Know Before You Go: Your Guide to RSAC 2024

The cybersecurity community is filled with excitement as the 2024 RSA Conference (RSAC) nears. With more than 500 sessions, deciding which events are must-attends and which keynotes will be first-class can be overwhelming. 

Varonis has your back. Our team has compiled the top sessions you won’t want to miss, organized by day, time, and department. Follow our agenda below to ensure you’re taking advantage of everything RSAC offers.

And don’t forget to stop by Varonis’ booth #N-5658 and say hi — we’d love to meet you! Discover all that we’re up to at RSAC 2024 here. 

For technical engineers, system admins, and incident response teams 

RSAC is an excellent way for folks to enhance their skillset with sessions dedicated to their disciplines. If you’re a technical bookworm, consider attending the following sessions to elevate your expertise.

Monday, May 6 

Looking for insights into what a defender sees? Want hands-on learning experience? Attend On the Wire – An intro to APT Analysis and Hunting (8:30 – 10:30 a.m.). This session will cover identifying, tracking, and analyzing TTPs from a selected threat actor and other granularity examples. 

Attend the Beginner’s Guide for Destroying FIDO2’s Security (10:50 a.m. – 11:40 a.m.) to explore the FIDO Passwordless Authentication's strengths and weaknesses, WebAuthn protocol fundamentals, and use famous attack tactics such as MITM and session-hijacking to breach FIDO authentication mechanisms. 

The Optiv team will present Controlling a Data Footprint – How to Build a Data Disposition Framework (1:10 – 2 p.m.) that reviews how to build a data disposition framework that allows companies to determine how long information should be stored and how to protect, alter, or destroy information to meet requirements. 

Tuesday, May 7 

The Flying Under the Radar – New Security Evasion Techniques (8:30 – 9:20 a.m.) session will cover the latest evasion techniques used by threat actors and explain how these techniques evolved from the original tools used by threat actors. 

Join the lab Attack and Defend: How to Defend Against Three Attacks Affecting APIs (1:15 – 3:15 p.m.) to gain a better understanding of common attacks affecting APIs and learn available defense options. 

Wednesday, May 8 

Join Microsoft to learn how to avoid prevalent and damaging security anti patterns for You’re Doing It Wrong! Common Security Anti Patterns (1:15 – 2:05 p.m.). You’ll leave with laughs and new best practices to avoid pitfalls like shiny object syndrome, toolapalooza!, blamestorming, and more! 

SANS is bringing back their fan-favorite briefing on dangerous new attack techniques in use today, what's coming next, and what organizations must do to prepare with their session, The Five Most Dangerous New Attack Techniques You Need to Know About (4:15 – 5 p.m.). Hear insights from a top-notch panel on their defensive strategies to address the most damaging emerging attack vectors.

Thursday, May 9  

Microsoft is back for closing day with VP of Identity Security Alexander Weinert presenting, The Storm-0558 Attack – Inside Microsoft Identity’s Security Response (12:30 – 1:20 p.m). Discover what worked and what didn't when defending against this APT actor. 

For executive leaders, legal teams, and management 

Is there burnout in the cybersecurity industry? Are there new legal requirements you should know about? The answer is yes, and executive leaders and corporate teams can level-up their knowledge with various talk tracks. 

Monday, May 6  

A panel of insurance and legal experts will break down what to expect in the underwriting process, coverages, and claims trends, as well as regulatory, litigation, and legislative developments during The Art of Cyber Insurance: What’s New in Coverage and Claims (1:10 – 2 p.m.). 

New regulations are passing quickly, from the SEC’s new rules to California’s proposed cybersecurity audits and the FTC’s novel legal theories on AI to personal liability. Discover what you need to know from a legal stance in Regulation on the Horizon: What You Wish Your Lawyer Had Told You About (2:20 – 3:10 p.m.) 

CISOs should plan to hear the advice of a panel of cybersecurity leaders in Life after the Breach: A Survivors Guide (8:30 – 9:20 a.m.). The group will share their experiences from the onset and aftermath of data breaches and provide significant takeaways on what to do if your incident plan fails. 

Tuesday, May 7  

We’ve got all eyes on the morning session Gartner’s Top Predictions for Cybersecurity 2023-2024 (8:30 – 9:20 a.m.), during which Leigh McMullen will share insights into how gen AI and cybersecurity have collided with a strong emphasis on the story behind the story, without more fear, uncertainty, and doubt. 

Speaking of uncertainty and doubt, Burnout in Cyber: The Intersection of Neuroscience, Gender, and Wellbeing (2:25 – 3:15 p.m.) will focus on research into burnout in the cyber industry and how leaders can create a healthier, happier workforce for all.

If learning more about SEC cybersecurity rules is on your to-do list, we suggest attending Techniques to Evolve Risk Governance and Comply with SEC Cybersecurity Rules (1:15 – 2:05 p.m.) to see how you can establish appropriate risk governance at your org.

