At the RSA Conference, the Most Important Conversations Happen Between Sessions

When professionals attend the annual RSA Conference, they often find that the most valuable conversations happen between the sessions. In hallways, coffee lines, and chance introductions, cybersecurity professionals exchange ideas, ask candid questions, and form connections that shape careers and collaborations. For the cybersecurity industry, these informal peer exchanges and spontaneous mentorship moments generate insights and opportunities that scheduled presentations struggle to replicate.

That’s the core belief of Gaelle Koanda, a multi-award-winning Cybersecurity Professional at BAE Systems. Koanda’s reputation stems from her leadership as Vice President of Education for ISACA Denver and her community-building efforts as founder of SheLeadsTech Colorado and the WiCyS chapters in the Ivory Coast and Burkina Faso. Her work has earned her a finalist spot for the SANS Institute’s Difference Maker Award in the Community Champion category—an honor she says cements her identity as someone who is "all about community."

At the conference, the usual corporate hierarchy softens, creating a neutral ground where a simple question can open unexpected doors. According to Koanda, this is a key space where crucial community building takes place. “It’s not just about listening to the speaker on stage. The real value lies in the hallway conversations. It’s the people you meet, the exchanges you have, and the network you build.”

• Networking for net worth: Community building isn't an abstract concept for Koanda. It's part and parcel of how security professionals add value. “I’ve said it since my first RSA Conference: Your network is your net worth. In cybersecurity, sometimes your career is about who you know. Today I can say that because of RSA, I have a good network and I’m benefiting from it.”

Such conversations are a way to get out of the silos that many professionals find themselves in. For example, after a brief, mistaken-identity introduction at a previous RSA event, Koanda realized she was speaking to the CISO of SolarWinds. “I met Tim Brown and didn’t realize who he was at first," she says. “We started talking, and I asked him for advice on how to improve professionally and what areas I should focus on. I still have the notes from that conversation.”

But the same dynamic can bridge even internal silos. An executive from her parent company spotted the BAE Systems logo on Koanda's jacket and struck up a conversation. “Despite his title, he took 45 minutes to give me advice, telling me to look up the difference between an entrepreneur and an intrapreneur. This is someone I could never talk to at work; after the CEO, it's him. He connected with me on LinkedIn, and we've kept in touch and are supposed to meet again this year at RSA.”

• No titles, just talk: Koanda points out that these hallway conversations have a way of clearing away social hierarchies, bringing together people with actual ideas and insights. “People don't care about your title. You ask the right question, and you have access to the speakers. You learn what's coming next, and when you go to RSA, you know what the hot topic will be next year.”

• Building real relationships: Alongside access to industry leaders, building peer relationships can be just as impactful, often evolving into long-term partnerships. “I met someone from Vancouver last year, and we've become cybersecurity best friends,” Koanda says. “She's actually speaking this year, so we've been talking about how we will meet again, and we're starting to partner on projects together.”

It’s in these informal conversations that practitioners can tackle the industry's toughest topics, from improving CISO accountability and avoiding the “scapegoat” narrative to better communicating cyber risk ROI. For Koanda, the agenda is clear. “The biggest topic is AI: how to stop AI-driven attacks, the risks of using it, and how to pick your vendors. Personally, since I'm in the aerospace industry, I'm also focused on meeting experts in the CMMC framework.”

She emphasizes that these conversations elevate cybersecurity's diversity, presenting opportunities for professionals from different backgrounds to network and knowledge share. “I'm involved with ISACA, and our certifications are universal. This allows me to ask people with the same credentials how it helped them. They might explain that the official ISACA way isn't how they actually practice in their country. They can tell me why, and that is feedback I can take back to the headquarters,” Koanda concludes. “Cybersecurity needs diversity of thought, and this is the place for it."