IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

RSA speakers and sponsors drop out over NSA allegations

Security event rocked by boycott over parent company's alleged involvement with US National Security Agency.


F-Secure has confirmed that it's ditched plans to sponsor and exhibit its wares at next month's RSA Conference, as the furore surrounding RSA's alleged NSA links rumbles on.

At the last count, eight speakers booked to appear at the info-security event had cancelled their talks including Mikko Hypponen, chief research officer at F-Secure, Chris Palmer, a Google software security engineer and Josh Thomas, chief breaker at Atredis Partners.

This was in response to allegations made last month that EMC-owned RSA was secretly paid $10 million by the US National Security Agency to put a backdoor in its encryption software.

According to a report by Reuters, RSA accepted payments from the NSA to use a flawed random number generator in its products, known as the Dual Elliptic Curve Deterministic Random Bit Generator.

The claims were vehemently denied by RSA in a blog post dated 22 December, where it stated: "RSA, as a company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA's products, or introducing potential backdoors' into our products for anyone's use."

Unfortunately, RSA's denial has not cut the mustard with some members of the IT security community, prompting several speakers to pull out of the vendor's conference next month.

The event chalked up 24,000 attendees last year, and more than 400 speakers were down to present in 2014.

Furthermore, F-Secure's Hypponen confirmed in an open letter on his blog yesterday that his company will not speak, sponsor or exhibit at this year's event, in light of the NSA revelations.

He was originally booked to deliver a speech and participate in an FTC panel.

"Initially, I only cancelled my talk, as I didn't want to punish the FTC, which had nothing to do with the events I was protesting about," he wrote.

"However, partial participation sends mixed messages. I don't want to send mixed messages, so I have cancelled all my appearances at RSA 2014. I'm sure the FTC will understand.

"I can also confirm that F-Secure is not speaking, sponsoring or exhibiting at RSA Conference USA 2014."

Meanwhile, Robert Graham of researchers Errata Security, called on more speakers to boycott this year's event, as well as the company's products.

"It doesn't matter how many people you convince that what the RSA did is wrong if that doesn't change their behaviour. If everyone agrees with you, but nobody boycotts RSA's products/services, then it sends the clear message to other corporations that there is no consequence to bad behaviour," he wrote.

"It sends the message to other corporations that if caught, all that happens is a lot of talk and no action. And since the motto is that 'all PR is good PR,' companies see this as a good thing."

IT Pro contacted RSA for comment on this story, but was still awaiting a response at the time of publication.

However, earlier this week, Hugh Thompson, programme committee chairman at RSA, told the Washington Post he was "disappointed" by the boycott because despite being owned by RSA the event is neutral.

"Security has risen in the agenda of almost every company and every government in a way that we've never seen before," he said.

"I think that the security dialogue is more intense that it has ever been."

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022