This is the second year big data has been a top focus of the event, but this time there is less theory and more practice, says Hugh Thompson, RSA Conference programme committee chair.
“Like application security and cloud security before it, big data security – the protection of big data and the value of big data analytics to security – is following a maturity curve,” he told Computer Weekly.
Over time, said Thompson, broad and generic sessions become much more specific and prescriptive.
“For example, cloud sessions now typically look to solve specific challenges such as how to manage identity and identity federation in the cloud,” he said.
More on RSA 2013
Similarly, in the past year, big data has matured from little more than a “buzz word” and is now being put into practice to anticipate threats by running analytics on log files in a different way.
Some companies have also started to use big data for threat intelligence, behaviour analysis for fraud and intrusion detection, and for forensics, said Thompson.
Around 60% of the keynote sessions are related to big data, which Thompson said is an indication that the industry is starting to do something with it. “Concepts are being turned into actions,” he said.
The industry has moved from identifying big data as an upcoming area, he said, to talking about ways to use big data analytics to solve problems.
RSA executive chairman Art Coviello is to look at how big data transforms security, in the opening keynote. He is to be joined by general manager and senior vice-president Amit Yoran to discuss privacy, security and big data.
Also for the second year running, the second biggest topic by volume at the conference is mobile security and enterprise adoption of bring your own device (BYOD) programmes.
“BYOD is still hotly debated in the security industry with tension between those who want to put a stop to it and those who realise they need face reality and enable business to do it securely,” said Thompson.
However, there has not been the same degree of movement along the maturity curve in the past year with mobile security as there has been with big data, he said.
“We are still some way from the ‘silver bullet’ on what to do when it comes to mobile security,” he said.
But Thompson said attendees will see progress in research on mobile malware and get a better sense of what the risk is for each of the major mobile operating systems and what they have to manage.
Other keynotes include the challenges and opportunities of software development with operations known as “DevOps” by Joshua Corman, director of security intelligence at Akamai Technologies.
Mark Hughes, CEO of BT’s security practice will talk for the first time in detail about what happened behind the scenes at the London Olympic and Paralympic Games 2012 from a security perspective.
Continuing on an Olympic theme, the closing keynote is by former chairman of the London organising committee for the Olympic and Paralympic Games, Sebastian Coe.
“There is a lot to be learned about managing global, connected enterprises from how he has managed an organisation and got it to work, despite multiple sporting and political tensions,” said Thompson.
Other highlights on the official programme include two sessions on application security, including a seminar on the open-source web application security project (OWASP).
Thompson’s own session on rethinking security takes a step back to look at the bigger picture and draws from his research into what causes organisations and individuals to plateau.
Other topics include talks on how to calibrate where organisations are from a risk perspective, how to share security information, nation states and cyber war, and the human element of security.
“The human element of security is growing in importance, and is probably the single biggest area where organisations can make greatest improvement quickly,” said Thompson.
More on RSA 2013
- RSA 2013: Suppliers need to prepare for new security vulnerability handling standards
- RSA 2013: Government will help businesses to help themselves, says US cyber lead
- RSA 2013: China not the only cyber espionage country, says Mandiant
- RSA 2013: Despite the gloom, there is cause for optimism in IT security, says Microsoft
- RSA 2013: Cyber security skills shortage needs urgent attention, says DoHS
He also notes that the demographics of attendees is shifting and is beginning to include senior executives as information security increasingly becomes a board-level issue.
“I think we have done a reasonable job of bringing in sessions that will help them step back and look at the business implications of security, especially in the governance, risk and compliance track,” he said.
“This is bound to be a hot topic in the less formal sessions as European information security professionals try to figure out what it all means to them operationally,” he said.
There are now a lot of questions, he said, about how European organisations should think about data sovereignty and where data should reside, and about tracking the flow of data.
Coming back to big data, Thompson said attendees will see there is now a practical way to use data analytics to solve problems, with examples in threat intelligence, forensics and behavioural analysis.
“When you extrapolate that out, big data holds this promise of being able to create a ground truth around security,” said Thompson.
“It is interesting to think that we could get to a point where we could measure how specific controls or products affect risk and how good something is beyond the supplier’s marketing materials,” he said.
According to Thompson, this would enable a move from suspicion-based security to an era where the real impact of something can be measured.
More on RSA 2013 in San Francisco