Security plays a hugely influential part in our lives. On a normal morning we’ve encountered it on numerous occasions before even starting work. Unlocking the door to leave the house, typing in a password to check your emails, entering a code or swiping a card to access your workplace. Our whole world is built on a foundation of distrust.
Travelling to San Francisco for the RSA Conference 2012 made me more aware of these issues than ever before. The security getting into the USA reaches new levels of pedantry. The usual high regard for security at an airport was inevitable – having to show your passport on countless occasions, putting your bags and yourself through x-ray machines, and if you’re one of the unlucky ones, facing a physical search.
After going through these procedures, I reached my boarding gate finally beginning to relax in the understanding that I wouldn’t be treated as a potential terror suspect, as all flyers are these days, until at least reaching the States. I was wrong. I was taken aside for another ‘random’ search. As someone who has travelled quite extensively, I’d never before encountered these searches at a boarding gate, and I voiced this to the security officer. He replied that 10% of all flyers to the United States must now face an additional inspection before boarding their flight. Then when I really thought it was all over, a sniffer dog appeared at my feet.
This enormous concern for security reminded me of a story I read recently. A 26-year-old English man, in anticipation to a vacation in Los Angeles, tweeted to his friend that he was going to ‘destroy America’. In the UK, the term ‘destroy’ can be used as slang for partying. However, the Department of Homeland Security, which now monitors twitter for security purposes, flagged him as a potential threat and, upon entering the country, threw him in jail for the night before deporting him back to England the next day.
All of this is in the name of the fact that people, whatever they do in life, like to feel safe. Despite grunting at airport security, this is something we all take for granted. So, what happens when a leading security company, that’s success is dependent on building customer trust by protecting them from threats, suddenly has their own security breached? Surely that could spell the end for such a company? Well, that was what I thought – but RSA may tell you something different.
RSA’s large scale security breach last March is well documented. So going into this year’s RSA Conference I was intrigued to see how they handled all the seemingly negative attention and inevitable question marks over their credibility. Chairman Art Coviello kicked the event off, and right from the start it was clear the stance they were taking. “You may not realise it when it happens,” Coviello said. “But a kick in the teeth may be the best thing for you.”
It wouldn’t be an American event without a bit of overhyped cheese, and we didn’t have to wait for long before a choir belted out the Rolling Stones classic ‘You Can’t Always Get What You Want’. What possible relevance could this have, I thought. “I’ve learnt that that most people would love a world without risk – but you can’t always get what you want,” Coviello enlightened the confusion in the room. “But if you try, you might find you do get what you need.”
What Coviello was saying and continued to be a theme during the week, was that the breach actually had a positive effect on the security firm. Tom Corn, chief strategy officer at RSA, said the company used the breach to its advantage to make them stronger and closer as a team. “When that was going down, Art was basically running the halls and one of the things he kept on saying was, never let a good crisis go to waste. What are we going to get out of this that is going to be great?”
Brian Fitzgerald, VP of marketing at RSA, added that the crisis allowed RSA to become a leading voice and advocate against the growing concern of hacktivists. He said: “Coming out of it we actually refocused and crystallised our business, and it allowed us to help our customers lay out to their senior management that this was real.”
Another interesting insight from the conference came from FBI director Robert Mueller, who hammered down on the significance of cyber threats. “Terrorism does remain the FBI’s top priority, but in the not-too-distant future we anticipate that the cyber threat will pose the number one threat to our country,” Mueller said.
Cyber threats may well be the security concern of tomorrow, but Mueller’s reminder that terrorism is still very much number one was again made clear to me when I arrived at San Francisco Airport to leave the States. On my last visit to America I was shocked to see the introduction of a new scanner which implements a ‘virtual strip search’ of you – I was further amazed this time to see that there was no longer a choice between this new development, or just going through a traditional scanner. Meaning every single person boarding a flight is subjected to the act of having their naked body viewed by a complete stranger.
After being preached on the huge importance of security all week at the conference, this left me with a difficult question. Was this too far? Was I comfortable effectively sacrificing my dignity just in the name of a little extra security? To be honest, my answer was no. Perhaps it’s interesting to note that these scanners have been banned in Europe. I think if RSA can survive, and even benefit from, having its whole security breached, the USA can sacrifice a tiny bit of airport security to spare its citizens’ and tourists’ blushes.