RSA Conference 2019: Best sessions for SecOps

The upcoming RSA Conference 2019 offers an enormous variety of subjects and speakers to choose from, ranging from the legal implications of GDPR to how nation-state actors are using cyptocurrency to advance their goals. But in all of this variety, which sessions are best for improving your security posture and security operations (SecOps) strategy?

We’ve read through the sessions list and selected eight sessions (with our own commentary) that promise to offer valuable insight into cloud security, automation and attack surface reduction—three very pertinent topics in today’s security operations landscape.

1. The Trust Landscape
   Tuesday, March 5 | 8:10 – 8:35 a.m.
   With both human and informational trust violations being a crucial component of the attack strategy of major adversaries and petty cybercriminals alike, the responsibility to refine, improve and safeguard informational trust relationships falls to the security community—both to defend against these trust violations and to influence policy, development and architecture—to minimize risk.
2. A Cloud Security Architecture Workshop
   Tuesday, March 5 | 1:00 – 1:50 p.m.
   The cloud-heavy security landscape is which we work is vastly different from the security landscape even ten years ago. In a world of cloud-based services—vendors, hosting, backups and malware—understanding the fundamentals and practicalities of cloud-based secure infrastructure design is useful for the people architecting the systems and also for analysts and incident responders to further understand established attack patterns, hypothesize potential attacks, and defend proactively.
3. Using Automation to Help Achieve Security in a Multicloud Environment
   Tuesday, March 5 | 2:20 – 3:10 p.m.
   Cloud-based infrastructure has allowed for a high degree of interconnectivity and functionality. It has also added complexity, as well as introducing challenges related to disparate cloud platforms, disparate APIs/remote services and disparate approaches to security based on the differing visions of different vendors. Automation is a valuable tool to manage both the complexity of cloud-based environments and to scale as the number of relevant logs and information being gathered about these environments invariably increases.
4. Doing Security Orchestration, Automation and Response before it was Born
   Wednesday, March 6 | 8:00 – 8:50 a.m.
   Aflac realized early on that automation was an effective strategy to combat the evolving threat landscape and the speed of modern attacks. It should prove to be an interesting case study in homebrew SOAR while providing perspective from a large company that has been using automation longer than most.
5. A View from the Front Lines of Cybersecurity
   Wednesday, March 6 | 4:00 – 4:25 p.m.
   Being caught up on the latest threats is good. Being aware of the threat trends likely to play a role in future attacks is better. The threat landscape is far from static, and preparing for the attacks of the future by adopting good, awareness-based policy and strategy is key to keeping up with the modern attacker.
6. Three Things the Security Industry isn’t Talking about (but should be)
   Thursday, March 7 | 4:00 – 4:25 p.m.
   In too many environments, there is an abundance of tools, solutions, effort, time and money devoted to detecting and responding to threats. Almost none of those resources are devoted to actively minimizing the attack surface for understandable reasons: It can be difficult with so many systems running so many types of software connected to the Internet, it requires intimate knowledge of the organization’s information security architecture and posture, and making systems or services harder to access in any way often steps on someone’s toes. Despite these challenges, the attack surface should be an integral component of every organization’s security posture.
7. Introduction to Defending the Enterprise Using Automated SecOps
   Friday, March 8, 9:50 – 10:40 a.m.
   This session should be a valuable resource for any organization who is considering SOAR as a solution or for any organization that wants to get more from its existing SOAR solution. It is important to understand what is practical to automate and what is not in order to determine if SOAR is right for your organization—or spark new ways you can use your existing SOAR solution.
8. Engineering Trust and Security in the Cloud Era, Based on Early Lessons
   Friday, March 8 | 11:10 a.m. – 12:00 p.m.
   Just like “The Trust Landscape,” this session promises to offer insight into the modern digital trust relationships that are an integral part of the current cloud landscape. The panel format may also provide differing perspectives on the likely futures of these trust relationships.