RSA Conference Adapts to Address Emerging Threats, Technologies

As the venerable security conference enters its 26th year, its scope has greatly expanded to address a new generation of threats such as ransomware.

Security Conference

A lot has changed since a small group of cryptographers gathered to form the first RSA Security conference (RSAC) back in 1991. This year more than 40,000 people are expected to attend in San Francisco when the conference kicks off with a day of seminars on Feb. 13 followed by keynotes and exhibits the rest of the week.

“The conference evolves every year,” Linda Gray Martin, general manager of RSAC, told eWEEK. She notes the Innovation Sandbox, where “next generation innovators” from startup companies show off their security products, has expanded and there are new sessions on diversity and cyber-safety for parents.

“There’s also a policy conversation and a focus on privacy that’s bigger than ever,” adds Britta Glade, senior content manager at RSAC. “Security used to be something bolted on as part of something the IT department handled, but now it’s everywhere. We have a seat at the boardroom table. Security practitioners are everywhere."

Attendees can expect a full range of smaller and new security firms to more established players. Digital Guardian, which specializes in data loss prevention solutions, has been exhibiting at RSA since 2006.

“I remember during the recession of 2008 we debated whether to do the show because interest seemed to be dipping,” Digital Guardian CEO Ken Levine told eWEEK.  “Now it’s unbelievable how it’s grown. It is the one must do gathering for security professionals.”

There is usually at least one or two topics that get the most buzz at the annual conference, whether it’s a highly-publicized security breach or Apple’s refusal to cooperate with FBI officials seeking to break the encryption in an iPhone used by a terrorist.

Levine thinks internet of things security will be a hot area this year as companies starting to experiment with IoT deployments want to be sure the devices and the networks that feed into them are secure.

While big companies rarely shift to new vendors for big ticket items like an Enterprise Resource Planning system, security is different. By some estimates, the typical enterprise supports over thirty distinct security products.

“Unlike other IT areas, there is less fear of multiple vendors or trying new stuff when it comes to security,” said Levine. “You can have an accounting system that does the job, but security isn’t foolproof. Digital Guardian protects the data, but companies also want prevention and that’s elusive.”

Ransomware Uses Data as a Weapon

Glade says Ransomware will also be a big topic of discussion with specific sessions to address it. “We had a lot of submissions across different broader topics where ransomware came into play,” she said. A specific ransomware seminar on Monday will look at the issue from both a technical and policy perspective.

Ransomware was a big topic of discussion during a webcast by the RSA advisory board ahead of the conference. One of those members, Dimitri Alperovitch, cofounder and CTO of Crowdstrike, has been warning of the dangers of ransomware for some time.

“I predicted ransomware, the idea of ‘data as a weapon’, would pick up last year at RSA, but I underestimated to what extent,” he said. “It’s become the new normal where criminal groups can blackmail and hold your data hostage or destroy your reputation.”

Another board member, Ed Skoudis, a SANs Institute Fellow, says ransomware started with the perpetrators going after individuals, but it’s become a much bigger problem. “We see it increasingly focused on enterprise targets by getting into backup systems and network sharing that lets it spread to other systems,” he said.

Where possible, organizations victimized by a ransomware attack should avoid paying, but in some cases it may be the only option to recover crucial data. “You may have a principle not to pay, but you may have to. Some practical advice is to have a plan in place as to who is going to pay,” said Skoudis.

“Remember that you are in a negotiation. It’s best to appear small and poor. Don’t let them know they’ve encrypted an entire data center. As far as they know, you are a single individual that needs to get the encryption key.”

Tanium, which offers endpoint security and management, decided not to exhibit at RSA, but is hosting events for customers at a nearby hotel. Still, Tanium’s chief security officer Ryan Kazanciyan, says the show is a bellwether for what’s coming next. “It’s impossible to walk away from RSA without a sense of where the security wind is blowing and trending,” he said.

He says enterprise customers he talks with are frustrated by the number of point solutions they have to manage. “The reality is most organizations are trying to reduce the number of one-off solutions to a smaller set of tools,” he said.

Whatever the item, many enterprise buyers at RSA won’t have the budget to invest in all the solutions of interest. Board member Wade Baker, founder of Cyentia Institute, suggests timing your purchases can help. “I’ve seen many cases it works better when you can combine an upgrade in technology and include security. I’m always a fan of simplification.

The RSA Conference runs from Feb. 13-17 in San Francisco.

David Needle

David Needle

Based in Silicon Valley, veteran technology reporter David Needle covers mobile, bi g data, and social media among other topics. He was formerly News Editor at Infoworld, Editor of Computer Currents...