NSA Allegations Casting Shadow Over RSA Conference


RSA Conference 2014 attendees will be looking to RSA Executive Chairman Art Coviello to re-establish trust with customers and security industry experts following National Security Agency leaks alleging RSA may have been paid to aid the U.S. intelligence agency's surveillance activities.

RSA, Microsoft and other U.S. technology vendors have denied any role in helping NSA by providing compromised software or software that was easily compromised. But the allegations have provoked a vocal backlash against RSA, including a boycott of the conference by some. The issue has placed a gloomy backdrop against the security conference that aims to highlight a new wave of security startups backed by an influx in venture capital funding, discussions about the security of software-defined networking, new threat intelligence technologies, and behavioral and predictive analytics designed to get one step ahead of cybercriminal gangs. The RSA Conference also is intended to showcase a variety of other emerging approaches for better protecting data, improving threat detection and more efficiently responding to security incidents.

The reason for the controversy around a number of NSA initiatives but around RSA in particular is that it violates a certain trust security professionals have in the company and its products, said Paul Kocher, a noted encryption expert and president of Cryptography Research, a solution provider that is a division of Rambus. RSA is held to a higher standard, Kocher said.

[Related: 10 Innovative Security Startups To Watch In 2014 ]

"People are incredibly forgiving about accidental mistakes, but they're not so forgiving about anything that might hold a hint of intent," Kocher told CRN. "A lot of people in the audience will be listening for an understanding about what the relationship between the customer and the vendor is and what their relationship as a customer of RSA and RSA as a vendor should be."

Pat Grillo, president and CEO of Atrion Communication Resources, a Branchburg, N.J.-based RSA partner, said Atrion has had two or three RSA business deals on the table since the NSA allegations emerged and hasn't seen any pushback from customers.

"As long as it doesn’t impact our ability to make money with these products and not lose customers I may be personally upset about it, but as a businessman I have to put that aside," Grillo told CRN.

NEXT: IT Security Pros Feel Ill Prepared Against Attackers