Along with the Electronic Frontier Foundation and DEF CON, iSEC Partners plays a part in the collaborative effort to produce the first Trustworthy Technology Conference this year in San Francisco. In this interview, Nick Rowe, COO of iSEC Partners, discusses the first annual TrustyCon event, what it should be perceived as, as well as what attendees can expect.
How did TrustyCon come about?
Security experts were withdrawing from their panels at RSA and we wanted to give would-be RSA speakers and attendees a voice. Since many of these great speakers already had non-refundable travel and housing accommodations in San Francisco for that week, we decided to put together a platform so they could still be heard. We left the agenda as flexible as possible because our first priority was to provide a landing pad for ex-RSA speakers.
How should this event be perceived by industry professionals? Do you think it's perceived as a “boycott” of the RSA Conference?
TrustyCon should be perceived as important.
The full name “Trustworthy Technology Conference” suggests that this is a platform for industry leaders who are passionate about privacy and security. A boycott would imply an aggressive act to block ideas and dialogue. To the contrary, the goal of TrustyCon is to create an open forum for industry leaders to voice their diverse opinions. This event can be understood as the catalyst to make trust and privacy a worthy and noble priority in tech companies, as talking about security isn't enough and proves inefficient; we have to show customers that the decision making behind products and services follow legal and ethical guidelines. In the end, TrustyCon should help repair the trust in technology and the companies who build the products and services that host our electronic communications and transactions. This online commerce is dependent upon the transparency and honest dialog TrustyCon will deliver.
TrustyCon is not a boycott of RSA. Rather, iSEC Partners, DEF CON, and the EFF are creating a conversation about trust in technology.
What are your thoughts on the industry's response on the RSA/NSA controversy? Do you think a sense of trust should or can be rebuilt within the security community?
There has been speculation that the NSA has contractual relationships that provide troubling access to customer information. This speculation has created an important debate and we want TrustyCon to be a platform for this discussion.
The industry response is appropriately diverse. Our position is that it's not wrong for companies to work with the government, but companies do need to be trustworthy and honest with customers. There are a lot of companies and individuals who feel betrayed by the NSA regarding recent revelations with Snowden and RSA. Rebuilding that trust starts with conversation and ideas, and that's why TrustyCon was created. The event is about connecting people who can discuss the effect trust has had on the security industry and how individuals, companies, and the government can alleviate any feelings of disloyalty.
Were you surprised as how quickly the event sold out?
We knew we had support, but we didn't anticipate to sell 400 seats in three days. It was reassuring to receive an influx of positive feedback from the security industry, and we're still receiving applications from dozens of speakers and sponsors. It is gratifying that there was so much interest and that profits will help the EFF in their pursuit to keep this conversation active.
What do you anticipate from the sessions/speakers at this inaugural show?
I hope the speakers inspire attendees to continue conversations outside of Silicon Valley. We hope there will be diverse opinions and challenging debate. We expect there will be a great deal of passion from the speakers because they all care deeply about this issue. We are looking forward to hear how others define and ensure trust in technology.
Which speaker/session is creating the most buzz thus far?
We have a range of buzzworthy, high-caliber speakers, including F-Secure's Mikko Hypponen, who was the first to publicly withdraw his support for the RSA through an open letter. His session “The Talk I was Going to Give at RSA” is gaining traction on social media. Another popular session is the joint panel with the EFF's Marcia Hofmann and ACLU's Christopher Soghoian on the meat of our topic, “The Laws and Ethics of Trustworthy Technology.” The agenda is filled with the best and brightest in our industry, so, there is understandably a great deal of buzz attributed to all the speakers.
Will you still be attending any of the other conferences that week?
We are good friends with RSA employees and work closely with a number of companies who sponsor the conference, so we are hoping to stop by. We are regular speakers at the RSA Conference and believe it plays an important role in the industry. We're always eager to connect with other security enthusiasts.
What do you hope attendees take away from the show?
We want to increase the trust people have in technology and the companies which wield it. Attendees should expect more from those which they trust with their privacy or security and hold them responsible when that trust is violated or security an afterthought. Companies should endeavor to make their technologies and businesses secure and trustworthy.