The U.S. iteration of the RSA Conference is the information security industry's biggest annual conference. The event, which runs from Apr. 20-24 at the Moscone Center in San Francisco, showcases cybersecurity's hottest trends, tactics and technologies. SearchSecurity's editors will be covering all aspects of RSAC 2015, so check back often for keynote coverage, exclusive interviews and in-depth coverage of hot-button items like threat intelligence, Internet of Things security, nation-state cyberespionage and much more.
Top news stories from RSA 2015
RSA's Yoran pushes for radical change in infosec
New RSA President Amit Yoran says the information security industry and RSA need radical change to stop evolving threats.
Business savvy key to security success
Executives are finally paying attention to security, but experts say to benefit infosec leaders must learn business-savvy security skills and think long term.
1Top-tier threats and risks-
Understanding and defending against digital adversaries
From nation-state cyberespionage and hacktivisim to targeted attacks and social engineering, the enterprise threat landscape has never been so varied and dangerous. Learn about the latest cyberattack trends and risk mitigation tactics from experts at RSA Conference 2015.
Some people think bug bounty programs are the answers to vulnerability woes, yet others remain skeptical of the negative impacts they present. RSA Conference panelists discussed both sides of one of today's hottest and most controversial IT topics. Continue Reading
An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business. Continue Reading
Cyberliability insurance gains popularity as industry experts warn that, contrary to popular belief, general insurance won't protect against cyberattacks. Continue Reading
As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them. Continue Reading
A panel discussion at RSA Conference 2015 outlined strategic methods enterprises can use to build and advocate for an insider threat program. Continue Reading
Researchers have found thousands of apps that feature insecure coding practices in implementing SSL protocols, which could lead to Android man-in-the-middle attacks. Continue Reading
The U.S. government wants to solve the weaknesses in online ID proofing systems, but it needs the help of enterprise and security professionals in order to overcome privacy concerns and other issues. Continue Reading
Huawei's U.S. CSO pitched the rigor of its supply chain security processes to RSA Conference 2015 attendees, but they remained skeptical at best on whether to trust the Chinese networking and security vendor. Continue Reading
At RSA Conference 2015 Microsoft expanded its bug bounties. The program will now include three new products, including Azure and Hyper-V. Continue Reading
The Internet of Things dominates the agenda at RSA Conference 2015, but experts believe enterprises should focus their attention on threat intelligence and other topics. Continue Reading
IoT, threat intelligence and security analytics
As interest in threat intelligence and security analytics skyrockets, plenty of other emerging technologies related to the Internet of Things, cloud computing, big data and the consumerization of IT are having a tremendous effect on enterprise information security programs. Learn what experts and practitioners are doing to get ahead of the negative security implications of emerging technologies.
In the cloud security realm, experts say improved cloud visibility and big data analytics are expected to be major themes at this year's RSA Conference. Continue Reading
The Cloud Security Alliance and the International Information Systems Security Certification Consortium introduced a new, jointly developed cloud security certification. Continue Reading
A Forrester analyst told RSA Conference 2015 attendees that enterprise threat intelligence programs are maturing, though obstacles like nascent technology and hard-to-find employees mean some firms may never reach full maturity. Continue Reading
At RSA 2015, former federal officials called for better government cybersecurity cooperation between agencies and with the private sector. Continue Reading
At an RSA Conference session, attendees learned how WestJet Airlines' Security Architecture Made Simple with software-defined security and automation reduced network turbulence. Continue Reading
Exploring enterprise security management issues
A CISO's life is rarely ever dull. Security policies, metrics and program management issues may not seem exciting, but each can be key to preventing a devastating data breach or security incident. Learn how to get ahead of these and other vexing enterprise information security management issues with advice from experts at RSA Conference 2015.
