RSA Thoughts, Part 1

(photo credit: Brian Campbell)

I think teaching eviscerated my time for blogging. Going to try and put more energy in it this year. Naturally, I’m going big on this revival with a two part post about my experience at the RSA Conference, to the best of my knowledge the largest security conference on the planet (especially if you count their global adjuncts).

This was my first RSA, both as an attendee and speaker. I thought Oracle OpenWorld was huge. Good gravy. I think estimates had it at about 45,000 attendees. In spite of the size, kudos to RSA and their management vendor who run an incredibly tight conference for that scale.

On one hand it’s awesome that we have so many people, vendors, and speakers focused in the information security space. On the other, its a touch overwhelming and nearly impossible to get to all the content you want. Overall I think that’s a good problem to have, because this is a tough problem to solve. It was refreshing that they featured an identity track (a first, I believe) at the conference.

The good news is they make much of the content available online, including some videos of the sessions. Mine has audio but no video, which isn’t a loss, heh. It isn’t very technical, but has a solid foundation on some of the key elements and challenges that go into a Privileged Access Management program. I’ve delivered this talk at the Cloud Identity Summit, BSides Charlotte, and IT Hot Topics, but this was definitely the most mature version of the talk because of the time that has passed and the lessons learned.

My talk was on Thursday, which originally I loved because I thought it would give me more time to prepare. I was mistaken. This talk is by far the most mature of the ones I’ve developed so very little additional time was needed to update it for the conference. I don’t know necessarily that I would have wanted to go on Tuesday, as there were some serious heavyweights in the industry to compete against. My biggest concern was making sure I kept my energy balanced throughout the sessions, networking, and vendor parties so that I could be sharp as possible when it came time to take the stage. It required missing a few tracks, but I eventually achieved that.

I discovered in the hours leading up to my talk that seat reservations had reached a level that they created an overflow room in case demand exceeded capacity. That was extremely flattering, but I did my best not to make it bigger than it was. The talk wasn’t changing, or the stage. I was thrilled that so many people were interested in this area, because I think sometimes it gets lost in between the traditional domains of identity & access management and information security. Clearly others felt the same way given the number that turned up.

Overall, I couldn’t be more pleased with how the talk went. Even though the hall was a little dark so they could broadcast it to the overflow room, I could feel the engagement and energy from the audience. It showed when I finished, as the questions that emerged were insightful and thought provoking. Once we wrapped up, I went outside and answered even more questions, happily, for another 40 minutes. Such great conversation with such intelligent and thoughtful people! I retired to the speaker’s lounge to decompress a little and make some mental notes from some of the questions that were asked. (photo credit: Scott Bollinger)

I know I’m kind of working this post backwards, but the next chapter will have some of my takeaways from the conference, both in hallway conversations and some of the tracks and keynotes I attended.

I’m writing this post at the airport with a feeling of extreme gratitude for the opportunity that was presented to me, and all of the support that I’ve received from countless people to help make this conference a personal and professional success.

PS. Thanks to Ian Glazer for the support.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.