I do enjoy the RSA conference. I even get a good bit from it. Still it could be better. I mean have you ever tried to sit through the “keynotes”? Half of them are either vendor commercials or worse.. given by someone who does not even bother to figure out defining “separation of duties” to the RSA audience is a good example of being utterly clueless. You really have to research the level of the audience before getting in front of a few thousand people.
Yesterday I went to the Louisville Infosec ISSA conference. It rocked! But I noticed something. The keynote by John Strand was simply outstanding. Then there was Sector. I was not at Sector, but I saw comments from many of my Infosec friends who did go. Plus I had the pleasure of meeting and talking with Chistofer Hoff at the 2009 RSA. Hoff is also known as @Beaker on twitter and always has interesting things to say.
So RSA I suggest this. How about some of our own like @Beaker and @strandjs as keynote speakers? Make it a regular thing for the keynote track. Pull from quality speakers like them and maybe others from our own practitioner community. The folks who understand the real issues important to us yet have refined their presentation skills through social media. You don’t have to totally ditch the vendors who sponsor the event. They do pay the bills. Though you could restrict them to their best speakers then toss in a few of our own folks.
Another suggestion. Spice up the sessions. Maybe call it the black track. But if some of the better tech sessions I saw at Louisville and heard about from Sector were allowed it would only increase the value from the RSA conference. Again keep it to speakers with a known track record from other smaller conferences and with good technical material to present.
One last suggestion. You (RSA) are close to Verisign. How about supporting VIP two factor authentication to your site. So we can use our mobile phones for tokens. https://vipmobile.verisign.com/ Or maybe support oauth so we can tie in our other social media credentials.