The biggest challenge in attending the RSA Conference is picking which sessions to attend — there are just so many great opportunities to hear from companies and experts. As one of RSA’s three premier Archer partners in North America, we’re focusing our attention on the latest issues and trends in Governance, Risk and Compliance at this week’s event in San Francisco. Here are seven sessions that we’re planning to attend:
Bringing Cybersecurity to the Boardroom (Tuesday)
Bret Arsenault, Corporate Vice President and Chief Information Security Officer, Microsoft Corporation
As cybersecurity becomes a more pressing issue to the enterprise, security leaders are finding themselves presenting cybersecurity risks and strategies to a new group: the board of directors. Microsoft CISO Bret Arsenault will share his learnings on working with boards to provide the right level of risk awareness and to drive informed investments for an enterprise-level cybersecurity program.
Integrating Cybersecurity into Supply Chain Risk Management (Wednesday)
Jon Boyens, Program Manager, Cyber Supply Chain Risk Management (SCRM), NIST
Cyber–supply chain risks pose a new set of challenges for businesses (loss of critical IP, unwanted functionality in products) which jeopardize brand reputation and shareholder value. This session will present case study research from NIST on cutting-edge practices and tools that today’s industry leaders in supply chain risk management are deploying to secure their supply chains from end to end.
How to Measure Anything in Cybersecurity Risk (Wednesday)
Doug Hubbard, CEO, Hubbard Decision Research
Security leaders must master analytics skills to compete in a data-defined world. We will cover research from How to Measure Anything in Cybersecurity Risk (Wiley 2016). Our thesis is that we compete with the “bad guys” on analytics. Security talent and technology are parameters to a larger, more strategic, decision making model.
How to Prepare for Cybersecurity in 2020 (Wednesday)
The Future of Privacy (Thursday)
Trevor Hughes, President & CEO, International Association of Privacy Professionals (IAPP)
This session will examine the implications of emerging technologies that will shape privacy and public policy debates in the future. From wearables and facial recognition to the ubiquitous use of Big Data, understanding the potential privacy implications of these advancements is essential to ensure the industry addresses issues that could potentially stifle innovation and adoption.
Measuring What Matters(Thursday)
Lisa Young, Senior Engineer, CERT
It is critical to measure the right things in order to make better-informed management decisions, take the appropriate actions, and change behaviors. But how do managers figure out what those right things are? A measurement approach tied to strategic business objectives ensures that planning, budgeting, and the allocation of operational resources are focused on what matters to the organization.
The Cybersecurity Risk Information Sharing Program: Bi-Directional Trust (Friday)
Michael Smith, Senior Cyber Policy Advisor to the Assistant Secretary, U.S. Department of Energy
The Cybersecurity Risk Information Sharing Program (CRISP) is a public-private partnership, co-funded by the U.S. Department of Energy and industry. The purpose of CRISP is to collaborate with energy sector partners to facilitate the timely sharing of threat information and develop situational awareness tools to enhance the sector’s ability to protect their critical infrastructure and key resources.
If you’re attending the conference and would like to meet up, send us a note at firstname.lastname@example.org