Be sure to tune in to all of our RSA Conference 2023 USA coverage from San Francisco to hear stories from the keynotes, sessions, speakers, expo hall, community events, and so much more. And, yes, we decided to capture a lot of our coverage on video too, so be sure to check out the RSA Conference 2023 playlist on YouTube as well.

Given recent changes in the financial posture in nearly every economy, many organizations are faced with challenges from rising interest rates, bank failures, and dissipating venture capital. With this, and other fiscal issues that may be surfacing, how do security leaders look at budgets differently? In this session, we’ll explore:

How, where — and on which technologies — are organizations spending their money earmarked for cybersecurity?
How do they know they are spending the right amount of money in the right places at the right times?
How do security teams organize their thoughts, plans, and budget requests — and how do they present them to executive staff — to ensure they are speaking to these fiscal challenges they face in the context of the rest of the business?

How can these technologies be used for:

Education, training, skill development, and practice?
Better protection, detection, response, and recovery?
Program definition, planning, management, and measurement to create better results?
Connect security operations to the business to drive better business outcomes?
Given some of the controversy surrounding generative AI (ChatGPT), we will also explore the potential harms coming from the use of these technologies.

In this Chats on the Road to RSA Conference podcast episode, listeners are treated to an insightful discussion between Dr. Christina Liaghati, Sean Martin, and Marco Ciappelli about the evolving landscape of AI security, its impact on various sectors, and the proactive steps being taken to address emerging threats. Dr. Liaghati shares her unique experiences working with government sponsors and her involvement in the development of MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems), a knowledge base of adversary tactics, techniques, and case studies for machine learning (ML) systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research. ATLAS is modeled after the MITRE ATT&CK framework and its tactics and techniques are complementary to those in ATT&CK.

The conversation highlights how the rapid adoption of AI systems, combined with the lack of understanding of the risks involved, has led to new vulnerabilities and threats that need to be addressed. Listeners are also offered a glimpse into the challenges presented by the integration of AI into various systems, the need for collaboration between the AI and cybersecurity sectors, and the importance of understanding the new threat landscape created by AI adoption. Dr. Liaghati shares real-life examples of attacks on AI systems, emphasizing the need for constant vigilance and collaboration between industry, government, and academia to tackle these challenges.

The conversation also digs deeper into the potential consequences of AI deployment in high-stakes environments, such as finance and healthcare, and the importance of allocating resources to red teaming to identify vulnerabilities and secure these critical systems. By examining the current state of AI security and discussing the steps being taken to ensure its future, this episode provides an engaging and informative look at the complex interplay between AI, cybersecurity, and the systems we rely on every day.

In this Chats on the Road to RSA Conference 2023 podcast episode, Rohit Ghai, Chief Executive Officer of RSA Security, discusses the thought process that went into his declaring the looming identity crisis in the cybersecurity industry as the topic for his keynote session. Ghai examines the prominence of identity in cybersecurity and the impact of AI on human roles in the field. Sean Martin and Marco Ciappelli appeal to Ghai to explore the complexities of managing human and machine identities, the evolution of identity professionals' roles, and the significance of aligning AI with human values and business outcomes.

As AI becomes more pervasive and powerful, the conversation highlights the challenges of aligning AI with human values while grappling with the complexities of managing identities in an increasingly automated world. The conversation also focuses on the transformation of identity professionals' roles, emphasizing the need for a shift from hands-on tasks to a supervisory role where they can focus on high-value problems and decision-making.

In this Chats on the Road to RSA Conference podcast episode, former US diplomat Dana Linnet speaks about her transition from diplomacy to cybersecurity, highlighting her experiences and the lessons she learned along the way.

Joining hosts Sean Martin and Marco Ciappelli, Linnet offers insights into how culture plays a crucial role in addressing cyber threats. She discusses her time as a government CISO (Chief Information Security Officer) and ISSO (Information System Security Officer), which began during the early days of cybersecurity. She also discusses her involvement in establishing the NATO Cybersecurity Center of Excellence (CCOE) in Estonia after the nation experienced cyber-attacks from neighboring Russia and how important it is for governments to listen to people who know more than they do about cybersecurity.

As the conversation turns to the importance of culture in cybersecurity and how human behavior is a critical factor in preventing cyber-attacks, Linnet highlights the importance of information sharing, learning from digital threats, and adapting to the ever-changing cyber landscape. The hosts and Dana also discuss personal responsibility in cybersecurity and the need for leaders to take ownership of the problem.

