RSA Conference 2013 – The Year of the Panel
At this year’s RSA Conference, panel discussions appeared to dominate the speaking sessions. Personally, I find that panels are more engaging and provide more value overall. In my opinion, a session with more experts who offer different perspectives results in a better learning experience for all attendees.
At this year’s event, there were two panel discussions that I enjoyed most:
- “Information Security Certifications: Do They Still Provide Industry Value?”
Andy Ellis, CSO at Akamai, represented the group that thinks certifications offer little value. And Mr. Ellis can back that up since he doesn’t hold any certifications and is still a highly successful security executive. Mr. Ellis even delivered a keynote at the RSA Conference, so he is clearly a recognized expert in the field. Of course, with certifications such as the Certified Information Systems Security Professional (CISSP) acting as the entry gate to jobs today, it’s likely that hiring practices are different than when Mr. Ellis entered into the information security market.
In the middle of the spectrum of the debate were Jennifer Jabbusch-Minella, CISO at CAD, Inc., and Richard Moore, Sr. InfoSec Manager at RBS Citizens. Mr. Moore and Ms. Jabbusch-Minella went back and forth on an interesting side discussion about certification holders possibly being held liable when breaches occur, similar to doctors or certified public accountants. This point certainly can be debated further.
- “Mobile Security Battle Royale”
Most of the discussion came down to the same old argument about whether Android or iOS was better for security. The panel was fairly split on which was best, which is fairly representative of the general population of security folks with whom I discuss this topic. But, what had some attendees listening most closely was the introduction of the new Blackberry 10 and Windows into the discussion. The panel argued that those two platforms are, at least currently, the most secure platforms. This is because they have few users compared to Android and iOS. As those platforms get more popular – assuming they do – the question of their security will be answered in a real way.
Additionally, I asked a question at the end of the panel that spurred a quick discussion. I inquired about other mobile platforms that are coming out such as Firefox OS and Ubuntu. There was some disagreement among the panel regarding how prevalent these alternate mobile operating would be in the future market. Mr. Dai Zovi believes that the iOS and Android will maintain a dominant position but that other platforms would create a cheaper mobile market. Mr. Miller disagreed with that statement, saying that iOS and Android were so established that no one else would be able to make much of a dent in their market share.
I attended other sessions and panels at this year’s RSA Conference, and I enjoyed them all. I look forward to next year and seeing more great panels around anything new developing in information security. I hope to see you there!