The dust has settled upon another RSA Conference and it was a pleasure to attend this industry’s largest and best security event.
After the debarcle in 2014 where a breakaway event allowed some speakers to withdraw from RSA Conference 2015 had a much more positive vibe with two large expo halls, track sessions in a different centre and keynotes from the industry’s finest names, Government and celebrities.
I arrived on Saturday 18th and attended BSIdes San Francisco on the Sunday. This was held at the offices of OpenDNS in SOMA and saw some excellent presentations on cloud security, media, coordinated actions and a panel from the EFF. Once again this format of conference proved to be a winner not only for the quality of speaker, but also for the community which backs and organises it.
The RSA conference began on Monday in some part, with initial sessions on the (ISC)2 Global Workforce Study and the skills shortage, which included a panel of people including Angela Messer, executive vice president of Booz Allen Hamilton, whom I wondered had considered the state of security skills considering the actions of a former member of staff!
As mentioned earlier, there were two full expo halls and these opened on the Monday evening. Personally I don’t see the benefit of the two halls, particularly as this divided the delegates into the two halls. However one hall was significantly larger than the other as it gave space to the start-ups who chose to exhibit, while other vendors took the opportunity to demonstrate new products and solutions, and give live presentations to interested visitors. In case you are short of pens, T-shirts and other swag, then this is the best place to stock up. For those with a large quantity already overflowing our cupboards and drawers, I prefer to talk to the people.
One key theme of the conference was that of threat intelligence. Whether it was the continued theme of information sharing (which dominated my last visit in 2013) or the concept of boosting existing technology with open source feeds, there was plenty of talk of the concept.
From the opening day keynote, this year delivered by RSA Security President Amit Yoran taking over from the established Art Coviello, who said that we should harness “credible sources of threat intelligence and leverage it for increased speed so analysts can respond to increased threats” as part of his ways to improve security, to Jeh Johnson from the Department of Homeland of Security saying that its departments are there to “get better intelligence to help you” to a very good presentation by Mark Orlando, director of cyber operations at Foreground Security who said: “There is a lot more to intelligence than indictators.”
Orlando’s talk was the most direct on the topic that I saw, where he made the telling comment that “if you are paying $100,000s you dont want it acting like a souped up IDS.”
I chose Orlando’s talk as he was addressing the subject directly, and I had heard plenty about the concept in the preceding months and met some of the new vendors operating in the space. It also meant missing the talk by Dan Geer, but I did manage to catch talks by other security “rockstars” including Bruce Schneier, Chris Hoff, Art Gilliand and Andy Ellis.
One of the things which has always drawn me to RSA Conference was the level of political presentation, and one of the best was a joint presentation between the White House’s Michael Daniel and Natalie Black from the Cabinet Office, which demonstrated the special relationship between the USA and UK and its shared interests in cyber crime and security matters. There are some recent success stories between Governments in terms of botnet takedowns and operations, while in discussion on the US Government issuing sanctions against those convicted of cyber crime, Black said that from a “UK perspective we are following this closely” and was talking to the UN and EU and this was an area it continued to observe.
Speaking of collaboration, one of the factors that make people return to RSA Conference is the social scene and this year saw a number of vendors work together to bring a better quality of party. Sadly as one of the hard-working Brits it was a struggle to maintain the stamina to do a full day and night, but as I said at the start of this blog, RSA Conference remains a great standard for IT security events and with a return set for the UK in early June, I hope the organisers can keep this event moving forward as this year was one of the best I had attended.