RSA Conference 2014 Survival Guide
We’re just days away from the start of the RSA Conference, and thousands of security experts, analysts, journalists, and IT staff are en route to the Moscone Center in San Francisco as I’m typing this. Despite some ongoing controversies surrounding the show — including RSA getting hacked themselves in 2011, and the ongoing (and more recent) debate over RSA’s alleged deal with the NSA – the RSA conference remains one of the leading gatherings for IT security professionals and the vendors that want to market to them.
I’ve attended a few RSA conferences over the years — refer to my RSA coverage from 2008, 2009, 2011, 2012, and 2013 — and I’ve always found it helpful to gather up some useful bits of information in the form of an RSA conference survival guide before I head off to the show. I put together an RSA 2013 survival guide last year, so I’ve decided to post an updated one this year. I’d also like to hear about some of your own RSA tips and tricks, so feel free to drop me an email or add a comment to this blog post with your suggestions.
I’ll be posting updates from the RSA conference show floor throughout the week, so be sure to follow the Petri IT Knowledgebase Twitter account, my own Twitter feed, and our Facebook page for all the latest on the security developments from the show.
RSA Conference Social Media Guide
One of the best ways to keep tabs on what people are paying attention to at every trade show is to follow what people are posting about the conference on Twitter. In the case of the RSAC Conference, the most important Twitter handles and hashtags to follow are the official @RSAConference account and the #RSAC hashtag. You can also bookmark the RSA Conference Facebook page for updates as well.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
You can also keep tabs on what’s up with the TrustyCon and B-Sides conferences happening in the same week on Twitter, and I’ve included a bit more information about both of those events (and their relevant social media accounts) towards the end of this blog post.
RSA Conference Mobile Apps
One of the best ways to keep your RSA schedule up to date is to use the RSA Conference mobile app. There are dedicated versions of the app available for Apple iOS and Android devices, and there’s also an HTML 5-aware mobile web version that can be accessed by most other mobile devices. Sadly — and just like last year — there’s still no dedicated mobile apps for Windows Phone or Blackberry users, so the mobile web option is your only choice.
The RSA Conference 2014 mobile app (Source: RSA Conference)
Security Journalists, Analysts, and Attendees to Follow
There are a number of smart, security-minded people that I like to follow on Twitter when I attend RSA every year, and this year is no different. Here’s an informal (and somewhat unorganized) list of people that I’d suggest that anyone attending RSA keep tabs on, as they’re bound to say something educational, interesting, or humorous. If you have other RSA Conference personalities you’d like to see me add to this list, just add a comment to the end of this post, or reach out to me on Twitter.
- Mrs. Y – Network Security Expert – Twitter: @MrsYisWhy Blog: Security Princess
- Wolfgang Kandek – CTO of Qualys – Twitter: @wkandek Blog: Laws of Vulnerabilities
- Ben Rothke – Manager of Information Security, Wyndham Worldwide Corp. – Twitter: @BenRothke Blog: Ben Rothke
- Joshua Corman – Security Strategist – Twitter: @joshcorman Blog: Cognitive Dissidents
- Tim Wilson – Editor of Dark Reading Twitter: @darkreadingtim Blog: Dark Reading
- Eleanor Dallaway – Editor at InfoSecurity Magazine – Twitter: @InfosecEditor Blog: InfoSecurity Magazine
- Stu Sjouwerman – Founder and CEO of KnowBe4, LLC – Twitter: @StuAllard Blog: KnowBe4
- Dan Kaplan – SC Magazine Executive Editor Twitter: @DanKaps Blog: SC Magazine
- Erin Jacobs – Security Expert – Twitter: @SecBarbie Blog: Security Sociability
- Jack Daniel – Security Expert, Security B-Sides co-founder – Twitter: @jack_daniel Blog: Uncommon Sense Security
- Mark Russinovich – Microsoft Technical Fellow – Twitter: @markrussinovich Blog: Mark Russinovich’s Technet Blog
- Chenxi Wang – VP at Forrester Research, IT Security – Twitter: @ChenxiWang
- Jennifer (Jabbusch) Minella – Security Expert – Twitter: @jjx Blog: Security Uncorked
RSA Conference Freebies
One of the most rewarding aspects of many tech conferences is the sheer amount of free goodies that vendors will give away just to get show attendees to visit their booths. In addition to the avalanche of branded T-shirts, stress balls, pens, pencils, notebooks, and USB keychains, many vendors dangle the chance to win big ticket prizes like Xbox One consoles, iPads, and even motorcycles in front of attendees to get their attention. I blogged about the best T-shirts at RSA Conference 2013 last year, and I’ve posted up a new article on the best T-shirts at RSA Conference 2014 as well.
You don’t even have to hold a paid RSA registration to get in on the action. “Many vendors vendors attending RSA are actually giving out free pass to the RSA conference expo,” says David Holmes (@DholmesF5), a Worldwide Security Evangelist for F5 Networks and a veteran of many RSA conferences. “If you go on the first day or two the expo is open, some vendors are even giving out shopping bags to help you carry your freebies.”
Other RSA attendees have anonymously served up other expo tips, ranging from using a dummy email address when walking the show floor for freebies (to avoid emails from overly aggressive vendor sales people), and to enter all the prize giveaways you can. The numbers at tech conferences like RSA in your favor: While 10,000 people may attend a trade show, many people don’t have the time and/or interest to enter all the prize draws, and many others are prohibited from winning large prizes — like journalists, government employees, and other restricted groups — so that may leave just a few hundred people vying for that $15,000 motorcycle. So enter to win those prizes early and often.
Don’t Forget the Parties!
One of the most important social aspects of any trade show is getting the chance to meet old friends and new people at the dozens of parties, receptions, and other gatherings that surround the main event. Finding out where the best parties are can be a challenge, but the Twitter account @RSAParties is an invaluable resource focused on all the goings on after hours. It also provides a link to a public Google calendar that lists all of the RSA parties that the RSAParties team knows about.
Looking for a party at RSA? @RSAParties has the info you need.
Other Security Conferences: TrustyCon and B-Sides
As part of the fallout over the NSA/RSA allegations, a group of security researchers, organizers, and other interested parties have formed TrustyCon, a competing IT security conference that starts this year, and will be held on February 27th, 2014 at the AMC Metreon Theatre in San Francisco. You can keep tabs on what people are saying about this event by following the @TrustyCon Twitter account and Tweets tagged with the the #TrustyCon hashtag.
Another security event taking place the same week as the RSA Conference is the long-running Security B-Sides conference, which will be held Feb 23-24 at the DNA Lounge in San Francisco. Some RSA Conference participants have made attending B-Sides part of their regular RSA experience, so if you’re looking to broaden your security information horizons, you should definitely give B-Sides a look. Even if you’re not attending B-Sides in person you can follow the @BSidesSF Twitter account and the #BSidesSF Twitter hashtag.
Are you planning to attend the RSA Conference 2014 in San Francisco next week? If so, I’d love to hear from you. Drop me an email with your thoughts or touch base with me on Twitter, Google+, or Facebook (see below).