Going to RSA 2024? Here’s what to look for

The annual RSA Conference has been running for 32 years now, and it’s widely recognized as the most important cybersecurity gathering of the year. And of course that’s a self-perpetuating status; if everyone attends because it’s the most important gathering, then everyone’s there, making it the most important gathering.

This year’s conference is kicking off in just a few days. Plenty of my colleagues will be there, soaking up knowledge, building networks, and meeting with current and future customers and partners.

Reasons to attend

In addition to the obvious reasons for going to the conference, there’s one that you may not have thought of: Continuing Education credits. That’s right, you can earn up to one full credit per hour of attendance at the conference, which can be applied to a wide range of certifications from various accredited organizations, such as SANS, ISC2, FAIR Institute, and more. Get the details here. 

Maybe you’re eager to go, but you’re having trouble articulating to your boss why it’s a good idea and worth the cost to the company. Well, in that case, RSA’s got you covered. Not only do they provide a clear breakdown of how your attendance will benefit your employer, they even provide a pre-written email template that you can fill in and send to your manager or supervisor to convince them to give the okay. Check out RSA’s “Justify Your Attendance” page for all that and more.

Key tracks and sessions

With 529 sessions scheduled over the conference’s four days, you’re going to want to go into this with a well-thought-out plan. 

Want to get the latest insights about AI and cybersecurity? You can spend the whole conference just on that subject (in fact, it’ll be very hard to avoid). Want to hear from NSA and CISA representatives about the Zero Trust Maturity Model? They’ll be there. Are you mostly interested in networking? There will be plenty of opportunities for that too.

What follows is a very selective list of just a few sessions that stand out to me as being particularly interesting and timely. But of course, your interests and areas of focus may be different. 

• Peer-to-peer sharing and discussion: Application Security for Generative AI Applications 
  If your developers are rushing to create apps with generative AI built in, you need to be informed about what that means for application security. Does AI mitigate some common vulnerabilities? Does it introduce new ones? How can you identify them, and what will it take to ensure a continued high level of app security in the era of AI? 

  This is a “Birds of a Feather” session—a facilitated group discussion, governed by the Chatham House Rule. You’ll be expected to participate, and no comment attribution or recording is allowed. In addition, the session is closed to Media, College Day, and Security Scholar pass-holders. 

• Expert-level presentation: How Large Language Models Are Reshaping the Cybersecurity Landscape 
  Presented by the Cybersecurity Technical and Research Lead for Google DeepMind, this session is bound to be eye-opening and informative, with plenty of real-world insights to be gained. 

• Hands-on technical session: ChatGPT Unleashed: Solving Data Breach Puzzles with Precision 
  This Learning Lab session will be a chance to ramp up your AI chops. According to the session abstract, “Attendees will master intricate tasks using AI-enhanced ChatGPT prompts.” You’ll be using ChatGPT to track down hidden malware in memory and in traffic. Sounds pretty cool, right? 

• Real-world success story: Going Passwordless for Employees: Secure Modern Authentication at Work 
  If you’re intrigued by the idea of transitioning to passwordless access controls—and who isn’t? —then this should be a fascinating session as the CISO of Accenture tells the story of how his company managed to ditch passwords. 

• In-depth seminar: OWASP AI Security Summit: Safeguarding AI with OWASP Top 10 for LLMs & Gen AI 
  OWASP, long recognized as a valuable resource for application security, has published a new Top 10 list of vulnerabilities for LLMs. At this half-day seminar, you’ll meet OWASP’s core LLM project team, and you’ll “Discover expert strategies to combat the OWASP Top 10 for LLM identified security vulnerabilities, ensuring your company stays ahead in cybersecurity.”  

• Far-out visioneering: Why Outer Space Is the Next Frontier for Cybersecurity 
  Presented by Patrick Lin, the Director of the Ethics + Emerging Sciences Group at Cal Poly SLO, this session will discuss his group’s finding that once we begin having conflicts in outer space, they will largely consist of cyberattacks. He’ll argue that so far only a few obvious scenarios have been considered, and he’ll share the findings of a National Science Foundation project that has “yielded about 100 novel/surprising scenarios.” Now that sounds fascinating!

Well, those are the sessions that would top my list if I were able to attend this year. But with so many interesting topics being covered by a huge range of experts and thought leaders, it’s bound to be hard to choose. The main thing is to get your trip approved and paid for, and then show up. 

If you do go, please feel free to drop me a note to tell me how you enjoyed it, and which sessions made the biggest impression on you!