CyberWire Daily: Detailed Summary of "Hugh Thompson on Building the RSA Conference [Afternoon Cyber Tea]"

Podcast Information:

• Title: CyberWire Daily
• Host/Author: N2K Networks
• Description: The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program includes interviews with a wide spectrum of experts from industry, academia, and research organizations worldwide.
• Episode: Hugh Thompson on Building the RSA Conference [Afternoon Cyber Tea]
• Release Date: May 26, 2025

Introduction

In this episode of Afternoon Cyber Tea, Dan Johnson welcomes Dr. Hugh Thompson, the Managing Partner at Crosspoint Capital Partners and Executive Chairman of the RSA Conference. With over 100 publications in security and experience testifying before Congress, Dr. Thompson provides invaluable insights into building and executing one of the world's largest cybersecurity conferences.

Building the RSA Conference

Planning and Preparation

Dr. Thompson emphasizes the extensive planning required to organize the RSA Conference, highlighting that preparations begin 18 months in advance. This long-term planning involves determining the conference theme, allocating space for various sessions, and integrating lessons learned from previous years.

[01:53] Dr. Hugh Thompson: "We start about 18 months in advance of the actual event... it's everything from what is the theme going to be? How much space do we think we need for different types of sessions?"

Team Effort and Community Collaboration

The success of the RSA Conference is attributed to the dedicated team and the collaborative nature of the cybersecurity community. Dr. Thompson acknowledges the continuous feedback from attendees, which drives the improvement of each subsequent conference.

[02:59] Dr. Hugh Thompson: "It's a team that's never satisfied with great. We always want to make it better... it's such a community effort to get this conference together."

Dr. Thompson's Background and Influence on Cybersecurity

Applied Mathematics to Cybersecurity

Dr. Thompson's academic background in applied mathematics profoundly influences his approach to cybersecurity. He recounts a pivotal moment when an unexpected encounter led him to an internship at Microsoft, setting the course for his career in cybersecurity.

[04:44] Dr. Hugh Thompson: "Mathematics... allows you to try and make some structural sense out of what seems like chaotic activities... It helps you to systematically think through complex problems and break them down."

Career Transition Story

A serendipitous meeting with a Microsoft recruiter while teaching calculus three shifted Dr. Thompson’s career trajectory from academia to the tech industry, reinforcing his passion for breaking software and securing systems.

[07:15] Dr. Hugh Thompson: "I ended up staying there for the summer, was an intern. I worked on Microsoft Exchange through Microsoft Research. It really convicted me that what I want to do for the rest of my career is continue to do what I'd always done as a hobby..."

Choosing Conference Themes

Theme Selection Process

Selecting a conference theme involves deep internal debate and a focus on community relevance. Dr. Thompson shares the evolution of themes over the years, noting a shift towards the human element in cybersecurity.

[09:23] Dr. Hugh Thompson: "Every year there's a lot of debate internally around the theme... this year the theme was 'Many Voices, One Community.'"

Human Element Focus

Since initiating the 'Human Element' track approximately 12 years ago, the RSA Conference has consistently integrated themes that highlight the importance of people in cybersecurity, whether they are defenders, attackers, or stakeholders.

[10:15] Dr. Hugh Thompson: "Cyber really comes down to people, whether it's the folks that you're trying to protect, the folks that are the defenders... or the attackers."

Programming and Content Selection

Balancing Technical and Non-Technical Content

The RSA Conference prides itself on offering a diverse array of sessions catering to both technical experts and non-technical professionals. An open call for speakers attracts over 2,800 submissions annually, ensuring a wide range of topics and perspectives.

[12:28] Dr. Hugh Thompson: "We have a track on policy and government, for example. We've got multiple hackers and threats tracks for very technical content... and open policy and government tracks."

Program Committee's Role

An independent program committee meticulously reviews submissions to curate content that resonates with the entire cybersecurity community. The passionate dedication of committee members ensures the delivery of high-quality sessions.

[15:03] Dr. Hugh Thompson: "Our program committee dedicates so much time into not just reading these submissions, but really passionately advocating for the ones that they think matter."

Evolution of Cybersecurity Conversations

Increased Relevance and Recognition

Dr. Thompson observes that cybersecurity has transitioned from an obscure field to a critical societal concern over the past two decades. This shift is evident in the attendance patterns and the caliber of participants at the RSA Conference.

