RSA Conference 2024 is almost here. If you’re among the thousands of security leaders heading to San Francisco this May, you'll want to manage your schedule — and filter out the noise from the hundreds of vendors and the thousands of security industry reps who will flood the Moscone Center.
But how do you pick which of the more than 500 sessions being held at this year’s RSAC will be worth your time? Here's our list of the must-see speaking sessions for security operations (SecOps) practitioners and leaders.
[ See also: What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss | Join RL @ RSAC 2024: Schedule a meeting with the team to learn more ]
CISOs Under Indictment: Case Studies, Lessons Learned, and What’s Next
Monday, May 6, 2024, 9:40–10:30 am
Recent policy moves from the U.S. Securities and Exchange Commission (SEC) are putting pressure on chief information security officers (CISOs). In this panel session, moderator Gadi Evron, CEO of Knostic, will interview three current and former CISOs on what the SEC’s prosecution of SolarWinds and its new cybersecurity disclosure rules mean for leaders. You’ll hear from panelists Charles Blauner, president of Cyber Aegis LLC; David Cross, senior vice president and CISO of Oracle SaaS Cloud; and Joe Sullivan, CEO of Ukraine Friends and Joe Sullivan Security LLC, talk about their own experiences and provide thoughts on where the industry is heading.
Navigating the AI Frontier: The Role of the CISO in AI Governance
Monday, May 6, 2024, 1:10–2 pm
In this session, presenters James Christiansen, vice president and CSO at Netskope, and James Routh, board member for Jimmer Advisory Services LLC, will delve into the complexities of controlling the use of generative AI within an organization. While the use of GenAI has proved beneficial for cybersecurity efforts, its use could have serious negative repercussions. Both Christiansen and Routh believe that CISOs should start building AI governance frameworks for their organizations so that they can best manage GenAI’s growth. Watch this session to learn how to build an AI governance framework and develop a road map to responsible AI use.
Hiding in Plain Sight: Hunting Volt Typhoon Cyber Actors
Monday, May 6, 2024, 2:20–3:10 pm
Earlier this year, the U.S. government issued an advisory saying that cyber actors from a Chinese state-sponsored threat group known as Volt Typhoon had been positioning themselves on the networks of U.S. critical-infrastructure systems in order to carry out cyberattacks in the event of a major conflict within the United States. It was in May 2023 that Microsoft discovered the group’s use of living-off-the-land techniques on American critical infrastructure, and in December of that year, Lumen Technologies discovered Volt Typhoon’s exploitation of end-of-life small office/home office routers to do this. Be sure to attend this talk to hear representatives from the FBI, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft explain what is known about this campaign and what lessons we can draw from it.
Ukraine’s Experience Facing APTs, Building Resilience
Monday, May 6, 2024, 2:20–3:10 pm
Russia’s years-long assault against Ukraine has involved both physical warfare and cyber-warfare, such as the HermeticWiper campaign and others. It’s important to realize that, because cyber-warfare has no geographical bounds, it can negatively impact a multitude of parties on an international scale. Join this session to hear experts Douglas White, technical director for USAID Ukraine; Maksym Darkin, digital development advisor for USAID Ukraine; and Nazar Tymoshyk, chief technical officer for Ukraine's CERT-UA, share insights that organizations can draw from this conflict in an effort to build greater cybersecurity resilience on both the enterprise and the national levels.
Gartner’s Top Predictions for Cybersecurity 2023–2024
Tuesday, May 7, 2024, 8:30–9:20 am
Leigh McMullen, distinguished vice president and an analyst at Gartner, will present the firm’s top cybersecurity predictions for the year to come, including the rise of GenAI and the risks that human factors pose to cybersecurity. Leaders will also get answers on why their organizations should prioritize these predictions in an effort to make their cybersecurity programs more resilient.
The First Decade of Corporate Ransomware
Wednesday, May 8, 2024, 8:30–9:20 am
Ransomware is not a 21st-century phenomenon. The first attempt at ransomware occurred in 1989 and involved the use of floppy disks. However, it wasn’t until 2014 that the first bitcoin-enabled ransomware attacks began targeting enterprises. Now, 10 years later, ransomware has become one of the most prolific and damaging types of cybercrime in the world. Its victims aren’t limited to corporations; today’s ransomware gangs also target critical-infrastructure entities in health care and education on a regular basis. Join this session with cybersecurity luminary Mikko Hypponen, chief research officer at WithSecure, to hear his summary of the last decade of ransomware, plus what he expect this arena of cybercrime to look like 10 years from now.
State of the Hack 2024 — NSA’s Perspectives
Wednesday, May 8, 2024, 9:40–10:30 am
The NSA is returning to RSAC to brief attendees on its State of the Hack for 2024. Join former NSA director of cybersecurity Rob Joyce and current director, David Luber, as they survey the landscape of cyberthreats in relation to the U.S. government and describe the most pressing cybersecurity threats facing U.S. organizations. They’ll also discuss the threats that the NSA and other federal agencies have been tracking in the wild, as well as what threats may arise in the future.
Join ReversingLabs on the expo floor at Booth #4528, where the team will be ready to chat — and answer any questions you might have. Here are the team's presentations happening live at RL's booth:
Tuesday, May 7, 2024
- 12:45 pm: You Can’t Count on Endpoint Security: Enhancing SOC Triage
- 4:45 pm: Addressing Big-Ass Files and High Volume with RL
Wednesday, May 8, 2024
- 10:45 am: The Files Must Flow: The Downfall of the Sandbox
Thursday, May 9, 2024:
- 12 pm: You Can’t Count on Endpoint Security: Enhancing SOC Triage
Keep learning
- Learn how to do more with your SOAR with our Webinar: Enhance Your SOC With Threat Intelligence Enrichment.
- Get schooled by the lessons of Layer 8: See Dr. Jessica Barker on The Human Elements Driving Cyber Attacks.
- Go deep on e-discovery with our Webinar: Strengthening Malware Defenses in Legal Firms.
Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.