Live! RSA Conference 2009 - Day 2 (Update)by Steve Ragan - Apr 21 2009, 20:56
Welcome to day two of the RSA Conference 2009. For the second consecutive year, The Tech Herald will be bringing you daily coverage of the latest security trends and news, live from the conference floor.
Held a meeting with ISC(2) this morning. It has launched a new teaching and awareness training initiative aimed at kids. This is going to be huge, not least because the goals of the initiative are to teach children -- middle school and slightly younger -- about responsible use of information and technology. They will be covering topics such as cyber bullying, sexting, social networking and information disclosure.
While the initial results of the trial program in the U.S. are strong, the program has already proven itself to be a huge success in the U.K.
The keynote from Lieutenant General Alexander, Director of the NSA, had some interesting moments. Overall the address mostly explained what the NSA is and set the record straight on the matter of national cybersecurity.
"We do not want to run the security for the U.S.," said Alexander, pointing out that the NSA would take a more technical support role in the future, once the issue of cybersecurity has been addressed.
The idea is that there's one team, not one or the other, when it comes to managing national security. At one point he said that if the NSA or DHS managed national cybersecurity alone, everyone would lose. That’s a pointed statement, and one that almost comes off as wishful thinking when you consider where the public sector and politics come into play.
Augmenting the support role, Alexander also said he would want to harness the collective brain power at the NSA to help address issues and develop policy and methods used in security.
As an idea of what’s out there now, with regard to threats that would need protected against or completely removed, he pointed to data that said there are 210 billion e-mails per day, or two million per second.
By 2015, the number of Internet hosts is expected to exceed human population (approx. six billion). And, of those hosts, 4,000 will be terroristic in nature. Militants have already started using the Internet to communicate, so according to the keynote slides this is expected to continue and grow. Another interesting figure revealed by the slides showed there are 32,000 suspected cyber attacks each day.
While the keynote was not what most expected, it did shed light on the NSA's present stance. Melissa Hathaway, who will speak at RSA tomorrow, was praised by the Lieutenant General when he said she has done a phenomenal job in her role so far.
The crowd is starting to pick up, including a protest on firewalls (marketing from Palo Alto, one of the vendors here at the show) taking place outside the conference.
Enrique Salem, Symantec's CEO, held an interesting keynote this morning. Unlike his predecessor, John Thompson, Salem came straight to the point when talking about the changes in the security industry and what it was that businesses and security managers needed to do to adapt and address these changes.
“The current security model isn’t working,” Salem said.
He proposed a new way for working with security that's risk-based, information centric, responsive, and work-flow driven. We’ll cover this in more detail after the conference, but Salem’s point is that we need to better define the risks that we face on a case-by-case basis. As no two threat models are the same, we must define the information within the business and know what it is, where it is, and what risk it poses or could pose. We must then plan the response to any risk or threats to the business (malicious attacks, data loss, etc.), and develop a workflow of automated processes that streamlines the response and makes it faster.
Want regular updates from The Tech Herald? Follow us on Twitter.
Interested in a more interactive TTH? Join us on our Facebook Group.
The Tech Herald: Live! RSA Conference 2009 - Day 1