With the security and hacking conferences Black Hat and DefCon under way in Las Vegas, most of the news hitting the airwaves involves the NSA, Edward Snowden and government surveillance programs.
DefCon organizers pointedly asked government officials to stay away, which I did not agree with. I believe we need dialogue between the two sides to understand where each is coming from and why.
Black Hat, however, did invite NSA chief, General Keith Alexander, to speak about surveillance and the intersection of privacy, network security and national security. He was heckled by the crowd. But as Mike Potts, president and CEO at Lancope, explained:
“[It’s] good that this dialog is happening and the general has shared how they are limiting access to the metadata that they've collected. I am pleased to hear him recognize that this community at BlackHat has a role in protecting the nation's critical infrastructure. We all must be mindful to make sure we protect civil liberties.”
Anthony Di Bello, Guidance Software’s strategic partnerships manager, added:
“There was obviously a limit to what General Alexander could say by virtue of his job, so it took a lot of courage for him to appear before the hacker community. And while the audience wanted more, the general should get credit for his transparency. It's clear the government would love cooperation from the private sector. It seemed as if General Alexander was saying the U.S. government is open to suggestions to ensure the privacy of the citizens of the United States."
It was the other news from the conference that reiterated to me why it is imperative that the government and the private sector do a better job at cooperating when it comes to security concerns. Buried under the sea of news about Alexander’s appearance in front of the not-so-friendly audience was the annual reveal of some of the most dangerous cybersecurity issues of today. The list includes: hacking into implanted medical devices, using smart TVs as surveillance tools, hacking into vehicle computer systems and the vulnerability of the nation’s critical infrastructure.
Such security stories are what this conference is infamous for—this list presents the real dangers that security experts need to prevent. Alexander said that the NSA program has stopped potential attacks, which should be applauded. But there are other dangerous attacks that people and companies should fear, too--ones that can also be stopped if we all take cybersecurity seriously and work together to arm our networks, mobile devices and other technology-based equipment against the evil that lurks in the shadows.