Last week, RSA held its annual conference out in San Francisco, CA. The conference brought together cyber experts from around the world, along with notable speakers like DHS Secretary Janet Napolitano, FBI Director Robert Mueller and Howard Schmidt, the White House Cybersecurity Coordinator.
The topics discussed range from cloud computing to botnets to the need for public-private partnerships. Concerns over cyber crime and cyber espionage dominated the agenda while privacy issues also featured prominently.
One of the topics featured in the privacy debate was the issue of Einstein III, a proactive cyber defense program that DHS is seeking to implement.
“I don’t think you have to be Big Brother in order to provide a level of protection either for federal government systems or otherwise,” Greg Schaffer, assistant secretary for cybersecurity and communications, said. “As a practical matter, you’re looking at data that’s relevant to malicious activity, and that’s the data that you’re focused on. It’s not necessary to go into a space where someone will say you’re acting like Big Brother. It can be done without crossing over into a space that’s problematic from a privacy perspective.”
During one session, former DHS Secretary Michael Chertoff and Richard Clarke, former special adviser to President George W. Bush on cybersecurity, discussed the need to overhaul the current U.S. cybersecurity system.
“They’re stealing anything that’s worth stealing,” said Clarke, now chairman of Good Harbor Consulting. “All the little cyber devices that the companies here sell have been unable to stop that…We’re having little Pearl Harbors every day.”
Chertoff advocated for better education to produce more cyber aware citizens. “When we structure our security, we have to take into account how people behave,” he said.
The headline speakers produced some of the biggest splashes, with Secretary Napolitano announcing the beginning of a competition to develop a cybersecurity education plan for the U.S. and Schmidt announced the declassification of the Comprehensive National Cybersecurity Initiative (CNCI).
Mischel Kwon, former head of US-CERT, said “[I] heard Howard Schmidt and his announcement about the declassification of the CNCI which is very exciting information for everyone. It goes, coincidentally, very well with the Google announcement of what’s happening to them. It’s so good to see both sides of the fence opening up and sharing information. Because that’s so important, it’s not just the government, its also private sector being able to share what’s happening to them without affecting their reputation.”
During his address FBI Director Mueller said that the FBI views the threat from cyber terrorism as “real and expanding.”
Melissa Hathaway, who led the 60 Day Cyberspace Policy Review back in May 2009, also spoke about the need to “tell a simple story,” increase innovation and achieve broader public-private participation.
The RSA Conference always provides a useful venue for cybersecurity information and discussion. Many of the world leaders in cybersecurity attend the conference and it always features influential speakers.