Kevin Beaver's Security Blog

My final takeaway from #RSAC

I said my farewell to the RSA Conference Tuesday evening but had some final thoughts about the show that I wanted to share with you.

In addition to the keynotes I talked about, I attended a mock trial session involving malware, a digital certificate acquired for ill-gotten gains, and a healthcare company that ignored all things HIPAA (heard that a million times!) as well as a session by HP’s Jacob West (an excellent presenter if you ever get a chance to see him) on mobile application security. Both were very well presented.

I had a chance to mingle with long-time colleagues and clients (many of which I met in person for the first time) on the show floor. It was also neat to see my book in the RSA bookstore – very humbling seeing it mixed in with some of the big sellers in our field.

Here’s my big takeaway from everything that I saw and heard…it’s something you’ve heard me say before and I’ll continue saying it until I retire. It was echoed in every presentation I attended and every bit of marketing literature I read. Be it the overall network, databases, mobile apps, people – whatever – you cannot secure what you don’t acknowledge. And so many of us are not acknowledging all the things that matter. So step back, see the big picture, fix the low-hanging fruit (the home-runs), put the proper tools and processes in place and then dig in further over and over again…never letting up.

Overall a really cool experience…you’ve got to go to the RSA Conference next year if you can.