Delinea | Privileged Access Management Blog

RSA Conference 2022 | Top 5 Sessions to Attend

Written by Joseph Carson | May 24, 2022 12:00:00 PM

It is that time of the year again for RSA Conference 2022, a bit later than expected but better late than never. It’s our opportunity for the global security community to come together and learn about the latest cybersecurity threats, security trends, innovations, and best practices to become more resilient against cyber-attacks. This year's theme focused on joining forces and getting inspired to transform our cybersecurity efforts. It’s more timely than ever as we seek to manage an ever-changing landscape and new working environment that many organizations have been forced to deal with over the past two years. 

One thing is clear: nation-states are not taking responsibility for devastating cyber-attacks that increasingly cross country borders and disrupt our way of life. Cyber-crime groups have been behind many cyber incidents in recent years, resulting in major data breaches, ransomware attacks, or government agencies' confidential data being stolen. Several governments and companies have linked these cyber groups to nation-states. However, they have not shared concrete proof of these links so far, while suspect nation-states continue to deny any involvement. Without clear collaboration and transparency, this problem will continue to grow with the potential for a full-on cyberwar as retribution. All of this will be discussed at RSA with the hope that a solution will be found to make our online world a safer place 

RSA Conference 2022 returns to an in-person event and will continue to offer a digital option for those unable to travel to San Francisco from 6th June until 9th June 2022. As cyber threats have evolved and continue to become more targeted and sophisticated, we must come together and learn how to protect against the threats of yesterday and how to transform and protect against future threats.   

As RSA is one of the world’s largest cybersecurity events with around 40,000+ attendees, one imperative based on the past few months is that we must learn to be social again as the world re-opens to society. We have all been locked away from family, friends, and colleagues for the past year so it may seem a bit strange to meet people in person and re-learn how to interact socially. Many are still cautious and we must also respect the new human perimeter.   

Learning to be Social Again and Discovering New Forms of Greetings

As I’ve recently been getting back to in-person conferences (some, but nowhere near previous years), one new norm I’ve discovered is that the traditional greetings have changed from a hug or handshake to elbow tapping, fist bumps, foot taps, or the simple head nod from a safe distance. It’s been kind of weird. Learning to identify the right greeting has been interesting. I’ve found myself sometimes putting my hand out to shake the person’s hand and holding their fist instead, which, in all honesty, is an interesting way to say hello to someone.

There’s a New Human Perimeter

We must rediscover how to be social and respect the new human perimeter. That means checking to see what the other person’s safe zone is. I call this the “red light, yellow light, and green light” social challenge.

It would be great if conferences would introduce a way of indicating what the new safe human perimeter is, perhaps by adding something like a ribbon for vendors, speakers, attendees, and media—different colors or labels would identify what greetings are acceptable to different individuals, let’s say:

  • Red Light – Stay a safe distance, don’t invade my space
  • Yellow Light – Fist bumps, elbow taps, or foot taps are welcome
  • Green Light – I’m back and handshakes are good

Re-learning how to be social at the conference – colors would identify the new “handshakes”

As we get back to society, let’s respect each other’s boundaries and rediscover old greetings along with the new. It’s important to stay safe and healthy, and, at the same time, ensure we aren’t pushing on “unauthorized access.” 

For many, planning and getting ready for conferences is a load of work and can be time-consuming. So, it is always important to have a plan for large conferences such as RSA. As you are preparing for the journey to San Francisco, planning the sessions and events you want to attend ahead of time is essential. To make it easier for you when reviewing the hundreds of sessions that will be available at RSA this year, I have listed my top 5 sessions not to miss at RSA 2022 along with some awesome speaker sessions that you should make sure to attend. 

Top 5 sessions not to miss at RSA 2022

Strong Story to Tell: Top 10 Mistakes by Administrators About Remote Work
Speaker: Paula Januszkiewicz, CEO, Cybersecurity Expert, CQURE Inc.
The sudden shift to remote working has left businesses at a far higher risk of cyberattacks, largely due to their corporate infrastructure being exposed to new external attack vectors and threats. Learn the top 10 mistakes related to remote work security, the hackers’ perspective on the home office, and solutions companies can implement to make the home office a safe workplace.

Continuous Security - Integrating Pipeline Security
Speaker: Vandana Verma Sehgal, Vice-Chairperson, OWASP
In a world of continuous delivery and cloud-native, boundaries between what an application and what constitutes infrastructure are increasingly blurred. Workloads, the containers they ship in, and platform configuration are often developed and deployed by the same teams, and development velocity is the key metric to success. This session will look at how to build security in the CI/CD process. 