[18:36] Dr. Hugh Thompson: "Cybersecurity has become an important part of society... key government officials, CIOs, and CEOs attend because they realize they need to understand what cyber risk truly entails."

Broader Industry Impact

The industry's growth has elevated cybersecurity discussions to boardroom agendas and mainstream media, reflecting its significance in protecting both personal and organizational assets.

[21:21] Dr. Hugh Thompson: "Now we're a boardroom conversation... some organizations have billion-dollar security budgets."

Exhibition Floor and Unique Elements

Vendor Interactions and Benefits

The exhibition floor serves as a critical space for vendors and attendees to connect, explore new technologies, and make informed decisions. It offers immense value by consolidating numerous vendors in one location, saving time for attendees.

[29:28] Dr. Hugh Thompson: "There's great value in just the time savings of having all of those vendors in one spot."

Unusual Vendor Requests

While the exhibition typically features standard vendor activities, Dr. Thompson recounts a memorable incident involving a llama that unexpectedly appeared on the show floor, highlighting the unpredictable nature of event management.

[27:24] Dr. Hugh Thompson: "Apparently this one company had smuggled a llama in... it was very unexpected and led to a 'no llama policy' in future contracts."

Keynote Presentations

Maintaining Freshness in Keynotes

Dr. Thompson, who has delivered keynotes since 2007, keeps his presentations fresh by drawing inspiration from personal anecdotes and family experiences. Stories involving his five children often serve as relatable analogies to complex security concepts.

[30:22] Dr. Hugh Thompson: "I think about security all the time... my kids help to get us in predicaments that lead to stories that I think are helpful to relate concepts that matter to people."

Engaging the Audience with Relatable Stories

By integrating personal stories, Dr. Thompson effectively communicates intricate cybersecurity topics in an accessible manner, ensuring that his keynotes resonate with a diverse audience.

[32:31] Dr. Hugh Thompson: "People think in stories, that's what they remember... stories help convey complex security concepts to a broad audience."

Optimism for the Future of Cybersecurity

Community Ethos and Collaboration

Dr. Thompson expresses unwavering optimism about the future of cybersecurity, attributing it to the strong sense of community and collective mission among security professionals. He believes that unified efforts can lead to significant advancements and resilience against cyber threats.

[33:41] Dr. Hugh Thompson: "You can't walk away from RSA conference... if we band together as a community... amazing things can happen."

Vision for Continued Growth and Collaboration

Looking ahead, Dr. Thompson envisions improved organization, enhanced collaboration, and the continued evolution of the cybersecurity community as pivotal to combating emerging threats.

[35:07] Dr. Hugh Thompson: "We have that abundance inside of our cybersecurity community... you cannot not be an optimist about the future."

Conclusion

The conversation between Dan Johnson and Dr. Hugh Thompson offers a comprehensive look into the intricate workings of the RSA Conference, the evolving landscape of cybersecurity, and the personal journey of a leader deeply embedded in the field. Dr. Thompson's insights underscore the importance of community, continuous learning, and the human element in shaping the future of cybersecurity.

Notable Quotes:

• Dr. Hugh Thompson [01:53]: "We start about 18 months in advance of the actual event... it's everything from what is the theme going to be?"
• Dr. Hugh Thompson [04:44]: "Mathematics... allows you to try and make some structural sense out of what seems like chaotic activities."
• Dr. Hugh Thompson [09:23]: "Every year there's a lot of debate internally around the theme... this year the theme was 'Many Voices, One Community.'"
• Dr. Hugh Thompson [12:28]: "We have a track on policy and government, for example... and open policy and government tracks."
• Dr. Hugh Thompson [18:36]: "Cybersecurity has become an important part of society... key government officials... attend because they realize they need to understand what cyber risk truly entails."
• Dr. Hugh Thompson [27:24]: "Apparently this one company had smuggled a llama in... it was very unexpected."
• Dr. Hugh Thompson [30:22]: "People think in stories, that's what they remember... stories help convey complex security concepts to a broad audience."
• Dr. Hugh Thompson [33:41]: "You can't walk away from RSA conference... if we band together as a community... amazing things can happen."

This summary encapsulates the key discussions, insights, and conclusions from the podcast episode, providing a comprehensive overview for those who have not listened to the original interview.