We know the level of enthusiasm that Conference generates, and we also know that reality hits as soon as you turn off that “Out of Office” auto-reply. Those who leave Conference with good intentions all too often fall back into the chaos of life. Understanding that way leads on to way, and that we often don’t have time to look back, we wanted to send reminders of the resources that are always available to you at www.rsaconference.com.

To help narrow your search, we’ve pulled together this week’s Top 5 RSA Conference Resources. We also thought it would be helpful to ask speakers, “If you presented today instead of several weeks ago, what would you change/add/do differently?” Here’s a look at what the presenters had to say:

  1. 10 Cybersecurity Visibility Gaps Every CISO Must Fill!: “We need to be thinking about the technologies we come to depend on and asking, What are the flaws, the weaknesses, the vulnerabilities? We need to look more at configuration and scanning policies so that we can better and more quickly understand how to use new technologies securely,” said Russell Eubanks, CIO and CISO at Federal Reserve Bank of Atlanta, and Certified SANS Instructor.

  2. Insider Threats—When Is It Too Late?: “When employees don’t feel heard, you are more likely to see insider threat problems, whether it’s the government or private sector,” said Jacqueline Atiles, Program Director for the Department of State. Policy Adviser Gregory Collins added, “There are certain areas where you shouldn’t cut corners or make adjustments that raise risk, but you also need to stay engaged. That personal separation and disconnect has a big effect on people and we are going to see it roll into the effective work that they do.” Both agreed that nothing in the presentation should change expect for the emphasis on the importance of these six steps of the employee lifecycle and how to implement the steps for successful engagement.

  3. The First 6 Months as a CISO Determines Success or Failure: Michael Coates, CEO at Altitude Networks, said, “The core tenets of security strategy and organizational alignment in my talk are not specific to a set of enumerated security risks. Instead, the strategies are universal and establish an approach that CISOs can leverage to align their security program for success. However, the current global pandemic is a reminder that security teams must brainstorm and prepare for different realities and consider that their security controls may no longer hold true in vastly different operating environments.”

  4. Privacy by Design: Lessons from Beyoncé: “One of the exciting aspects about working in the privacy and security field is that we're always thinking about unintended consequences and preparing for the unexpected,” said Ayana Miller, Technical Program Manager, Privacy and Data Governance at Pinterest. “More than anything, I think the principle expect the unexpected is the most relevant to what we're facing at a macro level. We're all learning to navigate in this new normal. I think privacy and security professionals are well-equipped to help our colleagues, friends and families think about strategies for risk mitigation during this difficult time.”

  5. Consumer IoT Security: Creating a Baseline Standard: “Standards development in IoT security is progressing to original timelines. The UK still plans to take forward regulation,” said Jasper Pandza, Development Lead at UK Department for Digital, Culture, Media and Sport (DCMS). “As many more people now stay at home and use consumer IoT, the entire issue has become more urgent. But the steps we are taking to address this have not changed.”

Contributors: