As I said yesterday, RSA is always a large event with a lot going on and day two was even busier than the first. Privacy is a hot topic this year, a theme common to many of the sessions I attended and it’s clearly important to the delegates – booth 4433 North has been swamped with privacy practitioners and data protection professionals keen to bag a #MyDataMatters T-shirt before they run out:
My blog on the highlights from day one at RSA Conference proved extremely popular with #CIOChat regulars, so before day three kicks off, here are the highlights from yesterday which I hope will also resonate with CIOs, IT chiefs and business leaders alike:
Funny man and actor John Lithgow started day two by making a serious point about cybersecurity: “Imagine a hacked planet. Imagine what the earth would be like without security,” spelling out that such a scenario would lead to the complete exposure of our digital selves and result in a world without privacy or trust.
Newly appointed President of RSA, Rohit Ghai, expanded on meeting the challenges outlined by Lithgow saying, “We are in the fight of our digital lives, and the fight’s getting tougher… clearly, we need a technology assist.” Ghai said that in today’s cyber world businesses cannot continue with siloed approaches to data and security and instead need to move from drawing lines around data, to drawing connections.
Dell Technologies CEO, Michael Dell agreed with Ghai’s thinking saying that the CIOs he talks to these days have told him that they are excited about digital transformation but aware that as a result, security needs to move from information technology to business technology: “Security is now the number one issue that plagues businesses and boards, concerned about the complexity of their security posture and how to manage risk.”
Brad Smith, President of Microsoft also stressed the impact of cybercrime on governments today. He said that risks have changed as with the emergence of nation state hackers, “cyber space is the new battlefield,” that will lead to estimated economic losses in 2020 of $3 trillion dollars. Given this, Smith claims that what’s needed to protect civilians in times of peace is a commitment from nations to a “Digital Geneva Convention,” and the creation of an International Atomic Energy Agency-like organization to police nation state hacking.
Christopher Young, SVP and GM at Intel, echoed Smith saying that with a growing attack surface there’s increasing need for security to ensure that the IoT does not become the Internet of Terrorism.
In the same vein, The Honorable Michael McCaul, Republican and Chairman, House Homeland Security Committee said that messing with democratic processes is a redline, the crossing of which, by any country, cannot be tolerated.
Going further on the same subject Michèle Flournoy, Co-Founder and CEO of the Center for a New American Security (CNAS) and former Under Secretary of Defense for Policy, suggested why Russia might be operating the way it is, then said that while taking an offensive stance is easier than resistance, defense is still essential because it’s crucial to be able to operate through and post hacks. Flournoy suggested that surveillance is needed at the same time as strengthening democratic controls.
Chris Zoladz, Founder of Navigate LLC, looked at the affect increased awareness of privacy has to business, saying that organizations worldwide need to quickly change the way they think about the EU’s General Data Protection Regulation (the GDPR) and consider investment in privacy tools for compliance with it not as something to avoid, but as something with the potential to increase loyalty and revenues and reduce costs. While data privacy has long been considered a human right in Europe, Zoladz stressed it is a sentiment fast becoming a global movement, citing the 600,000 plus requests Google has already received in terms of EU citizen’s Right to be Forgotten as proof.
The GDPR considers data private that identifies an individual or make a person identifiable and Zoladz claims that only about 35% of brands are even basically prepared.
What do you think about a ‘Geneva Convention’ approach to protecting data? Is it time governments forged and adopted global laws for protecting digital citizens’ privacy? Is your brand ready for the GDPR or is uncertain how to proceed? One thing is for certain – the subject of privacy will be one debated for years to come.
I’d love to know what you think – if you’re at the conference, drop by booth 4433 North to join the #MyDataMatters conversation and pick up a T-shirt while they’re still available!
If you couldn’t attend this year, follow me @MylesSuer and @Protegrity for real time reporting and don’t forget to read my day three takeaways here tomorrow.