Speaking of Security – The RSA Blog and Podcast

I like Star Trek. I’ve always wanted to be Captain Kirk (had to pick one…Picard is great too) sitting in that chair on the bridge of the Enterprise with seemingly endless resources at my disposal with a mission to protect the universe. I’m not giving up, but that’s probably not going to happen. However, I do get a bit of the same thrill as I have the opportunity to work in the Critical Incident Response Center lab we have set up at RSA for research and demonstration purposes.

In the “The Game of Cybersecurity”, I suggested that we as security professionals should be doing more to take advantage of game theory for the insights it can provide into the threats that we face and into effective strategies for cyber defense. As it turns out, there were a several presentations at RSA Conference Europe 2012 [...]

As I mentioned in an earlier blog, among the sessions on big data at RSA Conference China was Samir Saklikar’s presentation on Embedding Security and Trust Primitives in Map Reduce. Samir is in the RSA Office of the CTO and has been focused on big data security for more than a year, exploring the security and privacy issues for big data, the application of current security technology to those security requirements and the definition of new capabilities that would provide significant benefits in addressing those issues.

There’s been quite a lot of discussion recently about applying big data to improving security.  My colleagues Rashmi Knowles and Barrett Mononen have written a couple of blogs about it.  Our RSA/Netwitness CSO Eddie Schwartz spoke about it at RSA Conference China and the Splunk IPO in April certainly created lots of buzz around big [...]

As I mentioned in my last blog, one of the sessions I gave recently at RSA Conference China was a discussion of “Keys and Clouds”, exploring various models for key management and encryption in the cloud. It’s a topic that comes up often in my meetings with customers about private, public and hybrid cloud strategy. [...]

I was at the RSA Conference in Chengdu, China last week, giving a couple of sessions on “Keys and Clouds” and “The Pillar of Trust: where Big Data meets Security”, the latter jointly with my colleague and fellow blogger Branden Williams. I’ll be writing (and speaking) more about both these topics, but there was another [...]

Over the weekend, three stories crossed my desk that got me thinking about the challenge that Art Coviello issued to the security industry in his RSA Conference 2012 keynote: to forge a  “collective resolve” to stand together against “a host of adversaries who threaten our very trust in the world’s digital economy”. The first of [...]

There was lots of buzz about big data at RSA Conference, especially in terms of the essential role that big data analytics increasingly plays in detecting data exfiltration and other security issues. Using big data for security is clearly a significant opportunity. But the security and privacy of big data is equally important and yet got much less attention. These concerns did come up in the Tuesday afternoon panel on big data, during which Rick Mogull of Securosis articulated the distinction between securing big data and using big data for security. But for me the most striking insight about the security and privacy issues for big data was in the discussion that Hugh Thompson and Dan Gardener had during the Friday afternoon “Hugh Thompson Show”.

Hear from RSA Chief Technology Officer Bret Hartman about his view of APTs and the year-long research he’s been involved with to develop technologies designed to detect and mitigate APT-like attacks.

This video has been reposted from RSA Conference 2011.

“It is perfectly sound and usable into the future.”

Part of the “Giants Among Us” series in celebration of RSA Conference’s 20th anniversary.