Busy day here at San Francisco with many events happening on day one of this information security week.
Sessions at RSA won’t start until tomorrow, but I had the opportunity to attend some really interesting sessions at BSides. Because of my interest in all things compliance and security, I have to admit that the most informative session was “Being Sneaky About Security and Regulations” by Mike Dahn (@MikD on Twitter) and Brett Hardin (@MiscSecurity on Twitter).
They talked about having security as an end goal, and using compliance as a means to help you get there. Information security professionals also related to the PCDA (Plan Do Check Act) concept and how most often compliance requirements are missed when there’s human intervention and manual tasks (the Check piece). Brett also reminded us about the three pillars of infosec: CIA (confidentiality, integrity and availability). They definitely packed the house.
Metricon also took place this morning, with some great talks by Alex Hutton from Verizon Business. The American Growth Capital conference was also taking place this morning. If you would like to join in the conversation and follow any of these events from the comfort of your office, follow @TripwireInc on Twitter or search for the event hashtags (#RSAC, #BSidesSF, #metricon, #AGC).