Two highly anticipated cybersecurity events last week drew us to the Bay Area and the Capital Beltway: The RSA Conference in San Francisco and the Gartner Security and Risk Management Summit in National Harbor, Md.

Synack had both coasts covered, and we were delighted to reconnect with so many of our customers, partners and colleagues. We showcased how our unique pentesting experience can find the vulnerabilities that matter, keeping urgent threats at bay while bridging the cybersecurity talent gap.

We also brought the party! From rocking out to a Journey cover band in San Francisco to sipping margaritas while soaking in the lights of National Harbor’s famous Ferris wheel, here are some highlights from the two in-person events:

Journey by the Bay 

San Francisco, we missed you! 

The last time Synack hosted RSA attendees at Moscone Center neighbor, Fogo de Chão, was in February 2020, the COVID pandemic had yet to upend life in the U.S. “Zero trust” was just beginning to be a buzzword, and many federal agencies were facing deadlines to develop their first-ever vulnerability disclosure policies. 

What a journey it’s been. After a two-year hiatus and a COVID-related shuffle from its original dates in February 2022, RSA finally came back to the city by the bay bearing the theme, “Transform.”

We were ready to make our own triumphant return to Fogo de Chão, just 98 steps from the conference in Moscone Center. Our “Journey by the Bay” experience kicked off early on Tuesday, June 7, with a breakfast panel celebrating women in cybersecurity. (Read more about the inspiring event here.) 

The discussion highlighted Synack’s Inclusive company value: “Diversity is at the core of what we do at Synack, and it’s made its way into our culture as well,” Synack Chief Marketing Officer Claire Trimble said at the breakfast. 

During the day, RSA attendees stopped by to see Synack in action, discovering how we are bridging the talent gap with on-demand security talent from our elite Synack Red Team. We showed off our On-Demand Security Testing Platform, which gives organizations a central view of all pentest assessments and offers easy-to-digest reports and metrics to track progress over time (and meet compliance requirements). And we highlighted Synack’s wide-ranging contributions to the cybersecurity media landscape through the README news site, the weekly Changelog newsletter and the We’re In! podcast.

As RSA let out and the lights went down in the city, we hosted Journey tribute band Forejour, who played hits like Don’t Stop Believin’ and Any Way You Want It. Our guests enjoyed more than a few rounds of caipirinhas – not to mention Fogo de Chão’s legendary barbecued meats. 

On Wednesday morning, Synack CTO and co-founder Mark Kuhr led a breakfast discussion on “A Better Way to Pentest,” demonstrating how Synack combines the best of human intelligence and machine intelligence to offer a peerless pentesting experience.

As the conference started to wind down, we gathered for one last happy hour to toast to a successful event. We also streamed Game 3 of the NBA Finals to (mostly) cheer on the Warriors.

Throughout the week, guests had the chance to get to know many of Synack’s sponsors, including Accenture Federal Services, Arkose Labs, AttackIQ, Bolster, Netography, Netskope and SynSaber. We’re grateful for their support and can’t wait to see them at future events! 

Embracing change at Gartner 

Meanwhile in National Harbor, the Gartner summit returned to an in-person format for the first time since 2019, highlighting the latest actionable research and advice for security leaders.

Wednesday saw Synack CEO and co-founder Jay Kaplan present on “Staying Secure in the Midst of a Talent Crisis.” Kaplan shared how he and Kuhr launched the company to help organizations struggling to find the right talent to fend off constantly evolving cyberthreats.

“We do things differently by leveraging a global crowdsourced network of highly vetted security researchers in over 90 countries to perform on-demand and continuous testing to discover every vulnerability that matters,” Kaplan said. 

As trends in digitization and automation drastically expand the attack surface visible to cyber adversaries, security systems and testing must change to keep up, he pointed out.

Organizations facing increasingly sophisticated threats “are being scanned every day—they just don’t get the report,” Kaplan said.  

That evening, Synack hosted a Fresh Air Fiesta at Rosa Mexicano, steps from the Gartner show floor at the Gaylord National Resort & Convention Center. Over margaritas and massive bowls of guacamole, we met with customers and made many new connections. 

Between the two major infosec events, it was an epic week for all of us at Synack. We’d like to thank everyone who joined us or followed along on social media! 

The post A Tale of Two Conferences: Synack Stood Out at RSA and Gartner appeared first on Synack.

