I have watched on silently from the sidelines as the "boycott RSA Conference" story has played out. Now that we are a month or so away from the conference "where the world talks security" I just can't hold it in any longer. I really think the few outliers who have announced they are boycotting and not speaking or attending this year's RSA Conference have gotten more than their 15 minutes worth. I think the whole effort is a misplaced endeavor blaming the wrong people for the wrong transgression.
First of all for you folks not familiar with this matter, about 9 of the over 500 speakers at this years RSA Conference (in full disclosure I am one of those 500+ speakers) have announced they will not be attending and speaking at the conference this year. Their reasons are tied to the story of how RSA supposedly accepted a $10 million dollar payment from the NSA for a backdoor into the RSA programs.
The first person to come out and announce their boycott was Mikko Hypponen, of F-Secure. I respected Mikko's decision. As a non-US citizen I understood his displeasure over a US company working with the US government to potentially have a backdoor into other peoples data. Mikko was soon joined by 8 or so other speakers of various persuasions and so in our social media frenzied world a movement was born. Next came word that these 9 or speakers and those who support them were setting up an anti-conference across the street from RSA Conference called Trustycon. Next came word that Microsoft and Cloudflare would sponsor Trustycon.
So now I feel compelled to say, "let's stop the insanity". Boycotting the RSA Conference is not the same as not supporting or buying RSA tokens. For anyone who doesn't already know, RSA Conference is pretty much a separate entity from RSA and their token business. In fact they work really hard to keep a "firewall" (no pun intended) between the two organizations.
Yesterday I spoke to Hugh Thompson, program committee chairman of RSA Conference. Hugh told me that the fact is many of the people who work on RSA Conference are not in fact RSA employees at all and don't have anything to do with RSA itself. They work hard all year round making the RSA Conferences the best and biggest security conferences in the world. Dragging them into this mess in Hugh's opinion is just misplaced.
On top of this RSA Conference has always prided itself on pitching a big enough tent to give everyone a bully pulpit to speak. If anyone with issues around the NSA/RSA story wanted to speak out about it, the RSA Conference folks would have been glad to give them a forum to do so. Instead they choose to just boycott the conference.
Sign up for CIO Asia eNewsletters.