I’m making my debut on the Illumio blog with some thoughts on getting the most out of the confluence of security professionals, products, and events that is coming to San Francisco next week for the RSA Conference.
A quick intro on me: My name is John Donovan and I head up Information Security here at Illumio. In this post, I’ll give you a practitioner's approach to attending a big security conference like RSA.
So how can you get the most out of RSA SF 2015?
First of all, get there! If you don’t have a conference or expo hall pass, get one ASAP. Prices go up once the conference starts and most of the free/discount codes no longer apply. If you already have a pass, you can skip ahead to my three-pronged approach to getting the most out of the conference.
Getting a Pass
Want to attend the full conference? Many organizations will help you get a discounted full pass if you don’t have one already. For instance, if you are an ISSA International member you can find discount codes here.
Expo only this year? Not to worry. Many of the best conversations at conferences happen outside of sessions. Instead they happen in the hallways, on the expo floor, or outside the walls of the conference hall. Many vendors have discount/free expo codes, so you don’t even have to pay to go the expo floor. Just make sure that you register ASAP this week, while the discount codes are still valid.
Once you have your discount code, head over to the site and register before you run out of time.
Concurrent and related events
The Security B-sides SF event is sold out, but I hear there will be a limited amount of walk-up tickets. If you’re a CISO or exec level security practitioner, the ISSA CISO Executive forum meets the weekend before RSA, but you’ll need to register ASAP.
My three-pronged approach to getting the most out of RSA
1. Plan your sessions
If you’re attending the full conference, I recommend that you anchor your days with a few key sessions. Then, pick a few alternatives so you can duck out if your first choice doesn’t look like it’s what you want.
If you’re attending as part of a group from your company, have your team branch out and then meet back up at breaks during the day. Here are a couple suggestions to get your planning ideas going:
- Needing to sell security to your executives or C-suite? There is a whole track on that topic.
- Trying to motivate people about security and security awareness? This session with Michael McAlpen should give you some great ideas.
- Focused on AppSec (Application Security) or the security of your supply chain? Gary McGraw is always a good draw. This panel with Howard Schmidt and Chris Wysopal would definitely be on my list as well.
- Want to geek out with the hard-core crypto guys? Attend the Cryptographers Panel for a luminary panel discussion that includes Whitfield Diffie and two of the guys whose initials are in “RSA”.
2. Chart a course for the expo floor
The Expo floor has continued to expand with the growth of the conference. While it’s not as big as some of the giant Las Vegas shows (Anyone remember Comdex?), it definitely helps to have a plan when tackling the Expo floor. One of my colleagues here at Illumio recently published an excellent post on this topic.
3. Network and socialize
- Catch up with someone from out of town or a local you haven’t talked with recently. People come from all over the world for the RSA Conference. Look up a friend or colleague and get together. Walk the expo floor together or grab a cup of Blue Bottle coffee or some dollar oysters & beer at Hog Island in the Ferry Building. Head together to one of the vendor events or parties (more on that below).
- Find your peers. I’m active in the information security community, both here in the Bay Area and beyond. Groups like the ISSA (Silicon Valley and San Francisco chapters), ISACA, and InfraGuard all have events going on during RSA. If you’re in ISSA or interested, RSVP and attend the international members meeting and reception on Tuesday, 4/21. [Full disclosure, I’m past president of the ISSA Silicon Valley chapter.]
- Finally, get out there and socialize. If you’re a customer contact for Information Security vendors, your inbox is probably filled with invites to parties. Make sure to RSVP, as some parties require confirmed RSVP and have long lines. If your dance card is not already full, check out the @RSAParties Twitter account and Google calendar. Follow the instructions to get yourself on the RSVP list. Securosis continues to have one of my favorite open events: the “Recovery party” on Thursday morning.