The annual RSA Conference in San Francisco is a great event for meeting and greeting, A record of some 20,000 visitors was claimed to have attended the latest conference during the last week of February, 2012. Visitors have an opportunity to see and touch the latest vendor creations in one place over a short period of time, which is a really beneficial aspect of the RSA Conference.
There are usually some really innovative security tools hidden among the hoopla of the huge exhibition hall. But how much progress is really being made in practice? If you read the reports about the high-roller presentations, you come away with the impression that the hackers are winning and the defenders aren’t even catching up … they are falling further behind.
A March 2, 2012 report supporting this view of defenders falling behind is that by Joseph Menn in his MSNBC article “Hackers are winning security war, executives say” which you can read at http://www.msnbc.msn.com/id/46607381/ns/technology_and_science-innovation/# In his article, of which the subtitle is “RSA Conference told ‘it’s pretty discouraging’ as new tech brings more risks than answers,” Menn reports on speeches by senior executives of major cyber security companies, namely, Art Coviello, executive chairman of the RSA division of EMC, James Bidzos, CEO of Verisign, Enrique Salem, CEO of Symantec, who all admitted that their companies had been compromised, which we knew anyway from the popular press, and Coviello was reported to have made the excuse that the foe is formidable. I quoted Coviello in my June 7, 2011 column “Take Heed of Lockheed” at http://www.bloginfosec.com/2011/06/07/take-heed-of-lockheed%e2%80%99s-plight-update-as-of-672011/print/ as propounding the common executive position that “the attackers [are] really smart and their exploits [are] highly sophisticated,” believing that such an admission will somehow vindicate them.