By Aimée Larsen Kirkpatrick
RSA. The anticipation. I look forward to this conference every year. RSA was my entry into cybersecurity. It’s where I cut my teeth and where I first made friends in the industry. This will be my 12th year at RSA and my 12th year in cybersecurity.
I had just started a new job with a cybersecurity nonprofit based in Washington, DC. My task was to run a national awareness campaign. Simple. Easy. I had just come off of running several very successful social change campaigns; I had this. What I had was…not a clue. I thought cybersecurity would be easy – I knew about passwords (or thought I did) and a thing or two about firewalls, and even a little about access management. But, really, I knew so little.
After two weeks at my new place of employment I made the trip from DC to San Francisco. I was tasked with attending several meetings and running a number of others. It was like being fed with a fire hose. But I took the opportunity before me and made a lot of connections – many of whom I count as friends to this day. They were the people who answered my questions, whom I sought out for advice.
The experience twelve years ago was almost overwhelming. I saw the good side of the industry and the ugly side of the industry. Upon reflection, there has been a lot of change. The conference has grown considerably – almost tripled in attendance, more vendors, more people taking over San Francisco. The conversation has shifted. I recall the conversation twelve years ago being about botnets, passwords, information sharing, and public-private partnership (I’m sure there was more, but these are the things I remember). This year I expect to be hearing more about blockchain and cryptocurrency, AI, machine learning, cloud security, and the ever-present, ever-changing threat landscape.
Twelve years ago some of the behavior I saw and experienced was cringe inducing. The booth babes and the harassment was off-putting at best. At worst…well, it was pretty bad. The lack of diversity – diversity of all types – but particularly the lack of women, was concerning. Over the past few years I’m pleased that the industry and the conferences have taken steps to address these issues. Companies, and the conferences, have raised the bar on what is acceptable behavior and decreased the tolerance for the questionable. There is a movement to increase diversity in cybersecurity. Organizations like the ICMCP, ISACA and IEEE are beginning to make their mark. Certainly there is much to be done and a long way to go, but the first steps have been taken.
I’m looking forward to this year’s conference. It’s a chance to have a finger on the pulse of the industry and stay abreast of emerging technology. But most importantly, for me, it’s a chance to strengthen existing relationships. To reconnect with friends and colleagues, perhaps find new ways to collaborate. And it’s a chance to forge new relationships. Perhaps it’s to meet with someone I’ve been communicating with via email, read about in an article, or met through good old fashioned networking. It’s about finding common ground and places where we can make a difference together. For me, the heart of RSA is all about connection.
If you want to connect at RSA, drop me a line. I’d love to see you.