The conversation highlights Linnet’s upcoming panel at RSA Conference. Focused on the topic of leadership culture in cybersecurity, the panel will dive into the role of boards and C-suites in leading and nurturing a security-conscious culture. The panel also touches on the value of diverse backgrounds in the cybersecurity industry, the challenges of changing culture, and how companies need to address the cultural gap between what they know and what they do.

Tune in to learn from Linnet’s experiences and get a fresh perspective on the intersection of cybersecurity, culture, and leadership. Don't forget to follow all of ITSPmagazine’s RSA Conference coverage. Be sure to share and subscribe to Redefining CyberSecurity Podcast to keep up with the latest trends in technology and cybersecurity.

In this captivating episode as part of our RSA Conference Coverage Chats on the Road series, Justin Hutchens, a seasoned expert in information security and AI, and hosts Sean Martin and Marco Ciappelli discuss the potential benefits and risks of integrating artificial intelligence (AI) and natural language processing (NLP) into various aspects of our lives. Justin shares his journey in AI, from attempting to crack financial markets to exploring its potential in social engineering.

Hutchens will be delivering a talk at RSA about the weaponization of large language models for fully autonomous social engineering systems and potential mitigation strategies. He will also lead a "birds of a feather" session on the ethics surrounding AI, touching on topics such as societal impacts, mental health, and job displacement.

The podcast delves into the perception and limitations of AI, emphasizing that it should be seen as a tool rather than a solution. Hutchens highlights the risks of integrating AI into business processes and shares his thoughts on the importance of human intervention to ensure the accuracy and safety of AI-generated outputs. He also mentions the possible advantages of using AI in security operations and its challenges in operational decision-making.

The conversation underscores the need for ongoing discussions covering the importance of ethics in AI, the rapid acceleration of AI development, its potential societal impacts, and understanding the necessity of balancing business objectives with societal concerns. Join this enlightening conversation as the trio discuss the power and responsibility that come with using AI and explore ways to mitigate the risks associated with integrating AI into organizations' workflows.

Don't forget to follow all of ITSPmagazine’s RSA Conference coverage. Be sure to share and subscribe to Redefining CyberSecurity Podcast to keep up with the latest trends in technology and cybersecurity.

Welcome to another exciting episode of ITSPMagazine Coverage of RSA Conference USA 2023, in San Francisco. Your hosts, Marco Ciappelli and Sean Martin, dive deep into an intriguing conversation with Ken Munro, a cybersecurity expert who shares a fascinating COVID story that led to some groundbreaking research on airplane cybersecurity. This episode is one you won't want to miss, and we encourage you to think about the conversation, share it, and subscribe to the podcast. If you happen to be at RSA Conference 2023 in San Francisco, be sure to visit the Aerospace Village!

When COVID-19 hit, the aviation industry experienced an unexpected outcome: an abundance of airplanes were retired earlier than anticipated. This led Ken and his team to explore airplane cybersecurity by accessing these grounded planes and learning about their systems. He shares his insights on the various networks found on airplanes and how these components interact with each other.

Our hosts dive into the burning question: can you hack an airplane from the passenger cabin? Ken assures us that it's not possible, as safety systems are carefully segregated from passenger entertainment systems. However, he does acknowledge that hacking could be possible in specific scenarios that require physical access to the plane's inner workings.

Ken's unique perspective as both a cybersecurity expert and a light aircraft pilot brings an engaging angle to this conversation. He emphasizes the importance of having pilots on board, as they have a vested interest in landing the plane safely. The thought of autonomous planes raises concerns, as pilots provide that crucial human element in critical situations.

So buckle up and join Marco, Sean, and Ken as they take you on an informative journey exploring the world of airplane cybersecurity. This episode will leave you thinking about the intricate systems that keep us safe while traveling through the skies. Don't forget to share this captivating conversation with others and subscribe to the podcast for more exciting episodes! And if you're at RSA Conference 2023 in San Francisco, make sure to visit the Aerospace Village to immerse yourself in this fascinating world.

In this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.

The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.

Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.

Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.

Welcome to the latest episode of the Redefining Cybersecurity podcast with Sean Martin. In this episode, Sean talks about the upcoming RSA Conference in San Francisco, which promises to be an eventful one with a lot of topics, one of which is the software bill of materials (SBOM). Sean recently came across a tweet by Allan Friedman, a senior advisor and strategist at the Cybersecurity and Infrastructure Security Agency (CISA), about his hope to speak at RSA on SBOMs. In this episode, Sean invites Allan to discuss what prompted him to put that tweet up and how things have transitioned in the last few years.

