A month from now, thousands of cyber security friends, colleagues, professionals, hackers, defenders, sellers, buyers, old timers, and newbies will descend on San Francisco for the 2013 RSA Conference. We will challenge one another about what has changed, create new topics and new words to describe the previously indefinable, scare the heck out of each another, and ask the same questions…often: “What’s changed in the last year? Is it better? Is it worse? Is it new?”
“Security in Knowledge” is an apt theme for this year’s RSA. It resonates with me, given my very strong opinions that no company can effectively manage cyber security alone, either people-wise or data- and information-wise. Can any organization analyze 13 billion web requests per day? 150 million endpoints? A daily deluge of 75 terabytes of incoming data? You can’t cope with that yourself. We need to move to crowd-sourcing security, creating security knowledge, and ultimately increasing effectiveness rather than watching the ship continue to take on water at intermittently slowed rates.
For those I know, I look forward to seeing you again. For those I’ve not met yet, I look forward to introductions. But let’s get back to framing the questions: “What’s changed in this last year? Is it better? Is it worse?” If you ask me, I’d say we now have national infrastructures under attack, and we now have asymmetric attacks where attackers neither care that they are seen, nor care if they are “caught,” because the consequences are meaningless. Is it better? Nope. Is it worse? Yup.
This has to change.