Jeff Man
Jeff Man, is an Information Security advocate, InfoSec Curmudgeon, PCI QSA; Trusted Advisor and speaker with over 40 years of experience in cryptography, risk management, information security and penetration testing. As a National Security Agency cryptanalyst, Jeff invented the "whiz" wheel, a cryptologic cipher wheel used by US Special Forces as well as the first software-based cryptosystem produced by the NSA and pioneered the agency’s first “red team”. Jeff actively shares his unique and valuable knowledge as an international speaker, author contributor to Tribe of Hackers and podcast host for Paul’s Security Weekly. He gives back to the industry through sitting on advisory boards as well as inspiring youth through diversity, equity and inclusion initiatives and mentorship. Jeff remains a driving force in the industry, bringing his deep expertise and no-nonsense approach to his role as a PCI QSA and Trusted Advisor at Online Business Systems.
At Online Business Systems (OBS), we believe that expertise should be lived, shared, and celebrated. Jeff Man is a vital part of our Cybersecurity team—bringing over 40 years of frontline experience in cryptography, risk management, penetration testing, and cybersecurity advocacy. As a former National Security Agency cryptanalyst and a trusted advisor at OBS, Jeff represents the depth, credibility, and forward-thinking leadership we are proud to offer our clients.
Sharing Jeff’s RSAC experience is more than just recounting a week at a conference—it’s about demonstrating how genuine connections, real-world expertise, and a passion for progress shape the cybersecurity landscape today. Through his eyes, we see the true spirit of the community we serve and the future we’re helping to build.
Want to listen to our hosts recount Jeff's story below?
The Countdown
Sunday in San Francisco started the way I like it—low-key but connected. I touched down with just enough time to check in at the hotel and head straight to Moscone South to grab my RSAC badge before walking over to the Metreon for BSides San Francisco. BSides always welcomes me with a press pass, and it’s a great way to ease into the week ahead. This year’s event didn’t disappoint. Two moments stood out: spotting a booth proudly displaying PCI on their banner (always a win when your niche shows up in neon) and a surprise reunion with Dan Farmer, co-author of SATAN, whom I hadn’t seen since the “pit” days of the mid-90s. I also caught up with fellow Curmudgeon Wendy Nather, who delivered a stellar keynote, and invited Amelie Koran from Walmart to our unofficial “TongaCon” (really WhiskeyCon) that evening.
Before the evening picked up speed, I carved out a quieter moment to officially welcome Paul Donfried to the OBS Cybersecurity team over burgers at Mel’s Drive-In. We swapped cybersecurity stories and talked through his vision for what’s ahead at OBS. It was a fitting kickoff to the week—grounded, thoughtful, and forward-looking.
Later that night, TongaCon—co-hosted with Casey Ellis from Bugcrowd—brought together 60–70 hackers, practitioners, and longtime friends at The Chieftain. No stage, no badges—just real, unfiltered conversations before the RSAC whirlwind hit full speed. One of the best I had was with Doug Wilson from Anthropic’s security team. His enthusiasm about the societal transformation AI and LLMs are bringing was infectious, likening it not to the appearance of the black obelisk in 2001, as I joked, but more like the invention of the steam engine. His excitement, though, was grounded in pragmatism: computers aren’t becoming sentient anytime soon. Whew.
The Elephant in the Room
For the third year running, artificial intelligence was the unofficial yet overwhelming theme of RSAC. But this year felt different. Instead of every vendor shouting “AI” from the rooftops, conversations shifted toward more realistic use cases of generative AI and large language models. Last year, I challenged myself not to say “AI” or “LLM” the entire week—no small feat during executive interviews (I succeeded, by the way). This year, I leaned in—and found that executives had more concrete, practical insights on how these tools are helping improve threat detection and response. Sure, the skeptics and prophets of doom were still around (myself included), but the tone was more mature, intelligent, and dare I say mildly optimistic.
The RSAC circus was just getting started, but the real conversations had already begun.
Monday: Mic Time & Media Hubs
Started off with a Checkmarx breakfast to support Ira Winkler’s panel on GenAI risk. Then over to Broadcast Alley where I recorded executive interviews for CyberRisk TV with leaders from Apiiro, Cyber Sierra, and Oligo Security. Closed the day co-hosting our Daily Recap with Dr. Doug White, who does the Security Weekly news segments.
