11 May RSA Conference 2023: It Takes A Village To Raise A Cybersecurity Industry
Highlight reel of the world’s largest cyber gathering Sponsored by SecurityScored
Melbourne, Australia – May 11, 2023
The idea that the next world war will be fought with cyber weapons, rather than kinetic weapons, is decades old — but it is only recently, with discovery of new vulnerabilities running at fever pitch and rapid online networking allowing even novices to launch sophisticated attacks at their whim, that Steve Wozniak, co-founder of Apple, has come to accept those predictions.
“Twenty or thirty years ago, when they started talking about the next war is going to be fought on the Internet, I don’t know that I totally bought into that,” Woz told Cybercrime Magazine during the recent RSA Conference 2023.
“But everybody knows it now.”
The conference was a return to form after several years in which pandemic restrictions loomed large over the event — with the 2020, 2021 and 2022 events all tapping virtual technologies to adapt to changing circumstances that forced many other conferences to shut down altogether.
This year’s event saw more than 40,000 attendees flock to San Francisco’s Moscone Center to partake in four days of presentations, networking, and collaboration — including more than 350 sessions presented by over 650 speakers, and almost 550 exhibitors sharing their latest technologies.
It all added up to “palpable” enthusiasm and buzz, RSA Conference senior vice president Linda Gray Martin said in the wake of an event that serves as the linchpin for a cybersecurity industry that continues to grow by leaps and bounds every year — aligning CISOs, business executives, and end users against the onslaught of a seemingly innumerable cyber adversary.
“Our commitment to providing a year-round platform for the community to engage, learn and access content remains stronger than ever,” Martin said, noting the online RSAC 365 community and in-person events that the organization runs throughout the year.
“We look forward to continuing the conversations we’ve had this week throughout the rest of the year.”
The idea of RSA as a catalyst for communication and collaboration rings true for Woz, who welcomed the return to in-person engagement in the spirit of the earliest days of computing — when he and myriad other engineers would meet to share their interest in then-nascent home computing technology.
The erstwhile Homebrew Computer Club (HCC), for example, provided a forum for Woz to debut the prototype Apple-1 computer that he and Steve Jobs had cobbled together — a significant milestone in the evolution of personal computing that paved the way for the creation of the industry behemoth that Apple is today.
The HCC “was one of the big influential ones in my life,” Woz said, “with a lot of people with a similar interest that was outside the mainstream a bit — but believing in it, and joining together in it, increased our enthusiasm.”
“Groups sharing ideas and talking about them is where so many ideas come by where you say ‘whoa – the future could be very inspirational, and we can do a lot of good things for a lot of different people.’”
That approach had naturally extended into the cybersecurity space, he continued, with cybersecurity “a lot better when you have a lot of people talking, and sharing their ideas, and individuals in different teams working to understand where the weaknesses and holes are and how to get them fixed.”
“If we talk among each other about ways that we’ve discovered some weaknesses, and ways that we fixed them, and share them with everyone else, we can get that out — but you’ve also got to get it out to the end users, the people running all the technology of the company.”
All in this together
The commonality of that shared experience is evident in many ways, but one of those ways is in the shared experience — and the enjoyment, criticism, fact-checking and just general fun that comes from enjoying Hollywood’s ever-expanding string of hacker movies.
Cybersecurity Ventures has been cataloguing such movies in The Complete List of Hacker & Cybersecurity Movies: 1954 to Present — Woz is such a fan of such movies that he wrote the Foreword — and, with so many cybersecurity dignitaries gathered at the RSA Conference, it seemed like the ideal time for a straw poll of attendees.
“We’re delighted to lead the world in face-to-face interactions post COVID,” said RSA Conference CEO Kylie Wright-Ford, who thanked the “incredibly supportive” sponsors and welcomed attendees “from all walks of life.”
“It’s very competitive to get on the stage at RSA Conference,” she added, “and that really gives us a leading indicator of what the innovative topics are.”
AI and Web 3.0 were, unsurprisingly, hot topics at the conference — but Wright-Ford also flagged the importance of “mainstream topics that are evergreen. … We’re trying to help people do better in their jobs, grow professionally, and solve the big problems.”
“The funnel of ideas, innovative thoughts, incredible speakers and community is really what we’re all about. The vibe is good, my team is amazing, and we’re really proud.”
And as for her favorite hacker movie? Swordfish gets her nod — not only because star Hugh Jackman is an Australian compatriot, but because the film also has “a strong female lead. I like a little complexity in my plot, but also a little action. So it speaks to me.”
One of the firms showcasing its AI nous was SecurityScorecard, which announced plans to integrate the GPT-4 AI large language model (LLM) with its eponymous platform.
“All of a sudden, out of these huge data sets, you can derive one or two actionable insights much faster, just using natural queries,” said co-founder and CEO Alex Yampolskiy, who nominated The Matrix as his favorite hacker movie ever.
“The whole red pill versus blue pill, and how we live in a matrix,” he said, “that was amazing. I just totally love that movie.”
Bobby Ford, senior vice president and global CSO with HPE — who enjoyed talking with fellow RSA attendees about the impact of the ‘experience gap,’ a different spin on the oft-lamented talent gap — is a particular fan of the Leonardo Di Caprio-Tom Hanks film Catch Me If You Can.
“Typically when people think about hacking, they think about technology,” he explained. “But it’s really not about technology. It’s about the motivation behind it — and Catch Me If You Can is a phenomenal film about social engineering.”
And what films resonate with the law-enforcement community that ultimately took down Catch Me If You Can inspiration Frank Abagnale?
Craig Jones, director of cybercrime at INTERPOL, nominated The Italian Job — the 1969 original starring Michael Caine, not the 2003 reboot — although both included brilliant scenes where the hacker character causes traffic chaos by manipulating the traffic management system.
Die Hard 4.0: Live Free or Die Hard took that concept up quite a few notches, with malicious hackers orchestrating a massive and coordinated strike on a wide range of critical infrastructure.
It was a pretty dire situation — but in the end, noted Cassie Crossley, VP of supply chain security with Schneider Electric, “the hacker helped Bruce Willis figure out the whole plot, and they wouldn’t have saved the world without the hacker.”
With so many companies demonstrating such a breadth of talents at RSA Conference — “more than 10 percent of the industry is right around us right now,” Richard Stiennon, former Gartner Research vice president, explained — the opportunity to bring the security community together at the annual event has forged new bonds and reinforced old ones.
And his favorite movie?
“I watch a lot of hacker movies,” Stiennon admitted, “and I like Blackhat. I know I’ll get reviled for saying that, but I thought it was pretty dang good.”
Ultimately, Woz said, the best hacker movies have one thing in common — the sense of a David vs Goliath fight “like the little guy is trying to overturn some evil being done by a government or a company, and help some people that need help.”
“Every movie I’ve ever seen with hackers has caught my attention,” he explained. “It’s almost always that in those movies, the weak overturn the bad.”
This is more than just an exciting movie plot, he added. “You get a young kid [watching and ] saying ‘whoa, that’s my hero,’ someone who didn’t have something and they are able to fix something in the world.”
“That’s so important as an influence [to young future hackers]; we need to talk about the real good side of putting your head into it, and trying to solve it — not just letting other people do it. Become one of those heroes.”
– David Braue is an award-winning technology writer based in Melbourne, Australia.
Go here to read all of David’s Cybercrime Magazine articles.
Sponsored by SecurityScorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over two million companies continuously rated. Our mission is to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors.