The RSA keynotes: A cautionary story
On February 29, hundreds of cybersecurity professionals will flood San Francisco’s Moscone Middle for the RSA Convention, one of many safety business’s largest and most authoritative occasions. This week, RSA introduced its 20 keynote audio system — and when you heard a bizarre noise coming from Twitter, that was simply the infosec group releasing an exasperated, collective WTF.
In a plot twist predicted by nobody, three of RSA’s coveted keynote spots have gone to two actors and a producer from the TV present CSI: Cyber.
Wait…wait… simply…wait. Actors from CSI:Cyber are giving keynotes at RSA? O_o
— Dave Lewis (@gattaca) January 20, 2016
One safety researcher recommended the choice exhibits that RSA is out of contact. One other was irritated that RSA went the route of “I am not a physician however I play one on TV” for its keynotes.
From the “are you smoking crack?” information: three of the RSA safety convention panelists are CSI: Cyber *actors* https://t.co/3RCj2JPUAw
— Dan Lyke (@danlyke) January 20, 2016
The blowback is comprehensible when you think about attendees in all probability anticipate keynotes which are indicators of tendencies, exhibit perception into business considerations, and are pertinent to the convention’s group.
So perhaps RSA is just making an attempt to be provocative by that includes actors from infosec’s most derided TV present. Hey, it is robust to prime Black Hat’s 2013 keynote coup, when it featured NSA Director Basic Keith Alexander proper after the Snowden information hit the information (he was heckled throughout his speech).
— James McQuiggan (@James_McQuiggan) January 20, 2016
And no, none of RSA’s CSI: Cyber keynotes are Patricia Arquette. As we brace ourselves for a peek into RSA’s keynote cupboard of curiosities, in the event that they’d included an actress who occurs to be feminine, it might have truly helped.
Infosec group members have been cranky concerning the keynote choices final yr, too. The 2015 lineup solely featured 5 ladies out of 26 audio system; many felt just like the low quantity did not converse to infosec’s workforce. Nor did it contact on the yr’s impactful work by feminine researchers. It felt like a gendered pigeonhole that the three ladies truly speaking about cybersecurity have been on a mission to “shield the youngsters.”
Even so, Ms. Arquette may need been a welcome inclusion this yr. There’s just one lady within the 2016 lineup (and she or he works for host firm RSA). It undoubtedly takes balls to decide like that.
— wendy knox everette (@wendyck) January 20, 2016
However let me be the primary to applaud this courageous determination, and these three courageous males. In any case, infosec has had lots of good occasions on Twitter, Fb — and sure, at safety conferences — making enjoyable of CSI: Cyber. We virtually want a operating facepalm counter for the present’s inaccurate portrayals, far-fetched and faux hacks, and naked-confronted sensationalism. Nobody will ever know what number of laptops have been misplaced to genuine spit-takes when the present’s actual-life most important character emerged in press late final yr to endorse the opportunistically invented subject of cyberspsychology, based mostly on the present’s pretend hacking crimes.
However none of this has to do with the actors talking at RSA, who’ve been taking the brunt of everybody’s facepalms — and at the moment are taking warmth for RSA’s keynote decisions.
— Aaron Toponce (@AaronToponce) January 20, 2016
The actors being blasted on Twitter this week about keynoting RSA have truly been coping with hackers’ complaints concerning the present for some time. Considered one of them is especially nicely conscious of the issues, and as I came upon, is sympathetic to the problems. Final March, CSI: Cyber actor Charley Koontz reached essential mass with criticism once I retweeted feedback from a hacker exasperated with the present. Mistaking a retweet for a private assault, Koontz needed to know why he was being attacked concerning the present, and we hashed it out and resolved the miscommunication by way of e mail. We additionally mentioned infosec’s annoyance with the present, and he stated he hoped they’d do higher if it obtained renewed for season two.
All I am saying is that placing CSI: Cyber on the docket does not appear to be elevating the broader conversations for anybody concerned. After the DHS’s keynote faceplant final yr, the place Homeland’s Secretary Jeh C. Johnson informed attendees he was studying how one can use an iPod and that his son was a hacker for utilizing YikYak, it is protected to say that RSA’s picture as a hub for pc safety thought leaders is fragile sufficient as it’s.
However … what if RSA’s ongoing keynote stew of disconnect and incompetence is a part of one thing far more considerate and sophisticated than we’re giving them credit score for?
I do not know what they will convey to the desk as individuals who know nothing about infosec however whose jobs require they act like they do. They could have extra perception into issues we have all been questioning, like why CSI: Cyber determined to make “evil” code the colour pink, or if cyberpsychology may discover a remedy for 4chan.
Perhaps we’re lacking the purpose solely. Maybe RSA is making an attempt to inform us that it is time for infosec to get up to the issues posed by individuals pretending to be hackers.
Or, perhaps it is deeper than that. Perhaps giving keynotes to actors who fake to be RSA audio system is RSA’s means of gently suggesting we do some soul-looking concerning the unfavourable results of stunt hacks that pander to press and feed public fears about hackers. You already know, consideration-getting stunts that find yourself on exhibits like CSI: Cyber.