The 2020 edition of the RSA Conference in San Francisco is now officially in the books, which brought conference backpacks filled with the usual vendor tchotchkes and trinkets (the most popular this year being hand sanitiser to ward off the threat of the Coronavirus), and tired feet from trudging between the jargon-filled Moscone North, West and South conference buildings, the dozen or so nearby hotels with corporate suites filled with corporate executives too busy to walk the floors, and the many dozens of restaurants taken over by vendors for evening parties ranging from free taco trucks to gourmet sit down affairs.
While the 2020 conference attendance seemed a little lighter than in the past, and there were a few notable blank spots on the show floors with virus related vendor pull outs, the show was a hit for me and most of the attendees I spoke with this week.
Those that opted to pay the price for the full conference pass were treated to good speakers, speaking good things, delivered in good ways. “The Human Element” took centre stage in many varieties, with talks on the human-machine interfaces of old, and the human-AI interfaces of tomorrow.
In a ‘Capture the Flag’ test in the main lobby of the conference, a human versus machine equation was put to the test, and the machine dominated against over 70 humans who all failed to capture a Stealth protected ‘flag.’ Luckily the ten-thousand-dollar prize that was offered to any human that could break in was instead donated to the Women in Cyber Security (#WICyS) group.
Talks on US election security including one by US Homeland Security official Geoff Hale garnered a strong fact-based debate, and left attendees both concerned about the security preparation for 2020’s presidential elections in the area of information influence operations more so than actual machine hacking.
The movement to use ‘AI for Good’, which is articulated in groups ranging from the White House’s National Cyber Moonshot to the Vatican’s “Rome Call for AI Ethics” provided a hopeful overtone, with vendors and governments alike confident that we can use AI to fight AI in the defence of our information.
Several experts noted that while it may be difficult for a human to detect a deep fake video or a tricky social post, it’s child’s play for a specially tuned AI program to watch out on our behalf. The trick will be training the AI in a trustworthy fashion, and then ensuring it’s widely deployed and default available to any and all that want it.
The seen and unseen scene at RSA Conference 2020
There was a private invitation-only roundtable of 50 of the most important and influential cyber security leaders alive today, which focused on ways to overcome today’s daily challenges and truly craft a more safe and secure tomorrow.
Under Chatham House Rules, leaders from the hacker and privacy communities, government and industry communities, and technical experts from industrial control systems (ICS) and enterprise security spaces all came together to test hypothesis in a congenial and positive way. These folks have been there, done that, written the books, and their experience was telling. It was two and a half of the most inspiring hours of security I’ve ever been part of and left me much more hopeful for a globally collective secure future.
On a main stage this week there was action on changing the economics of cyber security, with leaders from the Aspen Institute helping to announce a ‘grand challenge’ around actionable ideas that would either raise the cost of to launch a successful attack, or lower the cost to successfully defend against one — or both! This grand challenge, originally called for in the National Cyber Moonshot, will be formally launched early this year, in conjunction with the US Government, academia, and industry. It was noted on several stages that the US focus on protecting critical infrastructure on the Internet is in line with other nations (led by the UK’s National Computer Security Centre), and included in one of the United Nation’s 17 Sustainable Development Goals.
It wasn’t all work and no play for the attendees though, with magic in the air in the evening gatherings, including performances from magicians Penn and Teller, DJs getting people moving, specialty cocktails including the Moon Shot and the Hackers Highball.
By all reports, and empirical evidence, both the days and nights of RSA 2020 were a hit for those that braved the virus risks and spent the week learning new things, meetings like-minded people, pitching their well-intentioned solutions and causes, and in general celebrating that it is indeed the humans that are the key to a globally successful cyber security industry going forward.
Till next year….