According to Sean, Allan and his team's work has played a significant role in pushing the software community to take action and to make some progress on SBOMs. During this episode, Allan shares his journey into CISA, his work before on coordinated vulnerability disclosure, and how the government can help create better markets for security. He also shares his perspective on how the proliferation of APIs and microservices has taken off in recent years and how the SBOM concept has become more relevant than ever.

If you're interested in learning more about SBOMs and how they can help organizations mitigate security risks and vulnerabilities, then you don't want to miss this episode. So make sure you subscribe to Redefining Cybersecurity Podcast on your favorite platform and share this episode with your colleagues and friends.

Welcome to this exciting episode where we take you on a journey to the RSA Conference in San Francisco, and even to space! In this episode, we get to explore the Aerospace Village and learn about the fascinating work of the group CT Cubed, all of whom are volunteers doing good things for society in aerospace. Our guests, Adam, Chris, and Henry share their stories and backgrounds, which have led them to their current roles.

The Aerospace Village at RSA Conference features many sub-villages and exciting activities, such as the work being done by CT Cubed. They focus on realistic training for engineering and analytical work, in addition to training, to keep current in the aerospace industry. Their work has led to the creation of a system of systems called the Mouse, which allows for realistic training of students in the aerospace field.

But that's not all! As Sean Martin, Marco Ciappelli and our guests discuss, there is a lot of activity happening in space, and we get the pleasure of connecting with some of the folks working on this topic through ITSPmagazine. It's one thing to read a book, watch it on TV, or listen to someone's story, but it's even cooler to get hands-on experience with it. And that's exactly what the Aerospace Village at RSA Conference provides.

So come join us on this thrilling journey to space and the Aerospace Village at RSA Conference, and learn about the exciting work being done by CT Cubed. Don't forget to share and subscribe to our podcast for more exciting episodes like this one!

Welcome to the Redefining Society podcast with your host, Marco Ciappelli. In this episode, we will be exploring the art of storytelling with our guest, Karen Eber. Karen is the founder of the Ebro Leadership Group, which helps companies build healthy leaders, teams, and culture through storytelling. Karen has a wealth of experience in this field, having spent 20 years as a chief learning officer and head of culture in the Fortune 500. Karen's TED talk on what happens in our brains when we listen to stories went viral, and she has a book coming out that explores how to use science to make your stories more engaging.

In this episode, we will be discussing whether stories need to have an ending, how to engage your audience with your story, and how the way you tell a story can make all the difference. Karen shares some tips on how to make your story more captivating, such as using specific details and unexpected scenes to hook your audience's emotions and senses. Marco and Karen also discuss how storytelling can be applied to the cybersecurity industry, and whether we need to tell more engaging stories to reach a broader audience.

And if you're attending the RSA Conference in San Francisco, be sure to catch Karen's session on storytelling. She even hints at a suspenseful story about crashing a reality TV producer's Christmas party, which she may share some nuggets about during the conference.

So, whether you're a seasoned storyteller or just starting out, join us on this episode of Redefining Society and discover how to use the power of storytelling to engage your audience and achieve your desired outcomes. Don't forget to subscribe and share with your friends!

Welcome to another thrilling episode of ITSPmagazine's RSA Conference US 2023 Coverage Podcast, hosted by Sean and Marco. In today's episode, we dive into an engaging conversation with Cecilia Marinier from the RSA Conference, who is responsible for managing the suite of innovation programs, and those aimed at college students. This captivating discussion will give you a deeper understanding of the exciting things happening in the world of cybersecurity innovation.

Cecilia shares insights into the Innovation Sandbox contest, an 18-year-old cornerstone event of the conference that has seen billions of dollars of investments and produced numerous successful companies. With a 150% increase in submissions this year, the top 10 companies have been announced, showcasing a diverse range of backgrounds and problem-solving approaches.

In addition to the Innovation Sandbox, we learn about Launchpad, an event that focuses on earlier stage startups, where three entrepreneurs pitch to venture capitalists. The venture capitalists themselves come from varied backgrounds, bringing unique perspectives and valuable questions to the table.

We also explore the Early Stage Expo, where 50 startups showcase their solutions, and a series of informative content sessions aimed at those interested in becoming entrepreneurs. The RSA Conference is committed to innovation, and this episode highlights the passion and excitement behind it.

