Search Results



When you step back and observe chaos, it can be quite beautiful.  It is why disaster movies exist.  Without destruction, there is no rebirth. Chaos is a source of ingenuity, renewal, and second chances. RSA amidst San Francisco is the embodiment of this chaos: beautiful, smelly, broken, hysterical chaos.

How Did This Happen?

Tonight, I was walking back to my hotel and saw a young man slumped over on the sidewalk drooling. His placid, hopeless face became burned into my memory. What sequence of events led him to that spot on the sidewalk? What sadness, misery, or fear consumed him? If this was his answer, did it give him peace?

The writer Violet Blue wrote this week how all of us come here one a year on our employer’s dime shopping for the next employer. We step over the addict on the street, to strut into an expo hall where people in skinny jeans relentlessly pitch us hysterics. It is beautiful, sickening chaos.

RSA is imploding, both the company and the conference. You can see decay everywhere: the desperate sales people, the repetition of tired clichés, the persistent obsession with hysterical fear.  However, this chaos is not for a lack of control. Quite the contrary, this chaos is intentional and manufactured.  Chaos is being weaponized to destabilize, distract, and delude us into believing fake news, abandon truth, open our wallets, and ignore the dead kid on the street.  This is chaos of control.

And while we gaze into this menagerie of hysteria, the truly innovative and intelligent people are shoved aside and told they are the ones out of touch.  I still believe En|Veil was robbed of their Sandbox win. Ellison Anne Williams was a profoundly better presenter. However, our world is terrified of genuine intelligence. We just want to hear those same tired platitudes that keep us amped on synthetic outrage.

So with those contrasting images of a brilliant woman on stage and a dead young man in the street, we stumble our way into Moscone West. Give it to me, RSA.

Keynote Dr. Zulfikar Ramzan, Planning for Chaos

Last year, RSA’s former CEO Amit Yoran gave a keynote dripping with innuendo and subversion. It was obvious that Amit wanted Dell to stay back.

Amit lost. Now RSA is devoid of a CEO.

So, we get the CTO for RSA, Dr. Zulfikar Ramzan. Ramzan gave a thoughtful, respectful, and obedient keynote under the watchful eye of Michel Dell. The symbolism here could not be any clearer. There is a new guy in town.  Dell.  And Dell is stacking the deck to ensure their version of reality occupies our attention.

Ramzan’s keynote was notable for its lack of controversy.  Ramzan laid out the basics of RSAs new “business driven” whatever.  Another one of RSA’s attempts to force relevance into the market. Last year it was some other buzzword bingo concept.

Ramzan’s words never quite rose to the occasion.  His content was competent, but flat. His delivery was precise, but peppered with forced authenticity.  I do not doubt that he is an intelligent and accomplished scientist. However, I felt like his real intelligence was being set aside for more banal platitudes.  He wanted to be smart, but the puppet master behind the scenes was scowling.  I did not walk away from his keynote with inspiration. I walked away wondering why this conference still has RSA’s name on it.  It is clearly the Dell conference now.

However, Ramzan did have some moments of genuine feeling as he thanked his mentors.  That was pleasant and demonstrated that even under the gaze of his leaders, he can still be human.

Brad Smith, Microsoft

Next up was Brad Smith, a lawyer from Microsoft.  You want some hysteria, Brad has all kinds: Nation-state hysteria, the Sony-hack hysteria, the Russian hysteria, Windows 10 hysteria.  All I heard Brad say is “we need to….” a thousand times over. The message is repetitive to the point of incredulousness: RSAC 2012: we are losing; RSAC 2013: we are losing; RSAC 2014: we are losing; RSAC 2015: we are losing; RSAC 2016: we are losing; RSAC 2017: ugh

I get it, we are losing. How about you DO something, Brad. Sheesh.  Brad gives the same basic presentation every year at RSA. Sad.

Chris Young, McAfee

Honestly, I usually skip Young’s presentation.  In the past, he focused a lot on himself, which is uninspiring.  However, this year I stuck around. McAfee is spinning out from Intel soon and Young will be the new CEO.  I was curious to see if this had any impact on him.

Young’s presentation was a solid discussion of the state of the industry. He was succinct about the issues.  His video of kids explaining security issues was emotionally manipulative, but it worked.  His demo of the Mirai botnet infecting a honeypot DVR was engaging. The sports analogies fall flat on me, but they were not overly distracting.

However, after all the talk of pragmatism, Young revealed McAfee’s OpenDXL (which sounds like a big and tall men’s store.)  OpenDXL  is an open source threat intel sharing tool, or a new size of football jerseys. Regardles, it was the wrong direction.  No, Chris, the average IT security operator does not need another tool to fiddle with. They need to patch their damn servers.


It was still a good presentation overall.

Cryptographer’s Panel

This is a perennial event at RSA.  Its nerdy talk. Perhaps the most notable aspect of this presentation was the debate over the Russian hacking of the election. Clearly this group believes Russia was behind a coordinated hacking effort.

Plenty of giggles were had when the concept of Trumpcryption was proposed.  A method that encrypts information, but then simultaneously puts out fake information to distract you. Ha ha, its funny because it is true.

Michael McCaul, The War in Cyberspace: Why We Are Losing—and How to Fight Back

Typically, when a government official speaks on matters of cybersecurity, it is a cringe worthy experience.  McCaul started off with some pretty strong language about inclusivity. I had to double-check the party identification letter that follows his name. Okay, we got an independent thinker here, I can dig that.

Then McCaul said emphatically, that Russia hacked us and influenced the election. Guess you are not planning on a reelection, Mike. Okay, keep going man.

