Research Revealed Track at RSA
For the past few months, I’ve been working with the folks at the RSA Conference to put together a track entitled “Research Revealed.” Our idea is that security needs to advance by getting empirical, and bringing in a wide variety of analytic techniques. (Regular readers understand that Andrew Stewart and I brought these ideas together in a book, “The New School of Information Security.)”
The content is really exciting. From the opening with a top rated speaker, Betsy Nichols, who’ll be talking about “Crunching Metrics from Public Security Data” continuing to Gene Kim’s talk about applying real analysis of practice to virtualization and a great panel talking about lessons learned from Election 2008, this track is just packed with hard facts and practical analysis.
Because I’m so excited by this, I’ve put the data into a Research Revealed .ics file you can use to bring these into your calendar.
I also extracted this table from the RSA website (it was hard to link), so you can easily see the track:
| Session ID | Title | Classification | Session Type | Scheduled Date/Time |
Speaker(s) |
| RR-105 | Crunching Metrics from Public Security Data | Advanced | Track Session | Tuesday, April 21 01:30 PM |
CTO,
PlexLogic
|
| RR-106 | Controlling Virtualization Security Risks: Tips from the Experts | Intermediate | Track Session | Tuesday, April 21 03:00 PM |
CTO,
Tripwire
|
| RR-107 | Technology Lessons Learned from Election 2008 | Advanced | Track Session | Tuesday, April 21 04:10 PM |
Senior Computer Scientist,
SRI International
Chief Technology Officer,
Open Source Digital Voting Foundation
Associate Professor,
Rice University
Associate Professor,
University of California, Berkeley
Associate Professor,
University of Iowa
|
| RR-108 | Security Risk Metrics: The View from the Trenches | Intermediate | Track Session | Tuesday, April 21 05:40 PM |
CTO,
RedSeal Systems
|
| RR-201 | Fraud Management Strategies of North American Financial Institutions | Intermediate | Track Session | Wednesday, April 22 08:00 AM |
Senior Analyst,
Aite Group
|
| RR-202 | Data Sources, Methods, and Challenges | Not Rated | Track Session | Wednesday, April 22 09:10 AM |
CEO,
The Security Consortium, Inc.
Program Manager,
Microsoft Corporation
Professor of Computer Science,
University of Pennsylvania
CTO,
PlexLogic
CTO,
Cigital
|
| RR-203 | Why Software is Still Insecure: Conclusions from a Ten-Year Study | Advanced | Track Session | Wednesday, April 22 10:40 AM |
Research Director, Secure Content and Threat Management Products,
IDC
CEO,
Security Innovation
|
| RR-301 | Into the Breach: An Analysis of Attack Data Trends | Intermediate | Track Session | Thursday, April 23 08:00 AM |
Software Engineer,
Google
Information Security Manager,
Google
|
| RR-302 | Best Practices for Mitigating Insider Threat: Lessons Learned from 250 Cases | Advanced | Track Session | Thursday, April 23 09:10 AM |
Senior Member of the Technical Staff,
Carnegie Mellon Software Engineering Institute
Technical Manager,
Carnegie Mellon Software Engineering Institute
|
| RR-303 | Using Science to Battle Data Loss: Analyzing Breaches by Type and Industry | Intermediate | Track Session | Thursday, April 23 10:40 AM |
Founder,
Interhack Corporation
|
| RR-304 | Cyber Warfare: Technology, Law and Ethics | Advanced | Track Session | Thursday, April 23 02:10 PM |
Professor and Program Coordinator,
Sheridan Institute of Technology and Advanced Learning
|
| RR-401 | The Data-Driven CSO: Steering Clear of Security Breaches | Intermediate | Track Session | Friday, April 24 09:00 AM |
Vice President of Technology & Innovation,
Verizon Business
|
| RR-402 | Closed-Loop Information Assurance | Advanced | Track Session | Friday, April 24 10:10 AM |
Principal,
Treadstone 71
|
| RR-403 | Applying Pattern Recognition in SOD, Fraud or GRC-Related Violations | Advanced | Track Session | Friday, April 24 11:20 AM |
Software Development Director,
Oracle
|
OK, having the track at all is a start, and you should be congratulated for this accomplishment. But the practice of announcing results based on proprietary data to a small group at a for-profit conference with closed proceedings that are made available only to full-program attendees isn’t going to have the effect on the industry that’s needed. The research tracks (this one and the crypto track) need to have open proceedings or at least open preprints.
The scientific community is moving towards open access to the raw data that goes into any published analyses, so that anyone can check the math or apply a different theory without having to spend huge effort on duplicating the data-gathering work. The fact that thinking about data at all for security analyses while keeping the details of the data and analysis tools secret is viewed as a major advance just shows how far from scientific most of our thinking remains.
Dean,
I see your point, and it’s a good one. I will say that many, not all, of the participants will be using public data and some are making their raw data available.
At the same time, moving a major industry conference towards the idea that you must show your data and test your assertions will be a really important step forward. My hope is that anyone who attends a Research Revealed track talk will see the contrast, and call out the differences.
If you’re at RSA, I’d encourage you to ask of all the speakers–back up that claim! Where’s your data? What makes that a best practice?