Where have all the good RSA talks gone?

Once upon a time, the RSA Conference was known for its deep technical content and the quality of its speakers. But, as the security industry has changed and matured over the last few years, the sessions at the show have become more focused on soft, fuzzy themes such as risk management and compliance. This is probably just a natural evolution and a reflection of the direction of the industry as a whole, but many of the security professionals I’ve talked to here this week have complained about the lack of serious educational content and the proliferation of marketecture-type sessions. And the few really deep sessions have been so crowded that many attendees have been turned away at the door. The hard core cryptographers’ sessions are still here and there are some good ones on new attacks as well, but it seems that the days of walking out of the conference at the end of the week with a notebook full of great ideas are past.