Arriving on the heels of an executive order to improve cybersecurity in the U.S., and a new trade-secret protection policy designed to leverage diplomacy to deter state actors from attacking U.S. companies, the RSA 2013 Conference starts the week of Feb. 25 in San Francisco.
The conference, one of the biggest annual gatherings of cybersecurity professionals, takes advantage of its location next to Silicon Valley by featuring numerous small companies looking to get a foothold in the growing corporate and federal markets.
But while governmental action that encourages companies to invest in cybersecurity is shaping the marketplace, its recent revelations about attacks from China along with the increased frequency of company’s disclosing intrusions that’s shaping a more honest discussion about cybersecurity.
“You’re seeing more and more companies actually come forward and say that they were hacked,” said Mark Seward senior director security compliance at Splunk. “There’s still a lot of worry, I know attorneys get involved saying that we don’t want to talk about that. Yet there seems to be folks that are responding that way.”
One of the central themes that pervades RSA every year is discussion of new vulnerabilities, as experts share their research and discuss possible solutions. This year, attendees are expecting an emphasis on the vulnerability of mobile devices.
“I think you will also see a huge uptick in discussions surrounding mobile security platforms and attacking mobile networks,” said Pat McGarry, principal systems engineer at Ixia.
Other themes that experts are expecting to dominate: securing the cloud, and solutions for handling massive amounts of data.
While China remains the focus of the security community’s focus, other countries aren’t completely innocent either.
“There’s plenty of evidence that there are a lot of attacks coming from the Chinese, and they’re particularly interested in intellectual property,” Seward said. “But a lot of the financial schemes are coming from Russia. A lot of Denial of Services attacks are coming from Iran. So just looking at China and putting them in a separate category misses the larger picture.”
Whether critical infrastructure will be better protected from other nation states given recent governmental action will also be discussed, but it’s questions about how to manage in the current security environment that will likely rule the day. And RSA will serve as an opportunity to catch glimpses of some of the newest solutions designed to combat the biggest cybersecurity problems.