Building a Cloud-Based Pentesting Platform
Speaker: Phillip Wylie, Founder, The Pwn School Project
Often offensive cybersecurity professionals require a way to perform external pentesting of Internet-facing targets. This ability to test externally facing systems is nothing new and has been done over the years using various configurations. In this presentation, attendees will learn how to build a cloud-based pentesting environment useful to pen-testers, red teamers, and bug bounty hunters.
 

What (Actually, Specifically) Makes Security Programs EVEN MORE Successful?
Speakers: Wendy Nather, Head of Advisory CISOs, Cisco, and Wade Baker, Partner, and Co-Founder, Cyentia Institute
In last year’s RSAC keynote, this session presented high-level practices that measurably contribute to a more successful cybersecurity program based on a rigorous survey of nearly 5,000 practitioners. This year's session will share another massive study that will dig much deeper into those top practices to determine exactly what makes them even more (or less) effective in driving program success.

Zero to Full Domain Administrator: Real-World Ransomware Incident
Speaker: Joseph Carson, Chief Security Scientist & Advisory CISO, Delinea
Following in the footsteps of an attacker and uncovering their digital footprints, this session will show attendees the attacker’s techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident.

Other special mentions for awesome speakers you should not miss at RSA 2022

I also highly recommend the following speakers whose awesome insights and knowledge are educational and attending their sessions will be extremely valuable. I will be attending many of these sessions to learn as much as I possibly can.   

 Allan Alford - Host, The Cyber Ranch Podcast 

 Lesley Carhart - Principal Industrial Incident Responder, Dragos Inc 

 Bryson BortFounder & CEO, SCYTHE 

 Lester Godsey - Chief Information Security Officer, Maricopa County 

 Tanya JancaFounder and CEO, We Hack Purple 

 Alyssa MillerBusiness Information Security Officer (BISO), S&P Global Ratings 

 Chloe MessdaghiStrategy Consultant and Researcher, Stand Out In Tech 

My top survival travel tops for security conferences

There are several tips for those attending any cybersecurity conference in person. They’ll help you stay safe and reduce the risk of becoming compromised. I follow these practices on my frequent travels.

Here’s a helpful list to keep in mind:

  • Many restrictions are in place due to COVID-19. Check and double-check before you go to make sure you are up to date on mandatory requirements.
  • Check which documents you need for travel, including transit countries, as you might need to complete traveler locator forms.
  • Keep extra masks at hand as you never know when you might need them.
  • Check your passport or travel document expiration dates as it might have been a while since you last used them
  • Keep valuables in your hotel room locked in your suitcase or hotel safe.
  • Update, patch, and back up your devices before you leave home.
  • Power off any devices that you aren’t using.
  • Leave sensitive data at home.
  • Keep your contactless cards in an RFID-protected wallet.
  • Always assume someone is watching and monitoring you—you’re going to be caught on camera and tracked, so accept it.
  • Avoid Public WIFI and use mobile data always with a VPN.

Learn more in our recent podcast Cybersecurity Conference Survival Tips with Chris Roberts

Connect with Delinea at Booth #S-1227 RSA 2022

Expo Hall  
Stop by Booth #S-1227 to learn more about Cloud-Ready PAM. Play the slot machines full of prizes for your chance to win a Honda Africa Twin motorcycle! 

Exhibit Hall Live Demos 
We are offering customized product demos, tailored to address your organization’s modern security needs at scale. Discover and explore how our cloud-ready PAM solutions can help your organization stay safe from the ever-expanding threatscape. Book your demo today. 

Not registered? Register for your free expo pass using Invitation Code: 54SDELINEXP or save $150 on a full conference pass using Discount Code: 54FCDDELINE  

Delinea Sessions 
In addition to the “Zero to Full Domain Administrator” session listed above, there will be two other sessions featuring Delinea. 

In-Person Session: Identity and Privileged Access Security Strategy with Petrofac
Identity security has become a top priority for organizations to help reduce the risks from third parties, supply chains, remote access, and cloud access. Join us for a Q&A session where Joseph Carson, Art Gilliland, and George Eapen discuss identity-based security threats as well as lessons learned on how to strategize your journey to privileged access security success. 

Virtual Session: Ransomware Incident Response Plan: How to Prepare. How to Respond. 
Join Joseph Carson as he explains how a ransomware attack progresses from initial credential compromise to escalated privileges, exfiltrated data, and the ransomware deployment and ransom demand. See how to effectively respond when an attack is detected, gather evidence to remediate the attack, and provide guidance to secure your organization against future attacks. 

Have fun and stay safe! I look forward to seeing you at RSA 2022.