Women of Infosec call bullsh*t on RSA's claim it could only find one female speaker

Rival OURSA conf found 14 in five days after only Monica Lewinsky made RSA's agenda

By Iain Thomson in San Francisco


Day one of the annual RSA conference in San Francisco on April 17 will have some competition after a group of female infosec professionals decided to hold their own shindig - titled Our Security Advocates or OURSA - to showcase the work of women in the field.

Last week RSA was hammered on social media when its keynote speaker lineup included a grand total of one non-male speaker - Monica Lewinsky. Ms Lewinsky is an expert in her field of online bullying and harassment, but the lack of diversity and RSA's tone-deaf explanation that there weren't that many women in cybersecurity anyway got people riled up enough to take action.

"It's not just RSA but all of the conferences, or at least 99 per cent of them," Melanie Ensign, Uber's head of security and privacy communications, told The Register. "But the latest keynote list was the straw that broke the camel's back. All you have to do is try, it's not that hard to create a diverse conference, so we're calling bullshit on the excuse."

In just five days female technologists had pulled together 15 speakers, 14 of whom are women, for the OURSA security conference. It'll be hosted at the SF headquarters of Cloudflare (co-founded by Michelle Zatlyn) and the US$100 tickets sold out in less than 24 hours, but the event will be livestreamed.

Conference tracks include applied infosec engineering, security policy and privacy protection, plus discussion groups. The whole gig will be sponsored by Facebook, Google, Dropbox, Netflix, Uber and hosts Cloudflare.

"I was inspired to help make something happen after seeing all the discussion on Twitter," OURSA cofounder Parisa Tabriz, Google's engineering director for browsers, told The Register. "Our community already has a tremendous diversity of talent, and I’m excited to help give these experts a forum to present their work."

In RSA's defence, sort of, the show's organizers have limited control over the keynote speakers as it auctions a large number of them off to the highest bidder. But, as Ensign pointed out, that means companies like Microsoft, Cisco, IBM and other RSA keynote buyers aren't putting female talent forward either.

While women make up only 11 per cent of the IT security industry you wouldn't guess that from most conferences, where queues for the ladies restroom are seldom seen, female headliners are scarcer than hen's teeth and the scent of testosterone can be overpowering. Some are better than others - Enigma being a prime example - and Ensign said she hoped OURSA would be a one-off event.

"If we continue to have to have separate conferences then we're defeating the point," she said. "I hope this is something we don't have to do again, I hope it becomes a model for other conferences."

In response to the storm of criticism RSA has now added more female speakers and will host a two-hour women's leadership reception on the evening. One suspects that most of the real leaders in the field for the future will be down the road at Cloudflare HQ instead. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Adi Shamir visa snub: US govt slammed after the S in RSA blocked from his own RSA conf

RSA 'If someone like me can't get in to give a keynote, perhaps it's time we rethink where we organize our events'

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted

Bunch of bugs stomped with version 0.71

No way, RSA! Security conference's mobile app embarrassingly insecure

Sorry about the hard-coded passwords, can we sell you some crypto now?

After last year's sexism shambles, 2019's RSA infosec bash has upped its inclusivity game

RSA Latest diversity push welcome amid fears the infosec circuit is 'moving backwards'

RSA coughs to critical-rated bug in its authentication SDK

Yup, that means if you code with it, your projects inherit the problem. Yay!

We sent a Reg vulture to RSA to learn about the future of AI and security. And it's no use. It's bots all the way down

RSA We'd call this blue-sky thinking but the sky is thick with swarms of drones

He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman

Dr Shifro pays ransom, gets discount and adds its own margin, says Check Point

RSA ransomware

RSA SecurID admin console can issue emergency access to decent social engineers

Put the management interface behind the firewall, pronto

ROCA 'round the lock: Gemalto says IDPrime .NET access cards bitten by TPM RSA key gremlin

Here's what to do if you have an affected badge


Who Needs Malware?

Learn how fileless techniques work and why they present such a complex challenge.

Optimize your vSAN Deployment with Intel® technologies

Learn about VMware vSAN, a leading HCI solution, to run your organization’s business critical applications, and more efficiently access your data.

Backup is Changing, Are You Prepared?

Further, there must be some form of assurance that all data has been backed up.

Evolving Datacenters without Complexity

In this session, we’ll talk about how IT leaders are advancing the capabilities of their datacenters to rise to today’s challenges. Our guest speaker, Chris Bradford, Product Manager at DataStax will bring first-hand expertise to a discussion with The Register host Elena Perez.