic Prediction: XDR to Open XDR
For those at RSAC in 2022, you couldn’t walk five feet without seeing vendors touting their “XDR” capabilities. But, if history is any guide, this year, we can expect those who hopped on the XDR message last year only to gain notoriety will have moved on to some other hot topic, such as Chat GPT. So I suspect only those vendors who deliver actual XDR capabilities will remain on the XDR train this year.
Over the past year, many industry analysts, practitioners, and decision-makers have been asking for more than what a traditional XDR offers. They want an XDR that 1) can ingest data from any security product, 2) automates threat detection without manually created correlation rules, and 3) gives security analysts everything they need to complete a comprehensive investigation fast, including a way to easily take mitigation actions. What they are asking for is known as Open XDR.
I suspect this year you will also see some XDR vendors trying to adapt their XDR messaging, which is generally anchored to their endpoint product, to “Open XDR,” claiming broad integration capabilities. While our Open XDR platform has been in the market for years, providing tangible benefits to thousands of customers daily, these new “Open XDR” vendors will be hard-pressed to provide the receipts for their claims. Check back after RSAC for my post-event blog to see if my prediction was right or wrong.
Make an Evening Plan
After all day on your feet, taking in information from a fire hose, you will want to unwind. Lucky for you, vendors are keenly aware of this and have dozens of evening events planned. Check out this site for the most up-to-date party information (props to @RSACParties for putting this together each year). Remember that these parties have max attendance limits, so register as early as possible. I’d recommend registering for a couple, even if they overlap, each night so you have options. For those of you who are in senior roles (CISO, CIOs), it’s no surprise that there are invite-only events for you. Your inbox is probably already flooded with them, but with an event this size, those will fill up, so do not wait until the last minute to set your evening schedule.
Make a Debrief Plan
You just spent four days immersed in cybersecurity, hopefully with some fun. Now it is time to share the wealth.
I’d recommend today, before the event, go to your calendar for the week after RSAC and block out a couple of hours on a few days for you to replay your week, pulling out the “golden nuggets” you learned about during a session or the products you want to discuss with your team. Of course, no one wants or needs a “tick-tock” of your week, but you probably heard a few things worth sharing along the way, so share away. The effort you put forth does two things: 1) it shows your company and management that you are a good steward of their budget dollars, and 2) it makes it easier for you to gain approval to head to the next big event (Black Hat is only 16 weeks away.)
A Parting Thought
Some view these conferences as a “boondoggle,” an excuse to leave the office. While for some, that might be true, I believe the vast majority attend these conferences to learn so they can continuously improve their security practices.
Beyond the learning, RSAC is one of the few times a year when people can spend time with their peers, trading war stories and laughs in person. Especially after the past few years, when we were all pushed indoors and away from each other, getting facetime IRL with old friends and making new ones is not only good. It is essential.
See you there!