The RSA Conference infosec event just occurred. We weren’t able to go but did spend some time scouring the web for some interesting take-aways. Some of the key points included tidbits from the speakers, vendors, and attendees.
On the speaker front, Department of Homeland Security Secretary Michael Chertoff gave the keynote address in which he stressed a major focus on enhancing cybersecurity for the upcoming year. Microsoft’s Craig Mundie had a “fireside chat” with an interviewer about end-to-end trust and announced a public beta of their Forefront “Stirling” product line. Even Al Gore got into the act … this time discussing further research that global warming is real and the role of technologies in addressing the climate crisis. Although, Gore did not allow press because of other contract obligations. This decision perplexed many attendees since Gore didn’t seem to present anything new. Overall, many referred to the keynotes and other major talks as non-event marketing presentations compared to other more technical talks.
In previous years the conference always seemed to have a theme as to the types of vendors that attended … This year that did not happen. If anything, vendors did seem focused somewhat on Data Loss Protection (DLP). Specifically, encryption vendors are growing because of recent high-profile data breaches, PCI mania, and laptop-theft paranoia. The products aren’t offering anything new but just simplifying the user interface/use. Additionally, the security market seems to be tipping from small point solutions from small companies toward large integrated solutions from large corporations.
Once you get past all the speakers and vendors, you are left with attendee discussions. Everyone seemed to be thoroughly confused with the myriad of regulations that must be adhered to as well as how to properly address PCI. Additionally, there was a lot of talk about tightening security budgets due to the current economic slump.
Overall if you can handle the crowds of around 17,000 people, RSA should definitely be on your short list for next year. For those that couldn’t attend but are interested in any of the talks, the conference organizers have posted the audio of all sessions on their web site. For more information on the RSA Conference, see its description in our Infosec Conferences section.