Join Sean and Marco as they ask Cecilia about the criteria for selecting participants for the Innovation Sandbox and Launchpad events. We discover the importance of having a strong team, a novel approach to solving a problem, and the ability to demonstrate the potential for significant market impact.

If you're eager to learn about the future of cybersecurity innovation, this conversation is a must-listen. Don't miss out on this episode packed with valuable insights, and be sure to share it with others, subscribe to the podcast, and join us for more captivating discussions.

Welcome to ITSPmagazine's RSA Conference 2023 coverage, where we dive into the world of cybersecurity and engage with experts in a week full of fun and exciting activities. We're on the road to RSA Conference 2023 in San Francisco, and one event we can't miss is the Sandbox, specifically the Aerospace Village. In this podcast episode, we're joined by our good friends Steve Luczynski and Henry Danielson from the Aerospace Village to discuss what's in store for us at this year's conference.

The Aerospace Village is a small nonprofit run by volunteers from around the world, aiming to build relationships between government, industry, security researchers, and hackers, inspire people to join the cybersecurity workforce, and promote awareness in the aviation and space sectors. This year, RSA Conference 2023 features a Sandbox where attendees can interact with the latest technical hands-on experiences, learn from experts, and explore what's happening in the cybersecurity world.

In this episode, our guests discuss the various partners and activities in the Aerospace Village, such as CT Cubed's drone quadcopter simulation in AR and VR experience, IntelleGenesis's runway lighting scenario demonstration, and Boeing's continuous security level maintenance activity. You'll also get a chance to try out a real Airbus simulator, courtesy of pen test partners, to understand the potential vulnerabilities in electronic flight bags and their impact on pilot operations.

Join us for an exciting, fun-filled week at RSA Conference 2023, where you can learn, network, and discover the latest trends in cybersecurity. Don't miss out on this unique opportunity to interact with experts, explore cutting-edge technologies, and immerse yourself in the world of aerospace cybersecurity. Be sure to listen, share, and subscribe to ITSPmagazine's podcast for more exciting episodes and insights from the RSA Conference 2023!

Listen in to hear more about the theme, keynotes, sessions, speakers, expo hall, community events, and so much more. And, yes, we decided to capture this one on video too, so be sure to give that a watch for a funny moment as well.

Tune in and be sure to join us for all of our coverage coming to you before, from, and after RSA Conference USA 2023!

Watch the Video: https://youtu.be/PCeDpaXAoQk

Host: Phillip Wylie

Panelists:

• Jason Haddix, CISO and Hacker in Charge at BuddoBot Inc

• Ben Sadeghipour, Vice President, Research and Community at Hadrian

• Daniel Miessler, Founder of Unsupervised Learning

Show: The Hacker Factory Podcast

Episode Details: How has content creation improved and influenced cybersecurity through education and as an information source?

Watch the Video: https://youtu.be/d5k-1z6UMHk

Host: MK Palmore

Panelists:

• Sherron Burgess, Senior Vice President and Chief Information Security Officer at BCD Travel

• Larry Whiteside Jr., Chief Information Security Officer at RegScale

• Julian Waits, SVP & Executive in Residence at Rapid7

Show: The Leadership Student Podcast

Episode Details: A discussion with senior cybersecurity executives about the challenges of identifying and developing diverse talent and subsequently grooming them to become the cybersecurity leaders of the future. This panel will cover:

• There is limited diverse leadership at executive levels in cyber

• Helping young mid-career cybersecurity leaders with career pathing

• Challenges faced by diverse leaders in getting the roles where their skills and competencies can be highlighted

Watch the Video: https://youtu.be/hDLzA0N4izs

Hosts: Kayla Williams and Taylor Parsons

Panelists:

• Dr. Chaz Lever, Senior Director, Security Research, Devo

Show: Locked Down Podcast

Episode Details: In this discussion our moderators and panelists will cover the intricacies of the deeply technical pen test capability (knowledge, actual testing pros/cons) and how the GRC function helps translate those tests and the results of them into business context to demonstrate ROI on security investments made in the cybersecurity strategy. The panel will cover:

• Pentesting is a necessary demonstration of controls design and implementation.

• Speaking in a language the business decision makers (execs, Board) understands in pertinent to building a sustainable, yet flexible cybersecurity strategy.

• Collaboration amongst internal red teams and external pen testing companies with GRC teams can help drive budget decisions and proven ROI.

