A few quick thoughts on RSA 2016

I am very grateful for the privilege of attending RSA 2016 in San Francisco this year. I met and shook hands with Bruce Schneier. I met and shook hands with Rami Malek. I even met the last surviving person to have served time in Alcatraz and spend 40 minutes with him tell me his experience there. It was pretty great. A lot of Security people blog on RSA, top themes, new threats.

I’ve been thinking what I could add to the conversation that would be unique to everything I experienced at RSA, and everything I’ve read about RSA since coming back.  What haven’t you read anywhere else?

RSA seems to be a ‘boys only club’. I don’t know why. Are there only dudes in InfoSec? There are incredible opportunities for women in Information Security! Why are there not more female Engineers? Please understand, I am writing this from a purely professional standpoint – I am a married man, married to one of the most Intelligent women I have ever known – it’s not just me saying that – My wife is a Web Developer and damn good at it. But we are talking about RSA. I digress. RSA – It’s a boys club.

RSA was crowded. Almost too crowded. 45000+ people.  I could not get in some the sessions that I wanted because hallways were so packed and lines were everywhere, so I just ended downloading the slide shows + watching vids from the RSA site later. The massive crowds and “people queueing” kind of  took away from the experience.  They need to break it up and have multiple ‘RSA’s’ at different cities throughout the year – the Mascone Center can’t hold anymore people if it keeps growing. Seriously . .think about it. RSA East. Rocky Mountain RSA and RSA West.

RSA hires mean Security people. Not Information Security People. No I am talking about the perpetual grumpy Security staff at the Mascone Center.  It was amazing how many of the employees/staff at the event were just rude and grumpy.

RSA did a good job on getting content up on their site! As I mentioned, I could not get into some events I wanted to see – I was so happy to see all the presentations available online. I not only went through ones I missed, I downloaded the lot and shared them with my Colleagues at work who did not go. RSA also did a good job on their APP – finding things in the giant Mascone Center was easy.

My big take away from the RSA 2016 Conference was not any brand-new Security concept, or any crazy drone-hacking story, but I left with more of a re-assurance of a truth that Dr. Eric Cole shared with me two years ago. Prevention is failing. Detection is a MUST. That theme was echoing through the Sessions and on the vendor floor. Its good. That means all the C-Level folks are hearing this too and will put the People, Process and Tools for detection strategies in the future!

I am so grateful to have been given the opportunity to attend!