An @RSAConference predictions thread in preparation for my attendance at #RSAC2022 next week...
At least one touched-in-the-head vendor will have swag that plugs into your USB port and will inevitably be confounded by why they get laughed at for it.
There are 470 listed sponsors for #RSAC2022, which means that there will be roughly a dozen differentiated products all told. Most will be marketing as some kind of firewall.
There will be what amounts to a Rorschach test for attendees: a bunch of vague squiggles on cards, all labeled "Zero Trust" so you can figure out what exactly that means to you.
China, Russia, Iran, North Korea, and Portugal will be listed as potential threat actors.
Portugal: "What the *HELL* are you talking about?"
Vendor: "If we didn't include you our FUD would look just like everyone else's."
Portugal: "What the *HELL* are you talking about?"
Vendor: "If we didn't include you our FUD would look just like everyone else's."
A fun game to play: whenever a speaker from COMPANY starts talking, google "COMPANY data breach" and see what pops up. There's nothing like failing at security to give a company some old-time religion.
When vendors tell you how good they are both at assessing and defending against risk, note whether their booth staff are wearing masks in the midst of a pandemic.
I bet I'll be able to bait at least one vendor into agreeing with me that encryption-at-rest of S3 buckets is a Very Important Security Issue.
Collect swag. Note how it's flimsy and made by the lowest bidder. This is possibly an allegory for other things with the company's logo on it--like their products.
There's a lot of FUD that's going to be going around. Something that is absolutely not FUD: "if you roll your own protocol / encryption and aren't one of maybe four companies, you are almost certainly a dangerous lunatic."
• • •
Missing some Tweet in this thread? You can try to
force a refresh