Watch the Video: https://youtu.be/imGn_QS-6wE

Host: Sean Martin

Panelists:

• Leah McLean, Vice President - Cybersecurity Specialist, Mastercard Data & Services

• Diana Kelley, Chief Security Officer / Chief Strategy Officer, Cybrize

• Davi Ottenheimer, VP Trust and Digital Ethics, Inrupt

Show: Redefining CyberSecurity Podcast

Episode Details: In this panel, we will explore the potential impact artificial intelligence and augmented reality technologies can have on the role of the security analyst and security operations. How can these technologies be used for

• Education, training, skill development, and practice?

• Better protection, detection, response, and recovery?

• Program definition, planning, management, and measurement to create better results?

• Connect security operations to the business to drive better business outcomes?

Given some of the controversy surrounding generative AI (ChatGPT), we will also explore the potential harms coming from the use of these technologies.

Watch the Video: https://youtu.be/dGH6DdD0BLo

Host: Sean Martin

Panelists:

• Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE

• Megha Kalsi, Director - Digital, Cybersecurity, AlixPartners

• Kristy Westphal, Director, Information Security and Operations, HealthEquity

Show: Redefining CyberSecurity Podcast

Episode Details: Given recent changes in the financial posture in nearly every economy, many organizations are faced with challenges from rising interest rates, bank failures, and dissipating venture capital. With this, and other fiscal issues that may be surfacing, how do security leaders look at budgets differently? In this session, we’ll explore:

• How, where — and on which technologies — are organizations spending their money earmarked for cybersecurity?

• How do they know they are spending the right amount of money in the right places at the right times?

• How do security teams organize their thoughts, plans, and budget requests — and how do they present them to executive staff — to ensure they are speaking to these fiscal challenges they face in the context of the rest of the business?

Watch the Video: https://youtu.be/BvYlJ48tmhA

Host: Alyssa Miller

Panelists:

• Maril Vernon, Co-founder of The Cyber Queens Podcast | Chief Operating Officer at Teach Kids Tech

Show: Securing Bridges Podcast

Episode Details: This panel will cover:

• Uniting security and the business

• The legal landscape for CISOs

Watch the Video: https://youtu.be/WellSeB1c_k

Host: Chloé Messdaghi

Panelists:

• Edna Conway, VP, Security & Risk Officer, Azure Hardware Systems & Infrastructure, Microsoft

• Diana Kelley, Chief Security Officer / Chief Strategy Officer, Cybrize

Show: Secure Your Strategy Podcast

Episode Details: This podcast episode emphasizes the importance of prioritizing security team wellness and taking proactive measures to build resilience in the face of evolving cybersecurity threats. It offers strategies and initiatives that organizations can adopt to reduce burnout, foster a positive workplace culture, and better prepare for potential security incidents. By investing in security team wellness and being proactive, organizations can maintain a strong cybersecurity posture and minimize the impact of security incidents. The panel will cover:

• The importance of prioritizing security team wellness to reduce burnout, foster a positive workplace culture, and promote a healthy work-life balance.

• The need for proactive measures, such as regular training and education, threat modeling exercises, and incorporating security into the development lifecycle, to help security teams build resilience and better prepare for potential security incidents.

• The benefits of investing in security team wellness and taking a proactive approach, including maintaining a strong cybersecurity posture, minimizing the impact of security incidents, and ensuring the long-term sustainability of the organization's security program.

Watch the Video: https://youtu.be/hCZQH3o6aLc

Host: Ben Schmerler

Panelists:

• Arvin Bansal, CISO Americas, Nissan Motor Corporation

• Justin Beachler, Director of Trust and Security at BugCrowd

Show: Tech Done Different Podcast

Episode Details: The segment is going to tie into the theme of RSAC, which is "Stronger Together". Ben's idea was to get decision makers together to discuss "Managing Security Risks When There Are Too Many Cooks In The Kitchen". More importantly, the idea is to talk about how managing security is challenging in part due to the fact that there isn't really one expert, product, service, or leader who knows all there is about security, yet we have to protect ourselves from a variety of risks anyway. We want to get into how to deal with these management and leadership challenges and hopefully get into strategy. The panel will cover:

• Prioritizing security risks from different security disciplines.

• Finding the right talent to handle these diverse risks and related expertise?

• What kinds of security management tasks make sense to outsource in order to achieve better results, and which require in house experts?

• How do you deal with the changes in how we view managing security and where do you think this is going in the future?