Facebook Tracking
February 25, 2019

Tips for RSA 2019

Category: Blog

 

I have been attending RSA for more than 15 years. It's an intense, long week but a rare opportunity to meet with many strategic security leaders and professionals all in one concentrated location. It can be very productive if planned right. Here are a few tips that have helped make my time worthwhile at RSA over the years. Please forward this post to anyone you know attending for the first time or you think will find it useful.

 

Tip #1 Don’t forget the essentials: business casual attire, and business cards

You will occasionally see attendees in jeans and a t-shirt, but RSA has turned into a more business security conference over the years. Expect to see a lot more suits in and outside of the conference. You'll see the usual swag of conference t-shirts along with the latest and greatest gizmos (are people still giving out fidget spinners?). So for those of you that spend most of your year in jeans and t-shirt, this is your time to break out your suit and business wear. Keep your casual wear for Blackhat and your kilts for DEFCON. Lastly, remember those business cards. You'll be meeting a lot of people, and my tip is to not only ask for their business card but bring a pen and write the context of your meeting on the front or back of any business card you get as well as the cards you give out. Last year, I had over 200 business cards by the end of the week. The human mind is not meant to remember that much information. Write it down! 

 

Tip #2 Plan ahead but allow flex time

Plan as much as you can before you arrive at RSA. With over 45,000 attendees, RSA can be very overwhelming, so it's best to set up your goals and agenda before you get there. Everything from vendors you want to visit on the expo floor, meetings you want to set up with partners or colleagues, to the presentations, parties, and activities you wish to attend.  That being said, make sure to have flex time and leave gaps for unexpected meetings or activities that might come up. It's a full week, so also use that flex time for downtime to grab a breather, gather your thoughts and reflect on meetings and action items.

 

Tip #3 Walk the expo floor with an agenda

The first time you see the RSA expo floors, you'll immediately feel overwhelmed. Hundreds of thousands of dollars spent on booth setups, huge TV screens, booth attractions, demo presentations and the like.  There are hundreds of vendors trying to attract your attention, while thousands of busy attendees are walking in every direction. Not much different than outside the expo floor now that I think about it.  Both the full conference pass or free expo pass will give you access to the expo floor to visit vendors. There are two main areas for the Expo floor, the North Expo Floor and South Expo Floor (Note: AttackIQ will be in the North Expo at Booth #4206). Even though north and south expo floors have both startups and veteran security companies, there is an additional area for companies that are just emerging out of stealth called the Early Stage Expo area. Here is the complete list of RSA exhibitors to review and mark who you want to find out more information here, What I suggest is to look at the Expo floor map, make a list of the product categories and vendors you want to see and arrange your agenda by vendor location. 

 

Tip #4 Treat talking to vendors at booths like speed dating

Walking the expo floor can be intimidating, but it doesn’t have to be. Treat walking up to vendor booth and having conversations like speed dating.

Attendee needs (you):

  1. Find the vendor you want to learn more about
  2. Ask staff in the vendor’s booth about technology offering(s)
  3. Share information about your background and needs
  4. Determine if the vendor’s value proposition matches with your current or future priorities
  5. If YES: Exchange information to contact the sales rep, if NO, simply say so and excuse yourself
  6. In another case, you might find the technology interesting, but not something you are looking to deploy now. In that case, you can take some datasheets and contact information to follow-up for a more in-depth conversation and/or demo in the future.

 

Vendor needs (e.g. AttackIQ):

  1. Find industry attendees to talk to
  2. Share information about company and technology offering with attendee
  3. Ask the attendee for their background and needs
  4. Determine if there is a match between value proposition and attendee need, and current or future priorities
  5. If YES: Scan badge and exchange information to contact attendee later, if NO, simply thank attendee for their time and feedback
  6. If there is interest, but just not in the short term, it might be worth an exchange of information to follow-up at a later time.

 

One point worth stressing about speaking with vendors is that the more you can share about your background and needs, the better the vendor can frame the conversation to be more relevant to your needs. At AttackIQ, we have use cases and case studies around Continuous Security Validation and Breach and Attack Simulation we can share that is different depending on if your role is strategic within security or risk, or if you are a practitioner. 

Treating your journey on the expo floor like speed dating will benefit both you as an attendee and the vendor who are just trying to see if there is a match to move forward.

 

Tip #5 Setup meetings and meeting locations before you get to RSA

RSA is primarily a conference to meet vendors, partners and create new relationships or continue existing relationships. Since the presentations will be available online afterward, limit the number of presentations you attend in favor of spending your time interacting with people that you typically would not have the chance to talk with. Make sure to plan your meetings. If it's with a vendor, most vendors will have hotel rooms specifically set up for meetings, or you can meet them at their booth. If you're not meeting a vendor or if you're looking for another location, the surrounding hotels and their lobbies are a great place to meet:

  • The W
  • St. Regis
  • Westin
  • Marriott

I also recommend using cafes in the area for your meetings:

  • Peet’s Coffee
  • Starbucks
  • Samovar Tea Lounge, Yerba Buena Gardens (make a reservation first)
  • The Grove Yerba Buena (great breakfast spot)

 

Tip #6 Skip MOST of the presentations

If you look at the conference lineup this year, it seems incredible. It should as this is a very vetted Call for Papers process that selects it's speakers a year in advance. Most, if not all, of the presentations will be online for you to watch. My recommendation is to spend your time with people vs seeing presentations. Take part in any user group that is getting together or particular special topic or training that you've signed up for. When it comes to speakers, attend only if you want to see that specific speaker or panel and perhaps meet the presenter or panelist in person. Otherwise, if you're just there to hear the topic, you can wait until it hits the Internet. Your time is better-spent meeting as many people in person.

 

Tip #7 RSVP early for RSA parties

Every major vendor will have a party to attend, so there will be no shortage of evening activities and some of these parties are over the top. Last year, one security vendor had Fergie performing. The year prior, another security vendor had Alice in Chains. It helps to RSVP before you arrive in San Francisco to ensure you get in.

There a few websites that try their best to consolidate all the RSVP links here. My advice is to RSVP for more than one event or party each evening, as the week will be a bit chaotic. It's best to leave yourself with a few options depending on who you meet at the conference and where they are headed. Note: The AttackIQ party with Cofense and Recorded Future is an invite-only, so you'll have to contact your AttackIQ sales rep to get an invite. 

 

Tip #8 Venture outside of RSA/Moscone for some SF Evening Activities 

San Francisco is a fantastic city. You might be coming from afar or live close. Either way, it's a long week, and you will be doing yourself a favor if you venture outside of the three block radius that is RSA/Moscone. 

Here are a few recommendations that are within walking distance:

  • Yerba Buena Gardens
  • Union Square (then take a cable car)
  • China Town
  • North Beach
  • The Embarcadero and the Ferry Building

---

Enjoy yourself and have a productive RSA 2019!

About the Author

Stephan is the Co-Founder and CTO of AttackIQ. He is a 20 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant, solutions architect and head of research and development. He has presented at numerous conferences including RSA, Blackhat, ToorCon, BSides, CanSecWest, RECon, AusCERT, SecTor, SOURCE and PacSec.