Tuesday, April 15, 2008

RSA, final post

Writing this while waiting to board my return flight to Sao Paulo. It’s good to write after a few hours far from the conference, as it gives me a better view of what really impressed me most. I agree with other bloggers that mentioned the lack of innovation this year. However, it was expected.

I think I can mention some highlights. Black Ops, Sins of Our Fathers, Avoiding the “Security groundhog day”, the DLP Panel, Ajax Security were very good in terms of presentation and discussion, but honestly, nothing new from them.

The best sessions for me were Bruce Schneier’s and Malcolm Gladwell’s. Both talked about human perception and the way that we think. Schneier has already published some things about it, especially about the way thaty we perceive Risk. Gladwell presentation was very interesting even if it wasn’t related to security at all. He talked about decision making, but not common decisions, but those made unconsciously. I think there are lots of situations in security that can benefit from his theories. The way that we assemble and conduct security monitoring centers, for instance, can be radically changed. By reading his book (“Blink: The Power of Thinking Without Thinking

”, I bought on the airport) I realized that we may be falling into some basic mistakes, like providing too much information for those that need to take decisions. It would be nice to do some kind of research with good SOC operators to see how they usually identify an attack, what information is used and see if can do the “thin slicing” approach that Gladwell explains in his book. If there was anything that provided food for though during the conference, I think it was that.

The exposition was kind of sad. Tons of “appliances” providing solutions to problems defined by the vendors themselves. Lots of vendors talking about how their products provide very nice reports, but what about detection, prevention? Can all the problems in security be solved by a nice report with some pie charts?

The networking aspect, by the other side, was terrific. I met lots of people who write very good blogs, people that I found that are reading mine. I hope to be able to attend to the conference the next years to maintain all those contacts. Thumbs up for Martin McKeay, Jennifer Leggio and Alan Shimmel for organizing the bloggers meetup. It was very good and an extraordinary opportunity to chat with people that I respect a lot. Thanks!

No comments:

Post a Comment