Search Results



Alas, poor Amit! I knew it, RSA 2016, a cybersecurity conference of infinite jest, of most excellent fancy.rsa-2016-wp

Here begins the week posturing, posing, raving, screeching, blathering, drinking, and high-performance irrational exuberance.  RSA Conference 2016 is about to start and this year promises to be just as loud, ludicrous, and lofty as last year.

The ludicrousness starts right from the beginning when you are handed your RSAC 2016 lanyard with Norse emblazoned upon it.  If you missed it, Norse is (was?) the premiere producer of cybersecurity eye-candy that imploded last month thanks to profoundly bad leadership.  This is what writers call foreshadowing.

The industry has grown desperate since last year.  There are too many hucksters pitching their answers to murky problems.  Norse’s implosion and ironic messaging on the RSA lanyard may be foreshadowing the beginning of the end.

Scanning the RSA agenda there is endless frothy, fear-inducing, hacker-obsessed nonsense. “Learn how hackers can take over the power grid!,” “The Ticking IoT Time Bomb,” and “Hackers are going to take your liver!” Cue the suspenseful music, cut to shrieking housewife clutching a screaming baby.  In the world of RSA, hackers can do anything, break everything, and we are all just one encrypted file away from Armaggeddon…or Cybergeddon where girls in tight clothing stop SQL injection attacks with…. guns?


The hacking presentations are way overemphasized at RSA.  It has got to the point of absolute lunacy.  How many “anatomy of an attack” style presentations does the world need?

Deepening my cynicism is the fact that there are no presentations on leadership at RSA.  Nothing on how to inspire people or develop employee engagement.  Leadership is sorely lacking in this industry.  The Norse implosion is a glaring example of that.  We desperately need leaders. However, RSA will have none of this.  Not when you can fill a dozen sessions with yet another hand-waving, blathering blowhard indignantly shaking his fists at the hacker scum.  “Look at these binary files!!! They’re double secret probation encrypted!”

However, it is not all bad.  It appears the industry may have finally broken its insane obsession with China as some looming dark force of evil that will take away your credit card, freedoms, and birthday.  The anti-China rhetoric was tired and dull.  Especially when we have looming dark forces of evil right here at home, working for our own government (or running for office.)

Moreover, there are some pretty cool new up-and-coming technologies this year.  I am eager to see identity-based security technologies take a more prominent place.  Also, I am very curious to see what Cisco has been up to.  They released a new NGFW this week and the preliminary news sounds very intriguing.

Moreover, the news on Apple standing up to the NSA and FBI is trending positively.  People are really lining up behind Apple on this one.  Kudos to Tim Cook for having the intestinal fortitude to stand by what you believe.  I respect that.

Amit Yoran gives the opening keynote again.  Its titled “The Sleeper Awakens” and yet again we are going to hear how the industry is failing.  Amit, here is why: we have weak leadership in security.  RSA refuses to acknowledge or even discuss this because you are too busy obsessing over the latest malware.  We do not need more appliances, compliance frameworks, and kill-chain analyzers – we need inspired, engaged, and dedicated people.  And I am sorry but there is no piece of software you or anybody can write that will make that happen.

Maybe my cynicism is misguided.  Last year was pretty refreshing.  I like Yoran.  I like the technology.  I like drive to get better.  Come on RSA, show us the goods.  Let RSA 2016 not be a tale told by an idiot, full of sound and fury, signifying nothing.