Thursday, May 9  

Director of Cybercrime at INTERPOL Craig Jones has learned quite a few lessons about leading a global law enforcement cybercrime program. Join his session, Director’s Cut: A Dummies Guide to Leading a Global Cybercrime Program (8:30 – 9:20 a.m.), to see how you can reduce the global impact of cybercrime and protect communities for a safer world.

For those all-in on AI  

AI is the talk of the town, and several RSAC sessions tackle the topic this year. When it comes to AI security, there is still much for cybersecurity professionals to learn. 

Monday, May 6  

Join our friends from Forrester for a session titled, Use Generative AI to End Your Love/Hate Relations with DLP (8:30 – 9:20 a.m.). Principal Analyst Heidi Shey will share an approach to data security for gen AI use in which DLP is an outcome and not a single data control. 

CERT experts from Carnegie Mellon University are also sharing insights into Creating an AI Security and Response Team (8:30 – 9:20 a.m.). During their session, they will share the process of creating the first AISIRT and how it can help when an AI or ML system causes someone to have a bad day. 

Tuesday, May 7  

Security and privacy concerns have caused several organizations to be hesitant to deploy the power of generative AI tools like Microsoft Copilot. Ensuring users don’t have access to what they don’t need is more important than ever, as AI makes it easy to find and use enterprise data that could contain sensitive information. Join Varonis’ Brian Vecci for an insightful discussion on How to Safely Deploy AI Copilots (9:40 – 10:30 a.m.). He’ll share an operational plan to deploy Microsoft Copilot quickly while minimizing risk. 

Cybersecurity pros looking to expand their knowledge of how AI will impact the industry can attend AI in Cyber: Is the Cyber Profession Ready for Its Impact? (1:15 – 2:05 p.m.) ISC2 CEO Clar Rosso will share insights from researching more than 1,000 cyber pros to enhance your readiness for the AI challenges and opportunities that lie ahead. 

Wednesday, May 8  

Your AI-focused lineup is not complete without attending the Reducing AI’s Blast Radius: How to Prevent Your First AI Breach (3:35 – 3:55 p.m.) keynote session. Varonis’ Matt Radolec will show you real-world examples of data exposures and what to avoid as you adopt AI, so you can reduce AI’s blast radius and keep your crown jewel safe. If your organization plans to harness AI's power with tools like Microsoft Copilot, this is a presentation you don’t want to miss. 

You can also learn more about how cybercriminals will use generative artificial intelligence with Trend Micro’s presentation, Beyond the Hype: Research on How Cybercriminals Are Really Using GenAI (2:25 – 3:15 p.m.). 

For fans of fun and entertainment  

Grab the popcorn and movie theater candy. If you’re looking for a good laugh or insights on cybersecurity outside of everyday norms, there are several RSAC sessions to note. 

Monday, May 6  

Enjoy a journey through a spiderweb of crypto, cops, and libertarian coders with Crypto to Kim Jong Un: Laundering the Loot from the World’s Fastest Heist (8:30 – 9:20 a.m.) by author and investigative journalist Geoff White. 

If you’re looking to make an impact with your org’s cybersecurity experiences, join Karen Eber’s session titled The Perfect Story: How to Tell Stories that Inform, Influence, and Inspire (8:30 – 10:30 a.m.) She’ll teach participants effective storytelling techniques to elevate their communications and create memorable stories.

Tuesday, May 7  

For our Varonis customers, we invite you to experience RSAC relaxation at our exclusive, invite-only VIP event, Better Than Breakfast in Bed. We will have a gourmet breakfast prepared by Executive Chef Xavier Camacho, free chair massages, and premium Varonis swag — in addition to insights into our new MDDR service. Interested in attending? Request an invitation today. 

If you’re more of a night owl, we recommend Optiv's RSAC After-Party! Register to save your spot and dance the night away with sponsor Varonis and the Optiv crew from 7 – 10 p.m. at the historic August Hall downtown. 

Wednesday, May 8  

Looking for a session that is out of this world? Attend Why Outer Space is the Next Frontier for Cybersecurity (9:40 – 10:30 a.m.) to hear why cyberattacks could be a mode of conflict in outer space with insights from the presenter’s NSF project that has yielded surprising scenarios. 

Anything is possible, and no one knows that better than Ted Lasso, aka Jason Sudeikis. Join a live Conversation with Jason Sudeikis (11:30 – 11:55 a.m.) for Wednesday’s keynote presentation to hear the actor, comedian, and writer’s insights, laughs, and inspiration. 

BlackGirlsHack is all-in on the gaming industry for their session, Blackjack and Breaches: History of Ransomware on the Casino Industry (2:25 – 3:15 p.m.). Delve into how threat actors have navigated through the industry’s defenses, leaving behind a trail of financial and operational disruption. This session is enriched with discussions on the sector’s unique ICT and IOT challenges and multifaceted responses. 

Stay in the know during RSAC with Varonis.  

If you can’t tell, we’re excited about what the RSAC 2024 holds! Follow Varonis on LinkedIn, X (Twitter), and YouTube for real-time updates, live coverage, and behind-the-scenes glimpses from RSAC 2024. 

Want to join us at RSAC 2024 and need a pass? Enjoy a FREE expo pass on us! Find more details here.