RSAC is the largest cybersecurity conference in the world. Leaders and practitioners across all sectors come together to tackle challenges, all under the maxim of “managing risk.” But what does “risk” actually mean at a security conference? Is it a mythical pursuit? Marketing buzzword? Or generic substitute for “the thing we need to detect/prevent/remediate”?
RSAC Chairman Dr. Hugh Thompson opened this year’s conference by asking: “How do we operate with purpose in a time of great uncertainty?” This simple question is at the core of risk management and marks a radical departure from the security status quo. Where security focuses on “operate,” risk focuses on “uncertainty.” The goal of risk is to make better decisions that maximize opportunity and minimize loss while operating under uncertain conditions. Security and risk intersect by leveraging security data about today’s operational environment to make risk-informed trade-offs.
Where Does Risk Fit In At A Security Conference? Even In Places You Don’t Expect.
Of RSAC’s 535-plus open conference sessions, more than one-third prioritized risk-centric topics. Regulatory compliance…
