Looking at the main keynotes, the main underlying theme seems to have been one of connectedness and an ever changing threat landscape Is this connectivity good or bad? Social networking and BYOD obviously play a part in the that changing landscape, but also the internal supply chain interconnectedness has changed rapidly too, causing issues around things like federation, cross pollution of data and access.
Arthur Coveillo (EVP at RSA) delivered a pretty standard talk focusing on trust in an inter-connected world. Phrasing Mick Jagger with you "can't always get what you want", he commented that while the internet is trust worthy 'enough', it is natural to see increased attacks on resources and services that become more popular. Information is the digital currency in 2012 and the internet is the bed rock for all we do. From shopping and health care, to food ordering and professional services, the internet has a hand in it all. A key mention again, was the concept of 'intelligence', by focusing on layered horizontal security solutions as opposed to silo'd point fixes.
Enrique Salem (CEO Symantec) performed a well commented and interesting talk on the 'digital native'. The 'digital native' can generally be described as being born in the late 80's / early 90's (generation Z) and is known for digital multitasking, or to phrase Salem, running with 'continuous partial attention'. The focus on being always connected is not new, but the native doesn't generally see themselves as being 'connected' to anything at all. Instead, the internet is omnipresent with all devices, services and information flow being continually on, with the consumer in the centre. Not being connected is akin to someone losing their wallet or house keys, rendering them useless and unable to contribute. A big danger point is the blurring between the work and non-work landscape. This seemingly not only applies to things like data, email and the like, but also the digital native's own personal identity, which is perhaps more subtle and dangerous.
Christopher Young (SVP Cisco) delivered a pretty textbook view with network security the key to all threat management. An unsurprising talk, he argued that corporate security policy doesn't map to the real world demand for information and services resulting in a much too restrictive work environment. These restrictions to work life, often lead to security breaches, as employees look to more direct and efficient ways to manage and access information in order to perform their jobs. He argued that using the network as the main entry point to view, track and stop security threats was a general line from a network vendor. Again the theme of 'intelligence' seemed to appear, getting more points as the buzz word of the conference.
Philippe Courtot (CEO Qualys) delivered a somewhat video heavy talk (with lots of car videos!) with the view that current security approaches in 2012 are often disjointed. He argued that the use of automation should be used more to help identify threats, track, scan and ultimately close vulnerabilities. He gave a good example of how many organisations are still using SSL 2.0 with it's typically 'broken' components, first identified as being defective over 17 years ago. By using intelligence from their customer base helps to identify newer threats and security trends in order to provide protection.
Stuart McClure (CTO McAfee) gave an insightful view on 'securing the un-securable'. He came up with the oxymoron of things that are described as 'unbreakable' are generally the first things that are hacked. He described how 2011 saw the concept of 'why would we be hacked?' become redundant, with many organisations and industries, being breached when previously seen as safe havens. The engaging talk went on to try and focus the understanding of threat management as a complex taxonomy of many different actors, targets and motivations. He preceded with a great live demo (who does live demo's these days?) showing the potential threat associated with wireless insulin distributors for diabetes sufferers. He reiterated the need for multi-layered protection at all levels, with a focus on white-listing
An interesting talk by a guy I've heard on the grapevine for some time, was by Sal Khan of the Khan Foundation. The energetic Khan gave a thoroughly fascinating and inspirational talk on how the Khan Foundation (a free on-line educational resource programme driven by videos) went from a quick idea to help his family, into a multi-million hit site with backing from Google and the Bill Gates Foundation.
A sharp and funny talk covered the evolution of the start-up and how innovation is the key to all things great with collaboration being a major part of that.
(Maybe it's time to hit up the cross company collaboration and innovation to help solve a few of these major issues we face?)
Friday saw Hugh Thomson (Chief Security Strategist, People Security) host an interview session with two pretty interesting guest. If you can overcome Thomson's particularly unique presenting style, the talks with Dan Gardner and Dr Frank Luntz are pretty enlightening. The main theme was on decision making, or more importantly influenced decision making, which is becoming more popular within the social networking and search engine spheres. Gardner focused on anchoring, which is often used to seed a thought process before an actual decision needs to be made. Basically, you end up being sub-consciously influenced by advertising or messaging prior to being exposed to the decision point.
Luntz (with his political commentary jokes) was interesting and provided some key insights into how words and spin can alter perceptions and likeability. From a political standpoint, he argued that successful politicians were often good communicators (Obama, Clinton, Blair etc) with the ability to touch not only on the intellectual level, but on an emotional level too. He translated this approach to a general social engineering scenario, with successful attacks often focused on something personal, with a call to action often implicitly coming from something or someone you trust. From a security software perspective, he identified that good messaging was key to successful take up. Software should be articulate in describing the consumer problem (the "I got it" scenario) and the negative outcome if the threat is not fixed. He warned that vendors shouldn't over stake the threat by treating it like 'Armageddon', but instead focus on how the vendor can 'protect' and give piece of mind, instead of just fixing a particular security issue.
From the general opinion, it seems many of the keynotes were not received with great enthusiasm from those expecting innovative or far-out views. This can probably be attributed to 2011 being a particularly unpredictable year with many threats, hacks and vulnerabilities hitting organisations and institutions in a different way. 2012 is probably going to be the year of a safe pair of hands whilst many vendors attempt to re-evaluate their offerings in the face of an ever increasing and ultimately faster evolving threat landscape.