No, we aren’t talking about Survivor, which evidently is still on the air. Who knew? This week the band of merry Securosis men are frantically preparing for next week’s RSA Conference. We’ll all descend on San Francisco Sunday afternoon to get ready for a week of, well, work and play. I saw Stiennon tweet about his 50 meetings/briefings, etc. – claiming that’s a new personal record. That’s not #winning. That’s #losing – at least to me. I have way too many meetings scheduled – and that even doesn’t count all the parties I have committed to attending. Pretty much every minute of every day is spoken for. My liver hurts already. RSA is a war of attrition. By Friday when I fly home I am always a mess. A few years ago I ran into Andy Jaquith on the BART train back to the airport afterwards. He tried his best to make conversation, but I had nothing. I could hardly string three words together. I grunted a bit and scrawled a note that I’d call him the following week. I sleep well on Friday night when I get home. And most of Saturday too. I pray to a variety of deities to fend off the con flu. Usually to no avail – the RSA Conference grinds even the hardiest of souls into dust. But I really can’t complain much. As much as I whine about the crazy schedule, the lack of sleep, and the destruction of billions of brain cells, I love the RSA Conference. I get to see so many friends I have made over the past 20 years in this business. I get to see what’s new and exciting in the business, validate some of my research, and pick the brains of many smart folks. We are lucky to meet up with many of our clients and provide our view of the security world. I also find out about many new opportunities do work with those clients, and based on early indications March and April should be very busy indeed. So it’s all good. Based on early RSVPs we expect record numbers at our Disaster Recovery Breakfast Thursday morning. A ton of folks are interested in the talk on mindfulness JJ and I are doing at the show. And the 2014 Security Bloggers Meetup will be bigger and better than ever. Yes, if you can’t tell, I’m really looking forward to the Conference. And I look forward to seeing many of you there. –Mike PS: I learned yesterday that a pillar of the Atlanta security community passed away recently. So I’ll have a drink or ten in honor of Dan Combs. He was a good man. A good security guy. And he will be missed. RIP Dan. It’s just another reminder that our time here is short, so enjoy it, have fun, maximize each day, and live as large as you can. You never know which RSA Conference will be your last… Photo credit: “Survivor Finale” originally uploaded by Kristin Dos Santos Securosis Firestarter Have you checked out our new video podcast? Basically Rich, Adrian, and Mike get into a Google Hangout and, well, hang out. We talk a bit about security as well. We try to keep to less than 15 minutes and usually fail. Feb 17 – Payment Madness Feb 10 – Mass Media Abuse Feb 03 – Inevitable Doom Jan 27 – Government Influence Jan 20 – Target and Antivirus Jan 13 – Crisis Communications 2014 RSA Conference Guide We’re at it again. For the fifth year we are putting together a comprehensive guide to want you need to know if you will be in San Francisco for the RSA Conference at the end of February. The full guide (with tons of memes and other humor that doesn’t translate to the blog) will be available later today. We will also be recording a special Firestarter video on Thursday, since you obviously can’t get enough of our mugs. Look for that on Friday… Key Themes Watch List: DevOps Key Theme: Cloud Everything Key Theme: Crypto and Data Protection Key Theme: Retailer Breaches Key Theme: Big Data Security Key Theme: APT0 Deep Dives Data Security Cloud Security Endpoint Security Identity and Access Management Security Management and Compliance Application Security Network Security And don’t forget to register for the Disaster Recovery Breakfast, 8-11am Thursday, at Jillian’s. Heavy Research We are back at work on a variety of blog series, so here is a list of the research currently underway. Remember you can get our Heavy Feed via RSS, where you can get all our content in its unabridged glory. And you can get all our research papers too. The Future of Information Security Implications for Cloud Providers Implications for Security Vendors What it means (Part 3) Six Trends Changing the Face of Security A Disruptive Collision Introduction Leveraging Threat Intelligence in Security Monitoring Quick Wins with TISM The Threat Intelligence + Security Monitoring Process Revisiting Security Monitoring Benefiting from the Misfortune of Others Advanced Endpoint and Server Protection Prevention Assessment Introduction Newly Published Papers Security Management 2.5: Replacing Your SIEM Yet? Defending Data on iOS 7 Eliminating Surprises with Security Assurance and Testing What CISOs Need to Know about Cloud Computing Defending Against Application Denial of Service Security Awareness Training Evolution Firewall Management Essentials Incite 4 U Call it the Llama Clause: Just to get you in the RSA Conference state of mind, check out this great post from the Denim Group folks who are just learning about the nuances of exhibiting at RSA. Yup, there is a “no animals” restriction. Turns out not only can’t you bring a llama, you can’t bring a rhino either. Which is a bummer because a live rhino would be second only to Nir Zuk as booth catnip. You also can’t have loud noises or bad odors. Neither of which seems to be restricted at DEFCON. Apparently they also have a booth babe clause, or at least the right to ban folks unprofessionally or objectionably dressed. By the way, that would seem to be a bit of a subjective measure, no? For those attendees who don’t