RSA Conference 2010: Scott Charney, Enrique Salem; the keynotes dissected
I was more interested in the next two keynotes from Microsoft and Symantec. First up, Scott Charney, CVP for Microsoft Trustworthy Computing Group. He said some good things and some challenging ones.
He said that people have struggled to understand the threat. True. He also said that we need to start innovating about prevention and mitigating. Also true.
He suggested that perhaps we adopt a healthcare model (presumably not the NHS) in that we beat disease by educating people about lifestyle risks, but there are limitations to this approach. Smoking causes cancer, a good reason to quit, but education can only do so much in the online world. People are aware of the risks in using the web but by and large they tend to be absent-minded when it comes to updating AV or simply challenged by the process. So why make it hard, Charney asked. Why aren't we cleaning machines before they access the internet?
The answer is that no one can be bothered. As long as ISPs can get away with dirty pipes, by putting the responsibility onto their customers - then the internet will remain a threat.
He moved on to the cloud and posed some serious questions. Who, for example is going to do forensics in the cloud? Who will monitor the activities of state agencies when they go looking for personal data in the cloud? This was something I have not thought about before. Technology, he said, has enabled state agencies to access personal data with greater speed with the potential to ignore due process.
With their data scattered across different clouds and different hosts, how can the private citizen be assured that their details are not abused? Those of us living in the UK where certain agencies have developed an almost Stasi-like thirst for citizen data the onset of an uncontrolled and unregulated cloud ecosystem is worrying. Governments monitor their populations in the name of crime prevention or anti-terror - but increasingly they do it because they can. Technology is making it easier for a surveillance society to cross borders and invade our privacy. As Charney said, IT should not dictate social policy. So, a Microsoft keynote that wasn't just about Microsoft.
Symantec CEO Enrique Salem took the stage after Charney and quickly warmed to his theme of the information economy, which he said would emerge during this decade. Some might argue that we are already there.
This was a much more confident performance than last year. Clearly Salem is warming to his task at the head of the world's largest software company. While much of what he said wasn't new, it was convincing.
The video spot featuring Salesforce.com CEO Marc Benioff actually provided the best soundbites. These included: 'Why isn't all enterprise software like Facebook?' and 'When are we going to let go of the past and invent the future?' He urged us to be aware of the Facebook imperative.
Salem's pitch summed up the theme at this year's conference. It's actually less about security, more about the overwhelming ubiquity of the mobile imperative. The merging of everything, everywhere.
The cloud, mobile and social media are all inextricably linked and the relationship between all three relies on trust and those that can address security, privacy and compliance will be the big winners, he said.
Both Charney and Salem believe that in this new world trust is paramount. They are both right but can they build it?