Then came the slow descent into fear: terror, terror, horror, terrible, awful, bad, ISIS. This culminated in the phrase “digital atomic bomb.”  You know if you are going to use a strained fear analogy, then at least use a modern one like “digital thermonuclear bomb” or maybe something more Star Trek-y like “digital anti-matter bomb.” Alas, I digress.

McCaul’s presentation was not terrible. It was surprising in how inclusive and intelligent it was. However, it was pandering.  While McCaul was saying inclusive and intelligent things, they were intermixed with unrelenting fear mongering over scary foreign people who want to pork our precious way of life.


The Chaos Expo


After lunch, I walked the expo floor. Behold RSA in all its noisy chaos.

  • RSA has the holographic challenge where you can interact with virtual alerts in a virtual SOC. In other words, a work simulator.   Eh, no. I will stick with the real thing.
  • McAfee has transformed into a giant red spider. I think the kids in Stranger Things are fighting this in season 2.
  • Wait, how did I miss the Symantec booth? It was yellow, right?
  • Qualys had a history of the Internet presentation going. Seriously? Would somebody please buy them and put us out of their misery.
  • At Palo Alto Networks, the sky is falling. Their booth has all these cubes tumbling from the ceiling. As a company that typically has a surgical approach to marketing, this was more like a rusty saw.
  • Fortinet had a magic show, pointed right at the PAN booth. Nothing up my ASIC, presto, we just made our market share disappear. Oh, I kid Fortinet, I love their products, every other point release.
  • HP Enterprise asks the age old question, can you draw a green box?
  • Just then a guy walked by us wearing a shirt that said “I don’t have purchasing authority.” Dude, the man bun gave it away. The T-shirt was unnecessary.
  • ForcePoint is weaponizing the color green. They manage to keep themselves relevant.
  • Whoa, there are a thousand people in the IBM Since when did IBM get interesting? Did they hook Watson up to Reddit AMA again?
  • Ciphercloud has a nice, cloudy background. They do cloud. Cloudy cloudiness. So very cloud. Clouds. Mmmm, clouds.
  • A the giant Sophos booth, all the employees were talking to themselves and not to the attendees. You bought Invincea, guys. It is cool, but not that cool
  • Waratek, winner of the 2015 Sandbox, had the CEO was manning the booth.  Dude, I have been there. Delegate, man.
  • FireEye proclaims they can keep your business operating 100% of the time. Wow, so you have solved the problem of sick employees too. I am sure that will make their stock…plummet.
  • Morphick, has a busy booth. What is going on there?
  • Dedrone sells an aerial drone intrusion detection system, because, of course we need a drone intrusion detection system. Cool stuff.
  • However, my most favorite booth of them all was Tinfoil ( First, the tinfoil hats were spot on gimmickry. Second, they had the intern doing the pitch, and this guy nailed it. I understood their product (realtime code scanner) in seconds. He did not blather around it, just said what it was and what it did and why it was cool. Also, they had a woman in the booth with the title of Software Sorceress. I want to work there with titles like that. Somebody get this company a bag of money. This is the company that should have been in the innovation sandbox over that meandering Contrast Security.  Tinfoil is a company is going places.  I love discovering gems like this at RSA.
  • Protectwise sells some of the best eyecandy consoles you can buy. What they do? Something cybery and threat intelligency. Whatever, would you look at that console!
  • CheckPoint has slathered their booth with a sickly, Pepto-bismol pink. This is to remind you of all your ulcers from calling CheckPoint technical support.
  • Cylance had two booths. The first booth was merely to burn off excess cash. The second booth was dark, forboding, and, shut up and take my money.
  • Sentinel One had a great booth. Loved the style, the blue colors, and the messaging. I saw their CEO speak at AGC conference, and he was full of zingers. This company is one to watch.
  • Nytron proclaims that paranoia stops unknown unknown threats. Whatever Rumsfield.
  • Endgame does it all. Buy their product and you are done. Everything is secure forever. Sweet. Well, I guess that means we are all out jobs now.
  • Anomli is giving away a lawsuit…er I mean a motorcycle.
  • Bromium is committed to being cringe worthy. Seriously, a Breaking Bad themed booth? I liked the show as much as the next guy, but it went off the air four years ago.  Which is probably about when Bromium should have gone away as well.  You know when I think of virtualized security, I think methamphetamine.
  • Rapid7 is promoting their party over their product. Maybe the party is their product now. Hey, another man-bun sighting.
  • Bay Dynamics has risk fabric you can stretch over your risk butt.
  • Speaking of butts, what happened to ThreatButt?

Embrace the Chaos

When we stand back to take in the spectacle that is RSA, it is so easy to fall into the pit of snark and sarcasm.  Well, for me it is.  Chaos is not entirely a bad thing. All things arise from chaos. It is the natural state of our universe. We try so hard to force control on everything, maybe Ramzan is right. We need to embrace chaos.

But, chaos with Michael Dell hovering over us is something else.  It is not a source of potential, it is a source of distraction.

I titled this blog entry Weponizing Chaos because chaos is being repurposed from a source of innovative potential, to a tool of control. There is a trend right now to force chaos upon populations to destabilize norms and herd people into reactionary positions.  When you are lost at sea, even a harbor full of monsters sounds appealing.

Technology vendors, especially big hardware ones like Dell, are losing their relevance as the cloud grows.  Why buy Dell stuff when you can put it at AWS? As such, Dell is distracting us with chaos.  Stir everything up, cast doubt about long-held values, and people rush back to what is comforting, like racks filled with Dell equipment.

This trend is worrisome.  However, I am not giving up on RSA quite yet. We still have three more days. A lot can change in three days.

However, I am still haunted with the image of that kid on the sidewalk. This chaos consumed him. His story ended.  Are we headed for his fate?