SAN FRANCISCO—Art Coviello, executive vice president of EMC and executive chairman of RSA, the security division of EMC, kicked off the RSA Conference 2014 here today with a keynote address about the state of U.S. government snooping, privacy and cyber-warfare.
The RSA Conference has been shrouded in controversy from the outset over the allegation that RSA Security worked with the National Security Agency (NSA) to undermine cryptography security. It's an allegation that ended up spinning out an alternate conference called TrustyCon.
Rather than shy away from the controversy, Coviello tackled it head on. Twenty years ago, he noted, RSA was leading the charge for privacy and now is being accused of being on the other side of the battle, enabling the government to snoop on individuals.
"Has RSA done work with the NSA? Yes, but that fact has been a matter of public record for a decade," Coviello said.
Coviello stressed that the NSA is not a monolithic agency; instead, it has multiple divisions, one of which is the Information Assurance Directorate (IAD), which is the area with which RSA works. The IAD does not have an offensive role as its goal is to defend information, he said.
"If the NSA exploits a tradition of trust within the security community, that's a problem," he said.
Since the NSA has ongoing information-gathering activities that are not purely defensive in nature, Coviello suggests that the IAD be spun out and managed by an organization that perhaps does not have any roles for playing offense.
"Much of the great work of the IAD is getting lost in the feeding frenzy around this controversy," Coviello said. "It's sad, and it is dangerous for the country."
Having separation between the offensive and defensive operations of the NSA would help rebuild trust, in Coviello's view. Fundamentally, he wants more defense and less offense.
"All governments and intelligence agencies need to have a governance model that allows them to do more to defend us and less to offend us," he said.
To that end, Coviello outlined a number of principles that he'd like to see all nations to adopt. At the top of his list, he wants all nations to renounce the use of cyber-weapons. He also wants all nations to ensure that economic activity on the Internet can proceed unfettered. Finally, all nations should respect and ensure the privacy of all individuals.
"The rule of law must rule," Coviello said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.