Monday, April 20, 2009

RSA Conference 2009: "Imagination is More Important than Knowledge" (Albert Einstein)

First page of Einstein's manuscript explaining general theory of relativity


CyBlog on the Road: RSA Conference, Monday, 4-20-09

The provocative words of Albert Einstein hung from a banner over the escalators that led down into RSA Conference 2009: "Imagination is more important than knowledge."

Of course, coming from Einstein, such a statement presupposes a strong, almost supernatural baseline of knowledge upon which to launch out into imagination.

And certainly, by "imagination" Einstein did not intend flight into self-indulgent fantasy; he meant to break through the limitations of the known and tap into the unknown to solve the problems of the known from the other side.

Well, bravo for RSA's choice of motto for its "Innovative Sandbox," which was the highlight of the first day of the 2009 conference.

"Innovative Sandbox" was billed as a "half-day, interactive workshop program" through which attendees could "explore and shape technologies that promise to transform the information security industry." It featured brainstorming sessions, complete with whiteboards, facilitated by industry luminaries, and a "Most Innovative Company" contest presided over by an expert panel.

One intriguing Swedish start-up, BehavioSec offers what it calls the "first Continuous Authentication of end users through Behaviometrics (behavioral biometrics)." The product, Behavio, is based on a "innovative technology that exploits the user's unique behavior while using a keyboard and mouse to create a token that cannot be replicated."

But the winner of the competition (and my personal choice as well) was Alert Enterprise of Fremont, California. Using "graphical, geospatial monitoring, alerting, mitigation, multi-source analytics," etc., the Fremont, California-based start-up's two products, AlertAccess and AlertAction, are intended to address the dangerous gap between cyber security, physical security and control system security in the enterprise.

Considering that there will no doubt be a lot of mile-high talk about "the Cloud" over the next few days, bestowing an award -- this first evening of the conference -- on a product that deals with how the physical and cyber worlds interpenetrate and what that means to risk mitigation in both spheres was not only deserved but quite meaningful symbolically.

-- Richard Power