The RSA Conference is a series of IT security conferences. Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference. RSA conferences take place in the United States, Europe, Asia, and the United Arab Emirates each year. The conference also hosts educational, professional networking, and awards programs.

RSA Conference
RSA Conference 2022
StatusActive
GenreProfessional conference
Date(s)April 28-May 1, 2025
FrequencySeveral times a year
CountryUSA, United Kingdom, Asia & Japan, United Arab Emirates
Years active33 years ago
Inaugurated1991
FounderJim Bidzos
Previous eventMoscone Center, San Francisco, California, May 6-9, 2024
Next eventMoscone Center, San Francisco, California, April 28-May 1, 2025
ParticipantsIT Security Professionals
Attendance45,000
Websitewww.rsaconference.com

History

edit

Early history

edit

The name RSA refers to the public-key encryption technology developed by RSA Data Security, Inc., which was founded in 1982. The abbreviation stands for Rivest, Shamir, and Adleman, the inventors of the technique. The idea for the first RSA conference was conceived in 1991 in a phone call between then RSA Security CEO Jim Bidzos and the Executive Director of the Electronic Privacy Information Center.[1] The first conference had just one panel, called "DES and DSS: Standards of Choice." It focused on why attendees should not adopt DSS, a standard that was expected to challenge RSA Security's status as the de facto standard for digital signatures.[2][3][1]: 22–23 

The event steadily grew and in 1993 it attracted more than 200 attendees.[1]: 24  [3] Known for many years as the RSA Data Security Conference,[4] it eventually became just the RSA Conference. Over time the conference grew more business-oriented with an older demographic and more vendors,[5] which led to competitive issues for a time in the 1990s; European competitors to RSA Security sometimes could not get a booth, so they hired people to pass out flyers at the RSA conference encouraging attendees to visit them at hotels nearby.[5] In 1995 the conference criticized the Clipper Chip. If implemented, the chip would have given the U.S. government direct access to evidence on telecommunications devices with the chip installed.[6] The conference put up posters with "Sink Clipper" in big letters.[7] By 1997 the conference had grown to 2,500 attendees.[8] The first European RSA Conference took place in 2000 and started with just 5 tracks.[9]

According to Network World the conference's focus expanded from cryptography into a broader IT security conference with larger attendance in 2005, when Microsoft CEO Bill Gates did the keynote presentation.[2] According to Bidzos, the purpose of the conference became "for all kinds of things: drive standards, organize some opposition to government policies, promote the RSA name, [and] give all of our customers an opportunity".[1]: 24  By 2008 the conference had 17,000 attendees and 375 participating IT security vendors.[3] It had 18 tracks and 230 sessions.[3]

Recent history

edit

At the 2010 RSA conference, the Obama administration publicly revealed the Comprehensive National Cybersecurity Initiative (CNCI), which was created in 2008 and formerly kept a secret.[7][10] In 2011, a California-based IT security company, HBGary, withdrew from speaking and exhibiting at the RSA conference, citing safety concerns. The company announced plans to reveal the identities of some members of the hacktivist group Anonymous and received retaliatory threats and hacks.[11] In 2014, 8 speakers boycotted the RSA conference after its sponsor, RSA Security, was accused of adding a backdoor to its products, so the National Security Agency could monitor users of RSA Security technology. The boycott began with then F-Secure Chief Technology Officer Mikko Hyppönen. He wanted RSA Security to apologize, whereas the company's statement was that the allegations were not true.[12][13] Some noted that the RSA conference and RSA Security company are only loosely connected.[12] Discussion at that year's conference was focused heavily on leaks by Edward Snowden and NSA involvement with American technology companies.[14]

The first RSA Conference in the Asia-Pacific was introduced in 2013.[15] This was followed by the inaugural United Arab Emirates conference two years later.[16] In 2015 the conference added a clause to exhibitor contracts effectively prohibiting "booth babes" by requiring professional attire on the exhibitor floor.[7][17] The policy was implemented in response to feedback that booth babes made the conference feel unprofessional. Fortune Magazine called the widespread practice of having booth babes at professional conferences "outdated" and unwelcoming to female attendees.[17] The following year, the RSA conference was focused on the FBI–Apple encryption dispute, regarding attempts by the government to gain access to iPhones containing evidence in criminal investigations.[7][18]

As of 2017, the conference has an estimated 40,000–43,000 attendees in the United States.[19][20] The 2021 conference was held 100% virtually, due to concerns about COVID-19.[21] The conference restored in-person events the following year.[22]

In 2020, RSA Conference and its parent company, RSA Security, were acquired by several investors in a $2 billion deal.[22] Two years later, RSA Security sold a majority interest in RSA Conference to private equity firm Crosspoint Capital Partners.[23] RSA Security sold its remaining interest in the RSA Conference events business to other investors in 2022.[22]

Content

edit

The RSA Conference is an international conference series on IT security that takes place in the United States, Europe, Asia/Japan, and the United Arab Emirates. It also provides internet safety education for consumers and children, a security scholar program for IT security students, and operates award programs typically bestowed at conferences.[24] For example, one award is the Innovation Sandbox contest, which involves ten startups that present their technology to a panel of judges.[19][25]

