April 21, 2009 - Tom Field

And so it begins ...

As this morning dawns on San Francisco, so begins the 2009 edition of the RSA Conference.

As sponsors, speakers and delegates flock into this year's show, there are a couple of common discussion points you hear: Threats and the economy.

As anyone in information security can tell you, this is the Mardi Gras, the Super Bowl, the event in the industry. It's where security professionals from all walks of the public and private sectors come to discuss the major threats and solutions of the day.

The theme of this year's event is ... a little odd. Edgar Allan Poe. Now, what comes to mind when you think Poe? His macabre poetry and short stories? "The Tell-Tale Heart," "The Raven," "Premature Burial" ...?

Poe also invented the modern detective story, and he died a mysterious death on the streets of Baltimore. But it's neither Poe's weird life nor odd stories that are the center of the RSA's theme.

Instead, it's Poe's fascination with cryptography, as exemplified in his short story, "The Gold Bug." Cryptography is a huge part of this year's event agenda, so it is fitting to honor Poe.

And, y'know, on another level entirely, these are weird times we're living and working in right now.

As sponsors, speakers and delegates flock into this year's show, there are a couple of common discussion points you hear: Threats and the economy.

The Heartland Payment Systems data breach remains the poster child for information security threats. It's the biggest, most recent hack, and it's one that - more than any other - has captured the public's interest. So, people are talking about Heartland-style breaches - what will be the next big target? Where are these threats originating? Has the next Heartland happened already, and are we just waiting to hear about it? You're going to hear the word "Heartland" a lot this week.

Then, there's the economy. It's odd that as people openly acknowledge heightened information security threats - from the outside and within, mind you - at the same time they're talking about smaller security budgets, about how businesses are at greater risk, yet choosing to spend less to ensure security. This was the theme of the initial RSA coverage in the San Francisco Chronicle, the event's hometown newspaper.

Me? I don't buy it. The decline in spending is more hearsay than reality. In fact, we've just completed our annual Banking Information Security Today survey, and we asked respondents about their security budgets this year - are they smaller, larger or level-funded? The response: 57 percent of respondents say their budgets are level-funded or slightly (10 percent or less) larger than last year.

That's an impressive statement, given what we've all experienced economically, and it's only one of the more interesting findings from this year's survey.

The survey ties into RSA, too, because I'll unveil the survey results at a conference session Friday morning at 9 Pacific time. If you're at the event, be sure to stop by and say hello. If you're not here, then stay tuned for our survey results, coming soon to this site.

Meanwhile, stay tuned over the course of the next few days for regular updates from the RSA event. Colleagues Mike D'Agostino and Nick Burke are out here with me, and we've got full schedules of meetings with thought-leaders from business, finance, high tech and government. There are a number of sessions I'll attend, ranging from Mobile 2.0 trends to cybersecurity and data breaches. And, that's just today!

Again, keep your eyes open for ongoing coverage, and if you're at the event - do drop me a line or say hi. Let's compare notes on this year's emerging topics and themes.

'Understand Your Risks' - Interview with Chris Whitener, HP
The conference is underway. Keynotes and individual sessions have begun, and your ISMG team has already initiated a series of short interviews with industry thought-leaders.

I spent some time this morning talking with Chris Whitener, Chief Security Strategist for HP. Our discussion covers:

• Security threats and trends;
• How HP's customers are tackling these challenges;
• New strategies/solutions for ensuring information security.
  

'Beyond .Zip' - Interview with Tim Kennedy, President/COO of PKWARE
Everyone knows about the .zip data compression standard. But what do you know about the standard's inventor, PKWARE, or its suite of data-centric security solutions? Listen to this interview with Tim Kennedy, President/COO of PKWARE, for insights on current market trends and solutions.