For more than two hours this morning, a parade of speakers at the RSA Security Conference in San Francisco quoted John Kennedy, James Madison, and Albert Einstein, in between references to Nelson Mandela, Henry David Thoreau and Tibetan protesters for inspiration. If you work in today’s cybersecurity industry, the NSA and Edward Snowden will do that to you.
Today’s opening sessions at this year’s major confab for the computer security world were dominated by the ongoing leaks of information surrounding the theft of files from the National Security Agency by Snowden and subsequent disclosure of highly secretive data collection programs by the agency. And the backwash from the revelations even affected the conference leader, RSA.
Speaking at the opening keynote, RSA’s Executive Chairman Art Coviello felt compelled to address the embarrassing allegations that his firm sold weakened encryption products through secret contracts with the NSA for $10 million. “Has RSA done work with NSA? Yes,” said Coviello. He went on to rebut secrecy charges by saying that their work with the agency had been “public record for nearly a decade.”
Coviello also used the opportunity to call for industry and government wide adoption of a set of principles. These include renouncing the use of cyberweapons for waging war, global cooperation for arresting cybercriminals, freedom for economic activity on the Internet, and ensuring privacy. “These principles are in the interest of all nations and all humanity,” Coviello told attendees.
Another keynote speaker – Nawaf Bitar of Juniper Networks – seized the occasion to deliver pointed remarks about what he termed “first world outrage,” the seemingly petty and trivial concern expressed by many over items that pale in significance to what he believes are the more important issues of the day. “Liking a cause on Facebook is not outrage,” said Bitar.
Juniper’s executive called for more attention to protecting the privacy of information that people care about, while warning that failure to address increasingly sophisticated attacks on computer security could have catastrophic consequences. “What will happen when one of those attacks jumps the firewall and real people die?” asked Bitar.
The Snowden revelations took center stage again in the afternoon when two of the nation’s former counterterrorism chiefs appeared for a panel discussion moderated by James Lewis, previously a high level government official with the Departments of State and Commerce. In a lively dialogue, Richard Clarke and General Michael Hayden talked candidly about the challenges of collecting what’s needed and what’s not to keep Americans safe.
There were some interesting nuggets of information that the two national security heavyweights dropped during the course of the discussion, much of it around the subject of spying between nations. Clarke, who served in four administrations as a top counter-terrorism security advisor and a member of the special commission charged by President Obama with making post-NSA recommendations for change, was honest about the level of inter-nation eavesdropping today. “There is value in listening to a foreign leader,” said Clarke. “Every time the President picks up his Blackberry, the French are trying to get on it.”
Hayden, who is the former director of the NSA and CIA, felt that a recent disclosure about the NSA’s tapping of cellphone conversations by German Chancellor Angela Merkel would not have been a surprise within the U.S. foreign affairs community. “It would never have happened without the knowledge of the senior U.S. diplomat in Germany,” said Hayden.
Both men expressed concern about the lines that the NSA had crossed without the checks and balances that were put in place originally to prevent that. “We don’t have a police surveillance state, but the technology is there for that to happen,” warned Clarke. “Once you give up your civil liberties you may never get them back.”
There is a clear feeling at this year’s RSA conference, which will likely report a record number of attendees and exhibitors, that the security world has changed dramatically since the last gathering. This has led to scenes like one on the exhibit floor itself where the NSA has a large, prominent booth and a few aisles away, at another exhibitor’s space, you can get your picture taken by a man named Ed Snowden, with the drivers’ license to prove it. As Juniper’s Bitar put it earlier today, “We do indeed live in interesting times.”