At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation. Continue Reading
Female infosec pros say the industry needs to do more to not only encourage women to pursue infosec careers, but also help mentor them along the way. Continue Reading
At RSA Conference 2015, speakers at an (ISC)2 panel said attracting and hiring millennials is a huge key to alleviating the worsening information security workforce shortage. Continue Reading
Qualys introduced three new offerings at RSA Conference 2015, including an improved Web application firewall and a new cloud agent platform. Continue Reading
Amazon, Google, Microsoft and others discussed a range of cloud security issues during a panel discussion at RSA Conference 2015. Continue Reading
At RSA Conference 2015, Microsoft's Scott Charney said cloud security products are the future, but to gain the trust of enterprise customers, they need to offer better cloud computing transparency and control. Continue Reading
At RSA Conference 2015 security officials from Microsoft, Google and more discussed cloud security and privacy improvements and top threats today. Continue Reading
At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches. Continue Reading
Experts at a Verizon event at RSA Conference 2015 say no data breach response plan is complete until certain human factors are considered. Continue Reading
At a roundtable discussion at RSA Conference 2015, security admins pondered what to do about bloated security portfolios. Continue Reading
Millennials are hesitant to pursue a career in cybersecurity, mainly because they aren't sure exactly what the job entails -- and if they have the proper training for it. Continue Reading
At an RSA Conference 2015 discussion on healthcare data security, experts with decades of experience perceive a unique challenge, while security pros see similarities with other verticals. Continue Reading
At RSA Conference 2015, a pair of DevOps proponents explained why the nascent movement to integrate development and IT operations staff pays security dividends. Continue Reading
4Filmed at the show-
RSA 2015 video
Our editors and reporters talk with security experts on the hottest topics emerging from this year's RSA Conference.
More data is thought to be a good thing in terms of threat intelligence, but iSight CEO John Watters says enterprises need to be aware of the quality and context of the data when assessing risk.
At RSA Conference 2015, Qualys CTO Wolfgang Kandek said enterprises need to be smart about how they tackle security vulnerabilities because there are simply too many for organizations to handle.
If you think your organization hasn't suffered a network security breach in the last six months, you're just not looking closely enough, according to Eric Cole at RSA Conference 2015.
Renee Guttmann, vice president of the Office of the CISO at Accuvant, talks to SearchSecurity about security leadership, and offers advice to today's aspiring CISOs.
Video: Robert 'RSnake' Hansen of WhiteHat Security discusses Web browser security, third-party software vulnerabilities and the sad state of browser security throughout the industry.
Tenable founder Ron Gula says sharing information to detect threats is great, but getting the security posture properly designed is the better option.
Video: Security information sharing and visibility platforms are being overlooked, according to Cisco's Martin Roesch, and that's a mistake.
Cisco security services SVP Bryan Palma discusses how Cisco's consulting teams have an early view of how the Internet of Everything will roll out.
John Dickson, principal at Denim Group, talks to SearchSecurity at RSA Conference 2015 about tried and true ways security admins have been able to attain security dollars despite tight resources.
Robert 'Rsnake' Hansen of WhiteHat Security discusses the Aviator Web browser, why Google lashed out against it, the challenges of browser security and lessons learned for developing secure software.
Video: Bruce Schneier, CTO of Resilient Systems, talks to SearchSecurity about the importance of strong incident response management in reaction to the 'year of the data breach.'
Google is fighting a constant battle against Android malware and vulnerabilities, and Adrian Ludwig, Google's lead for Android security, talks to SearchSecurity about how protections are getting better.
Secure software expert Gary McGraw says the IEEE Center for Secure Design can help companies find patterns in their software security flaws.
Kamal Shah of SkyHigh Networks talks with SearchSecurity about the rapid adoption of shadow cloud apps and services in the enterprise.
(ISC)2 executive director David Shearer responds to criticisms about the organization's lack of introductory certifications within its global academic program.
Security software expert Gary McGraw says testing for security flaws must be automated if everything is going to be checked.
Security expert Bruce Schneier says it's time to ensure a secure Internet exists for everybody, even if it makes Internet surveillance harder.
Cisco's Bryan Palma discusses Cisco's strategy for security services and talks about the recent Neohapsis acquisition.
Cisco network security involves numerous users and products; Martin Roesch explains why the huge amount of data that results from this is a good thing.
Video: KPMG's Ronald Plesco has seen some crazy things in his time helping organizations in security incident response, and he shares some of them with SearchSecurity.
At RSA 2015, Appthority president and co-founder Domingo Guerra outlines emerging mobile security risks enterprises must be aware of -- and the issues aren't limited to just bring your own devices (BYOD).