I’ll also write about Richard Clarke’s opening keynote for the CSA Summit, in which he shared his perspectives from participating in White House review committee on mass surveillance. A common theme I saw from Clarke and from some of the lawyers and academics on a later panel about international law and cyberspace was to gloss over any possibility of accountability or culpability for the operatives and politicians that surreptitiously established mass surveillance here in the heartland of democracy. 

 

To Clarke’s credit, however, he did bluntly say that mass surveillance, in the wrong hands, could lead to a police state, and once a country “turns on” such a state it cannot be turned off. He shared some good recommendations for reducing the chance that such a thing could happen, especially in the event of “another 9/11.” 

 

Following William Shatner’s ridiculous rendition of “Lucy in the Sky with Diamonds” (the Girl with the APT eyes) RSA’s Art Coviello also had some recommendations for reforming our sorry cyber-state in his opening keynote. After gingerly touching on the allegations the NSA paid his company for weakening encryption technology, he recommended government reforms similar to Clarke’s proposals but also advocated for an international cyber-weapons control treaty. I will be writing about Clarke and Coviello’s recommendations later, and also about a controversial panel of lawyers and academics, some of whose members said the U.S. administration was not culpable under the law and that the concept of cyber-weapons control is laughable.

 

Meanwhile, the threat landscape remains as ominous as ever and the security industry is busy. I had a number of vendor briefings with cloud security, identity management, anti-malware sandbox, secure web gateway and other types of vendors – some of which I hope to describe in the coming days.