That evening was all about networking—with a VC event hosted by Datatribe and a “Security Speakeasy” whiskey and cigar session led by John Johnson of CornCon.
Tuesday: Maryland Morning & OBS Midday
The morning began with a Maryland-sponsored breakfast featuring Lt. Governor Aruna Miller and former U.S. Cyber Director Harry Coker Jr. After that, it was nonstop interviews back at Broadcast Alley—Cobalt’s Gunter Ollmann, Mend.io’s Rami Saas, and Fortra’s Rohit Dhamankar.
Took a break from the conference buzz to stop by the OBS “Better Than a Booth” networking lunch at Fang. The vibe was exactly what you'd want midweek at RSAC—great food, smart conversations, and no booth badge scanning required. Then I joined the Human Security booth for our “Beers and Browser Scripts” event where I got to catch up with Troy Leach from the Cloud Security Alliance and Larry Pesce, co-host of Paul's Security Weekly and VP of Services at Finite State.
The evening was quite packed up as well with the SC Media Awards and OBS’s private dinner over at Merkado.
Wednesday: Podcasts & Pen Tests
Started the day with CyberRisk TV’s daily intro and an interview with Joel Burleson-Davis from Imprivata. After a stroll through the Expo floor (and a chat with Snehal Antani of Horizon3), I was off to record NetSpi’s “Agents of Influence” podcast.
Then it was back to Broadcast Alley for more interviews—HD Moore from runZero and Yotam Segev from Cyera. Closed the day at our OBS Happy Hour at The Chieftain (5th year running!), followed by another OODA event hosted by Bob Gourley.
One of the most memorable moments came when I met three ROTC students from the University of North Georgia. Their questions about cybersecurity careers and enthusiasm for the field were a great reminder of how much fresh talent is entering the space.
I ended the night with cigars and more great conversation at the Maryland Department of Commerce's gathering.
Thursday: Last Call
Wrapped things up with a final Broadcast Alley interview—Matthew Warner from Blumira, a PCI-friendly chat with some hacker energy. Walked the floor once more, this time with John Hammond of Huntress (and YouTube fame), and stopped by the Early Stage Expo to visit Bruce and Heidi Potter at their new venture, Turngate.
They invited me to a quiet dinner that evening, which turned out to be the perfect way to close the week: good food, solid company, and no badge scanning required.
The Wrap
Over the course of RSAC week, I spoke at or co-hosted more than a dozen events—everything from livestream interviews and podcast panels to informal gatherings and private sessions. In total, I engaged with more than 150 professionals across the industry: cybersecurity veterans, startup founders, government leaders, students, and researchers. It was a full-throttle week of conversations that reminded me how collaborative, creative, and forward-looking this community really is.
To everyone I had the chance to catch up with during RSAC, thank you. Whether it was a quick handshake at Broadcast Alley, a deeper conversation over a drink, or just a shared laugh in the hallway, those moments are what make this week worth it. Always good to reconnect with familiar faces and meet a few new ones along the way. Let’s keep the conversations going, online or in person.
—Jeff Man
About the Author
Jeff Man is an Information Security advocate and speaker with over 40 years of experience in cryptography, risk management, information security and penetration testing. As a National Security Agency cryptanalyst, Jeff invented the "whiz" wheel, a cryptologic cipher wheel used by US Special Forces as well as the first software-based cryptosystem produced by the NSA and pioneered the agency’s first “red team”.
Jeff actively shares his unique and valuable knowledge as an international speaker, author contributor to Tribe of Hackers and podcast host for Paul’s Security Weekly. He gives back to the industry through sitting on advisory boards as well as inspiring youth through diversity, equity and inclusion initiatives and mentorship.
Jeff remains a driving force in the industry, bringing his deep expertise and no-nonsense approach to his role as a PCI QSA and Trusted Advisor at Online Business Systems.
If you enjoyed Jeff’s insights from RSAC 2025, be sure to check out his resource page for more of his perspectives, industry commentary, and curated cybersecurity content: info.obsglobal.com/jeff-man-resources-page
Don’t miss what he’s sharing next.
Submit a Comment