April 23, 2025 – The Institute for Security and Technology is proud to join the global community of cyber experts convening in San Francisco next week for the RSA Conference.
Core to our mission at IST is our belief that technologists achieve more when they come together–with industry, with policymakers, and with each other–in pursuit of a common goal. RSA is an annual opportunity for diverse thinkers, innovators, and stakeholders from across the wider cyber ecosystem to connect on the latest technological advancements, their risks and opportunities for global stability and national security, and the path forward. We’re excited for our team members and adjuncts to participate in these conversations as we continue to drive action-oriented, creative solutions to emerging security challenges.
Here’s where you can find the Institute for Security and Technology at RSA:
Talks featuring our team:
Wednesday, April 30
WarGames 2027 & Maslow’s Hierarchy of Needs as Hybrid Warfare Nears – [SBV-W09]
2:25 PM – 3:15 PM PDT
Shall we play a game? This “choose your own adventure” session tackles the fast approaching reality of destructive cyberattacks on Lifeline Critical Functions like water, power, emergency care. The session will share the evidence, test assumptions, explore the art of the possible, and establish a sound hierarchy of needs enabling this talent pool to best serve the public good.
Joshua Corman, SVP SR, IST
Thursday, May 1
Taking the Fight Upstream: Pursuing Systemic Defense Against Phishing – [HUM-R05]
12:20 PM – 1:10 PM PDT
Three decades into the public internet, cybercrime is booming and phishing remains a key vector. With AI-enhanced attacks rising, common users are increasingly ill-equipped to defend themselves. What can be done upstream to protect society? This session explores systemic defense strategies across the ICT ecosystem that hold the potential for significant ecosystem-wide impact.
Kelly Bissel, CVP Security & Fraud, Microsoft
Tal Goldstein, Head of Strategy, World Economic Forum Centre for Cybersecurity
Steve Kelly, Chief Trust Officer, IST
Kemba Walden, President, Paladin Global Institute, Paladin Capital Group
Defeating Ransomware: A 360° Review of the RTF Four Years On – [PNG-R06]
1:30 PM – 2:20 PM PDT
It’s been 4 years since the Ransomware Task Force report, outlining 48 recommendations to stem ransomware attacks. The RTF helped pioneer the way policymakers approach ransomware and elevated its importance to a true national security threat. Since then, 50% of its recommendations have seen progress – but the others have not. This panel will offer an honest take on what’s worked and what hasn’t.
Megan Stifel, Chief Strategy Officer, IST
Carole House, Senior Fellow, Georgetown University CyberSMART Center
Allan Liska, Ransomware Sommelier, Recorded Future
Michael Phillips, Cyber Practice Leader, USA, CFC Underwriting Ltd
John Davis, Vice President, Public Sector, Palo Alto Networks
Talks featuring our partners & adjuncts:
Monday, April 28
Better Tabletop Exercises: Bringing Operations to the Table – [SBV-M02]
9:40 AM – 10:30 AM PDT
What if we could make table-top exercises (TTX) more realistic by tying them into the operational environment? They are great for preparation, finding gaps, training, communication, and getting leadership engaged in security and assurance. This session will ask whether their value when it is presumed that they works as intended and also look at how to improve so they actually work as intended.
Bryson Bort, IST / ICS Village / Founder & CEO, Scythe
George Bilbrey, Lead Adversary Emulation Engineer, SCYTHE
Tuesday, Apr 29
Messages that Mobilize: How to Make People Care About Cybersecurity- [KEY-T07W]
11:35 AM – 12:05 PM PDT
Cyber threats aren’t just a national security issue—they’re personal. How do we empower individuals to act? Join as we explore how storytelling bridges the gap between expert knowledge and public awareness. From scripted TV to public awareness campaigns, we’ll examine how behavioral science and storytelling can drive real action—helping protect individuals, communities, and ultimately, the nation.
Craig Newmark, Founder & CSR, Craig Newmark Philanthropies (Craigslist, Founder)
Vivian Schiller, Vice President & Executive Director, Aspen Digital, Aspen Institute
Michael S. Schmidt, Reporter, Co-Creator & Executive Producer, New York Times and Zero Day
Kiersten Todt, President, Wondros
Thursday, May 1
Cyber Defense Matrix Workshop – [LAB1-R01]
8:30 AM – 10:30 AM PDT
The Cyber Defense Matrix (CDM) helps practitioners systematically organize and manage their security program. This learning Lab will walk participants step-by-step through several use cases of the CDM, including how to map the latest startup vendors and security trends; using the CDM for tech rationalization and risk assessments; and aligning security controls to cyber insurance requirements.
Session Prerequisites: A basic review of the Cyber Defense Matrix will be helpful. Looking at presentations from past RSACs will make the workshop more fruitful.
Bryson Bort, IST / ICS Village / Founder & CEO, Scythe
Pierre-David Oriol, Chief Product Officer, Inscora
Sounil Yu, Knostic
Why Democratizing Cybersecurity Is Good for Business- [PNG-R01]
8:30 AM – 9:20 AM PDT
This session will explore the benefits of investing in shared cybersecurity infrastructure. Experts will discuss how democratizing security reduces risk, lowers costs, and enhances compliance for industry players, while ensuring more equity in cybersecurity. Attendees will learn how collective efforts can build a more secure and resilient digital ecosystem, benefiting businesses globally.
Jochai Ben-Avie, Non-Resident Fellow, Atlantic Council
Harriet Gardner, Senior Director of Corporate & Strategic Initiatives, Tides Foundation
Kayle Giroud, Director, Common Good Initiatives, Global Cyber Alliance
Chris Painter, Former President, The Global Forum on Cyber Expertise Foundation
Robert Sheldon, Sr. Director, Public Policy & Strategy, CrowdStrike
More information about panels hosted by Nonprofit Cyber members is available here.