Sweet sixteen

That is why they have invited three innovators to speak at the 16th edition of the nation's most attended IT security conference: Tom Kelly, general manager of design and development firm IDEO; Ray Kurzweil, a pioneer in speech recognition technology; and former Chairman of the Joint Chiefs of Staff and Secretary of State Colin Powell.

"Several hundred years from now, people will look back and say, ‘This is a Renaissance moment,'" says Sandra Toms LaPedis, vice president and general manager of RSA Conferences.

More than 15,000 people, including 325 exhibitors and 460 speakers, will learn and discuss how to secure this new Renaissance as RSA Conference 2007 returns to San Francisco.

The event features 19 class tracks covering 220 customized sessions.

New tracks include authentication and consumer protection.

Among those expected to deliver first-time RSA addresses are Deborah Platt Majoras, chairwoman of the Federal Trade Commission; Larry Ellison, CEO of Oracle; John Swainson, CEO of CA; and Gregory Garcia, the recently appointed director of the Department of Homeland Security's Cyber Security Division.

LaPedis says attendees to the conference, originally established as a forum for cryptographers, has "really turned into a broader information security show to learn about what the latest is in technology and threats." She adds that the event provides the chance to network with industry peers and for old friends to reconnect.

Tom Noonan, general manager of IBM Internet Security Systems, says his keynote address will concentrate on a trend among cybercriminals toward "targeted and sophisticated" attacks.

"Last year we discussed how the current network security paradigm needs to change in order to mitigate the ever-changing threat landscape,"

he says. "As an industry, we need to abandon the isolated silos of quick-fix technology in favor of an integrated, interoperable security platform whose parts work together as a system to automatically combat existing and future online threats."

"This year we will focus on how the threat is not so much loud and disruptive, but rather targeted and sophisticated," Noonan adds. "To avert these new attacks, enterprises must systematically develop technology and methodologies that are more pre-emptive, enterprise-focused and extensible. They must adopt a systematic and automated way to detect and remediate vulnerabilities, incorporate dynamic and pre-emptive threat management, along with unified security management and recovery systems."

Brian Smith, the chief architect of 3Com and a founder of TippingPoint, says his first-ever RSA keynote will focus on integrating solutions such as network access control, intrusion prevention and behavioral anomaly detection to create an intelligent network.

"I can do all of these sorts of synergies and when you trace it out, what ends up happening is you're able to debug network problems that you were never able to do before, get an unprecedented level of security, and also lower the total cost of ownership," Smith says. "They have to talk to each other. If we can pull all of these solutions together, I think that's going to be the trend over the next five to 10 years. It's a natural evolution in the technology cycle."

Smith says he also plans to emphasize the benefits of the bump-in-the-wire network approach to deploying security solutions. Rather than embedding solutions into switchers and routers, Smith plans to suggest overlaying solutions to allow for a more converged, cheaper way to add intelligence to the network.

Smith's colleague David Endler, director of security research at TippingPoint, and Mark Collier, CTO of SecureLogix — who have teamed up to write a new book on voice over IP (VoIP) security called Hacking VoIP Exposed — will lead a session on this emerging threat.

Endler says the timing of the talk is critical, as he and Collier expect 2007 to be the year when internet telephony becomes a major attack vector. Hackers have begun developing tools to exploit vulnerabilities in VoIP networks. Soon, denial-of-service (DoS) attacks will morph into more financially motivated crimes such as spam over internet telephony (SPIT) and VoIP phishing.

"The way VoIP is being adopted and the way the security landscape is playing out, it's only a matter of time before the threats catch up to this widespread deployment," Endler says.

Francis deSouza, vice president of Symantec Enterprise Messaging Management, will deliver a session track titled, "Locking Down Corporate Data to Prevent Information Risk." He says, "The threat landscape has evolved dramatically, and remote devices are more pervasive than ever. I'll be discussing the need for locking down corporate data, and how technology convergence enables enterprises to assess and manage not just perimeter-based security requirements, but also protect against data leakage and the risks of non-compliance with internal policies and external regulations.

One of the key emerging trends for 2007 will be data loss protection, says deSouza. "With the expanding regulatory environment and increasing use of remote devices, it's becoming more and more critical for organizations to not only block malicious threats from entering the company but also ensure that the company's confidential data stays inside the organization."

"If you look at the profile of the RSA audience, something like 50 percent have at least six years experience in information security," Smith says. "You're talking to a well-educated audience."

SC Magazine will be presenting its SC Awards 2007 on Feb. 6, 2007 at the Hilton San Francisco as part of the RSA Conference.


What's in store

Microsoft founder Bill Gates and Oracle CEO Larry Ellison will lead a lineup of keynote speakers at RSA Conference 2007. The Conference will take place Feb. 5-9, 2007 at The Moscone Center in San Francisco.

Colin Powell, the former national security adviser, secretary of state and chairman of the Joint Chiefs of Staff, will also deliver a keynote address at RSA Conference 2007, organizers told SC Magazine.

Other keynotes include:

  • Art Coviello, executive vice president, EMC Corporation and president, RSA, The Security Division of EMC, co-presenting with Joe Tucci, chairman, president and chief executive officer, EMC Corporation
  • Gene Hodges, chief executive officer, Websense
  • Burt Kaliski, chief scientist, RSA, The Security Division of EMC
  • Deborah Platt Majoras, chairman, Federal Trade Commission
  • Thomas Noonan, chairman, president and chief executive officer, Internet Security Systems
  • Stratton Sclavos, chairman of the board, president and chief executive officer, VeriSign
  • Brian Smith, chief architect, 3Com Corporation, and founder, TippingPoint, a division of 3Com
  • John Swainson, chief executive officer, CA
  • Herbert Thompson, chief security strategist, Security Innovation
  • John Thompson, chairman of the board and chief executive officer, Symantec Corporation


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.