RSA 2012 Pre-show Musings – Can Our Data Really Be Protected?


A headline in a post on the New York Times technology blog Bits said it all – “Even Big Companies Cannot Protect Their Data.” The story was about a user who had been the victim of 3 cyber attacks in January.  Two of the attacks were against two retailers owned by Amazon (Zappos and 6PM) and the 3rd at eBay. In the case of Zappos, the data that might have been exposed included customer names, encrypted passwords, phone numbers, e-mail addresses and the last 4 digits of credit card numbers. The users comment: “You would think companies like eBay and Amazon have the financial backing and wherewithal to take the proper security measures.”

If fact, 2011 was a pretty bad year for cyber security news.  Huge thefts at Sony, RSA and Epsilon started off the year.  Other newsy hacks include blogging platform WordPress, the IEEE website, Citigroup, TripAdvisor, PBS, Nintendo and the Pentagon’s official credit union.

If you will pardon the pun, people are hacked off!  And they are investing more-and-more in cyber security products. PricewaterhouseCoopers put the size of the market in excess of $60 billion and growing at least 10% per year.

Security is definitely a moving target, and it is very important to stay on top of the latest thinking in this critical technology.  That’s why this year’s RSA Conference 2012 is expected to be the biggest ever. Held in San Francisco’s Moscone Center from February 27 to March 2, this highly educational conference will focus on topics such as Application Security, Cloud Security, Cryptography, Data Security, Governance, Hackers and Threats, and Security Trends.

The very trends of cloud, mobile and social computing driving the industry today are also complicating the security world. Sessions as this year’s conference will address the rise of ‘hactivism’ (hacking as a form of protest) and the trend toward very advanced, highly targeted attacks.  Other sessions will address how companies are managing the increasing use of employee-owned devices and mobile security.

Of particular interest are the sessions of how we make decisions.  Many of the high-profile hacks this year actually started with someone clicking on the wrong thing or installing a piece of malware downloaded from what they thought was a secure source.  The keynotes by David Brooks on The Social Animal and Herbert Thompson on People Security should be particularly interesting.

Incorporating security technology into the mobile infrastructure and enterprise networking equipment is critical to keeping our networks and data safe.