The 2017 conference in the U.S. had 15 keynotes, 700 speakers, 500 sessions, and 550 exhibitors.[20] An analysis of session keywords at the conference suggest that early conferences were focused on cryptography and commerce, but the topical focus of conferences transitioned to cloud and cybersecurity in the early 2000s.[26] Each conference has a theme, a practice that began in 1995.[2] Additionally, there are typically one or two IT security topics that the conference organizers pick to focus on each year.[19] Speaking positions at the RSA conference are highly competitive, with thousands of submissions for a few hundred speaking positions.[13]

RSA Conference Awards

edit

As of 2024, the RSA conference sponsors the RSA Award for Excellence in Mathematics, co-sponsored by the International Association for Cryptologic Research, for "innovation and ongoing contribution to the field of cryptography".[27]

References

edit
  1. ^ a b c d Yost, Jeffrey (December 11, 2004), Oral Interview with James Bidzos (PDF), Charles Babbage Institute: Center for the History of Information Technology, University of Minnesota
  2. ^ a b c Greene, Tim (February 3, 2011). "From cloud and mobile security to encryption, security concerns abound as RSA turns 20". Network World. Retrieved January 1, 2017.
  3. ^ a b c d Kaplan, Dan (March 24, 2008). "RSA 2008: All Grown Up". SC Magazine. Retrieved February 1, 2017.
  4. ^ The 1997 RSA Data Security Conference Proceedings, retrieved April 22, 2017
  5. ^ a b violetblue (March 9, 2016). "RSA security conference: 25 years of discontent and pranks". Engadget. Retrieved January 1, 2017.
  6. ^ "RSA Conference 2016: What's Old Security is New Again". eWeek.com. February 28, 2016. Retrieved February 2, 2017.
  7. ^ a b c d Greene, Tim; World, Network (February 29, 2016). "10 momentous moments from 25 years of RSA". Network World.
  8. ^ Wood, Charles Cresson (1997). "Recent crypto-process developments: Highlights from the 1997 RSA conference". Computer Fraud & Security. 1997 (3). Elsevier BV: 10–11. doi:10.1016/s1361-3723(97)83577-4.
  9. ^ "E-Security Leaders to Gather in Munich for First European RSA Conference". March 6, 2000.
  10. ^ Moscaritolo, Angela (March 2, 2010). "RSA Conference: White House declassifies U.S. cybersecurity initiative details". SC Magazine.
  11. ^ McMillan, Robert (February 16, 2011). "Hacked and Now Vandalized, HBGary Pulls out of RSA". PCWorld. Retrieved February 2, 2017.
  12. ^ a b Ackerman, Dan (January 8, 2014). "RSA Conference speakers begin to bail, thanks to NSA". CNET. Retrieved January 1, 2017.
  13. ^ a b Barnes, Robert (January 7, 2014). "At least eight security experts boycott prominent security conference over NSA ties". Washington Post. Retrieved January 1, 2017.
  14. ^ Perlroth, Nicole (February 28, 2014). "At the RSA Security Conference, Things Get Testy and Then They Get Awkward". Bits Blog. Retrieved February 2, 2017.
  15. ^ "Inaugural RSA Conference Asia Pacific Showcases The Best Of Asia's Security Innovations, Best Practices And Strategies". RSA Conference. June 7, 2013. Retrieved March 25, 2017.
  16. ^ "World renowned cyber security experts set to gather at RSA Conference 2015 Abu Dhabi". RSA Conference. October 7, 2015. Retrieved March 25, 2017.
  17. ^ a b Lev-Ram, Michal (March 30, 2015). "Tech conference bans scantily-clad "booth babes"". Fortune. Retrieved January 1, 2017.
  18. ^ Hennigan, W.J. (March 3, 2016). "Encryption debate dominates San Francisco tech conference". Los Angeles Times. Retrieved February 2, 2017.
  19. ^ a b c Needle, David (February 12, 2017). "RSA Conference Adapts to Address Emerging Threats, Technologies". eWEEK. Retrieved March 25, 2017.
  20. ^ a b Team, RSAC Editorial (March 14, 2017). "Reflecting on RSA Conference 2017". VentureBeat. Retrieved March 25, 2017.
  21. ^ "RSA Conference 2021 Goes Fully Virtual". RSA Conference. 2020-11-06. Retrieved 2020-12-20.
  22. ^ a b c Uchill, Joe (March 15, 2022). "RSA sells conference to become standalone business". SC Media. Retrieved March 8, 2023.
  23. ^ Vinn, Milana (January 18, 2023). "RSA Security explores $2 bln-plus sale of Archer -sources". Reuters. Retrieved March 8, 2023.
  24. ^ "About – Information Security Conference". RSA Conference. January 1, 2017. Retrieved January 1, 2017.
  25. ^ Brown, Bob (January 18, 2017). "10 Cool Security Startups Vying for Glory at RSA Conference". Network World. Retrieved January 1, 2017.
  26. ^ Hackett, Robert (January 26, 2016). "'Cyber' Is Hot, 'Crypto' Is Not". Fortune. Retrieved January 1, 2017.
  27. ^ "RSA Conference Awards". RSA Conference. Retrieved February 22, 2024.
edit