Cyber war dominates the landscape at RSA conference
Cyber Command's challenge, wikiwars make online conflicts the hot topic
SAN FRANCISCO — Cyber war has emerged as the hot topic at annual RSA Security Conference being held this week.
It has not pushed out other topics such as cryptography, data security and hacker threats, but with the establishment of the U.S. Cyber Command and the international impact of WikiLeaks, the new domain in warfare is a theme through much of the program, said RSA Program Committee Chairman Hugh Thompson.
“Every year you have a couple of big things that bubble to the top,” said Thompson, who also is chief security strategist for People Security. “For the last few years it has been cloud security.”
Cloud security is still a big topic, and for the first time this year has its own session track. But cloud session topics this year tend to focus on operational issues, which is a sign of the subject’s emerging maturity. When it comes to potential threats, cyber war is front and center.
Cyberattacks on infrastructure are the ‘new normal’
Cyber Command still struggling to define cyber war
“This year, more than any other year in the past, it is cyber warfare” getting attention, he said. “There has been so much use, almost abuse, of the term in the press,” yet the term is not yet clearly understood. Issues being addressed by speakers and in discussions include defining cyber war and determining how and if it has been waged to date.
This year marks the 20th anniversary of the RSA event, which began as a purely technical cryptography conference and has evolved into a broader forum that includes issues of policy and governance as well as technology.
“The conference has become a place where people discuss security in whatever form it takes,” Thompson said.
That shift, along with the conference’s reputation as one of the premier security venues, has attracted high-level government officials as speakers. Last year, Homeland Security Secretary Janet Napolitano used it to announce a national plan to enhance national cybersecurity education. This year, Deputy Defense Secretary William Lynn III is presenting an opening-day keynote on the Pentagon’s cyber strategy.
A second high-profile discussion is scheduled for Wednesday on the challenges presented by cyber war, which will include former DHS Secretary Michael Chertoff, along with security expert Bruce Schneier; James Lewis, director of the Center for Strategic and International Studies; and Mike McConnell, executive vice president at Booz Allen Hamilton.
Closely aligned with the subject of cyber war is the issue of WikiLeaks, whose online exposure of classified data has been condemned as a national security threat by the United States and has spurred online guerrilla warfare of its own. Both supporters and opponents of WikiLeaks have conducted their own “wikiwars” in the form of denial-of-service attacks against organizations that opposed or supported WikiLeaks.
“A lot of speakers are incorporating WikiLeaks into their sessions,” Thompson said, and there is one dedicated panel discussion on the issue.
Issues being covered in this year’s new cloud security track include vendor service-level Agreements, security architecture in the cloud, cloud security governance, issues in migrating to the cloud, cloud security risks and case studies, and security architecture in the cloud. This track also includes sessions on the security aspects of virtualization, such as deployment models, virtual machine integrity and virtualization security architecture.
Also new this year is a track on technology infrastructure, which focuses on the core elements of security architecture. It will cover network, wireless and endpoint security, intrusion detection and prevention systems, and physical security. Many of the sessions in this track are highly technical and will provide deep dives into the subject matter.