This morning, Synack gathered a distinguished panel of women in cybersecurity to share their perspectives on the cybersecurity talent gap and offer lessons for supporting the next generation of women leaders.

Men still outnumber women by three to one in the cybersecurity industry, according to a recent (ISC)² report, despite evidence that a more diverse workforce drives better business and security outcomes. While executives at many organizations have acknowledged the problem, they’ve often struggled to find actionable solutions to address this talent gap.

At Fogo de Chão, steps away from the RSA Conference in San Francisco, Synack hosted Kiersten Todt, Chief of Staff at the U.S. Cybersecurity and Infrastructure Security Agency; Betsy Wille, Chief Information Security Officer, Abbott; Tiffany Gates, Senior Managing Director for the National Security Portfolio at Accenture Federal Services; and Edna Conway, VP, Security and Risk Officer, Azure Hardware Systems and Infrastructure at Microsoft, for an intimate conversation moderated by Jill Aitoro, SVP of Content Strategy at the CyberRisk Alliance.

Among the insights from the panel: It’s one thing to hire top talent, it’s another to make women feel like they belong at an organization. And security leaders will need to shake things up to meet aggressive goals like CISA’s plan to have women represent 50% of the agency’s work force by 2030, up from about 36% now.

“We have to be ambitious. We have to be disruptive, because the only way we’re going to get there is by undoing some of the things we’ve done today,” Todt said.

Other key takeaways from Synack’s Celebrating Women in Cyber Breakfast:

Start early

 “We need to be bringing this terminology, this language, to kids in elementary school,” Todt said. “We have to surround them with this field so that they’re able to pull these factors in and grow up with it, so when they’re in high school, they can see the interest they have in these areas.”

Educational institutions will have to move fast to meet the talent needs of a rapidly evolving sector like cybersecurity.  

“I do think there’s a huge opportunity to grow this field much more substantively than we have, because it actually encompasses everything that we do,” Todt said. “There is no greater field that should truly represent the planet.”

Empower advocates

Gates of Accenture, who described herself as “terrible” with numbers, reached out to mentors in a range of fields while forging her own career path.

“Don’t flop toward someone who is just like you,” she said. “I want to be mentored by someone who was in the finance shop, just to better understand the kinds of obstacles and challenges they were dealing with.”

Conway, who said she’s currently a mentor to 14 people, pointed out that advocates like her “need to listen more than we speak, because each of our colleagues comes to the table with something different.”

Build a different kind of pipeline

Heavy turnover in the cybersecurity field has opened important conversations on alternative hiring pipelines, said Wille of Abbott. “We’re in better company than maybe we were a couple years ago in pushing the idea that the traditional means of education are not going to be the only places we can look. We’ve seen that improve,” she said.

Wille pointed out that a few months after starting work at Abbott, she was able to onboard someone who showed initiative but had no college degree on file because the company had enabled that level of hire. The employee has since been promoted, and Wille said she would “hire 10” just like her if she could.

Still, challenges persist in areas like security clearances, which can be integral to a federal cybersecurity career but trip up many candidates.

“When we talk about how hard it is to find women that we can bring in, now take 20% of that available pool,” Gates said. “That is what I have to work with, because the number of cleared resources in this community just decimates the number of women that I have available to choose from.”

Commit to learning

 “Talent doesn’t come in one container, it doesn’t come with one linear trajectory,” Todt said. “We have to do a better job opening up the aperture.”

Poorly written or overly demanding job descriptions can turn away prospective candidates at the front door. Instilling the courage to apply in the first place is key, but that’s not the end of the story.

“It’s not just to have confidence, but quite frankly to step up and be willing to do the work to figure out what you need to learn and go learn it,” said Conway, who pointed out that she has a degree in medieval renaissance literature but built her career in tech by continuously asking questions. “The burden falls on each and every one of us… Reach out, pull up, help, kick in the derriere when needed and do it with care, do it with humility, and you’ll be amazed what happens. We are a powerful force together: Never forget that.”

For more information about how Synack is tackling the cybersecurity talent gap, check out our white paper “Solving the Cyber Talent Gap with Diverse Expertise.”

The post Building a Bigger Tent in Cybersecurity: Lessons from Synack’s Celebrating Women in Cyber Breakfast appeared first on Synack.