Threat and risk specialists signal post-COVID conference season is back on
Well, we'll see in a week or so
RSA Conference For the first time in over two years the streets of San Francisco have been filled by attendees at the RSA Conference and it seems that the days of physical cons are back on.
The security conference trade has been more cautious than most when it comes to getting conferences back up to speed in the COVID years. Almost all cons were virtual with a very limited hybrid-conference season last year, including DEF CON, where masks were taken seriously. People still wanted to mingle and ShmooCon too went ahead, albeit later than usual in March.
The RSA conference has been going for over 30 years and many security folks love going. There are usually some good talks, it's a chance to meet old friends, and certain pubs host meetups where more constructive work gets done on hard security ideas than a month or so of Zoom calls.
So this year's RSA conference was a bit of a test case. Would the security community, rightly obsessed with risk management and threat evaluation turn up in force and get ready to mingle. The answer was yes, although with qualifications.
Visitor numbers were surprisingly perky. The organizers reported over 26,000 attendees, down on the 36,000 who attended in 2020 but not bad after two years of COVID. Full disclosure: this hack has been going to them for over 15 years, caught COVID at the 2020 event and skipped this year's shindig since my better half was struck by the virus last weekend.
However, the Reg's security expert did volunteer to attend. She says that while everyone was very keen on hand sanitizer freebies on the expo floor, masks were sparse sight indoors and outside the halls most people gave up as well.
- What keeps Mandiant Intelligence EVP Sandra Joyce up at night? The coming storm
- Cloud services proving handy for cybercriminals, SANS Institute warns
- Supply chain attacks will get worse: Microsoft Security Response Center boss
- US cyber chiefs: Moving to Shields Down isn't gonna happen
RSA last year was fully virtual, but this year there was a new twist. No more live-streaming of talks, a 24-hour delay was added. That's not massively important for most attendees, but was a sign that the era of hybrid or virtual conferences may be on its way out.
For conference organizers that's a boon. The real money at these events is made in the expo halls and if companies aren't prepared to spend hundreds of thousands on a stand stuffed with swag and salespeople there's not a lot of point in having the event. Certainly not for the new owners of this con - RSA sold off the event to private equity in March.
Black Hat and DEF CON, the stalwarts of this year's August hacker summer camp, will be livestreaming talks, although in the latter case it's up to specific community villages to decide if they will do the same. A few people went to the City of Sin last year, and infection rates were reportedly low, but when you're coughing your guts up who really calls the con organizers to tell them as a priority job?
We'll see how many attendees show positive in the next week or so. A recent study by the University of Texas [PDF] showed that indoor events are still risky, but it appears that many are ready to get out there again. See you in Vegas. ®
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- Trusted Platform Module
- Zero trust