After last year's sexism shambles, 2019's RSA infosec bash has upped its inclusivity game
Latest diversity push welcome amid fears the infosec circuit is 'moving backwards'
RSA As San Francisco gets ready for its annual RSA gabfest Conference, taking place next week, organisers appear to have got the message over inclusivity following last year's fiasco.
When the 2018 event was initially announced, many in the infosec industry were shocked that, despite the wealth of talent across all genders in the sector, precisely one non-male keynote speaker had been booked – Monica Lewinsky. The matter wasn't helped by the RSA Conference's initial response that the computer security world was male-dominated, and they just couldn't find good women speakers.
This was embarrassingly proved to be garbage when a group of volunteers, operating on a shoestring budget and working in their spare time, managed to get the OURSA conference up and running, with 14 senior women in the cybersecurity industry giving a range of talks. This practical demonstration seems to have shamed the organizer's into action, and now there's a much more diverse lineup of speakers for this year's shindig.
"They have made a lot of progress in gender parity this year," Melanie Ensign, Uber's head of security and privacy communications, and one of the OURSA conference organizers, told The Register.
"What's missing is the overall acknowledgement of the environment and culture of the conference. When you think about culture, it doesn't matter how many women are on the show's stages if I'm getting harassed on the show floor. I know they can do better, they have the resources and means to do it."
Someone else's problem
One senior woman security executive, who wished to remain anonymous, reckoned this isn't entirely the conference's fault. The organisers auction off many of the keynote spots to the highest bidder, and it's up to the paying companies to decide who they send – and in the past, they've put mostly blokes on the stage.
"Companies think of it as RSAC's problem that there aren't diverse speakers," she told The Reg. "Everyone else is waiting for them to solve the problem because they don't want to give up time on stage. That's one of the reasons why RSAC doesn't have more female speakers."
As she and others have pointed out, RSAC isn't really a security conference as such, but a sales bonanza where the security industry tries to shift kit.
While the exhibition floor has been noticeably lacking in booth beefcakes and babes, there hasn't been a show yet that this hack hasn't heard tales of women being harassed on the show floor.
Microsoft's equality and diversity: Skimpy schoolgirls dancing for nerds at an Xbox partyREAD MORE
This isn't just a problem for this conference, but one that bedevils many tech events. In recent years the adoption of strict codes of conduct have helped matters, though there's still a lot of work to be done.
"RSAC was a focal point for us last year, but we were also trying to demonstrate the value of diverse content and people to the entire industry," said Alex Stamos, another key player in OURSA who is currently recovering from his stint as Facebook's CSO as an adjunct professor at Stanford.
"It's great that RSAC is fixing things, but much of the infosec circuit seems to be moving backwards." ®
Sponsored: Becoming a Pragmatic Security Leader