The SafeLogic Blog

The blowback on RSA is officially in full swing, even gaining momentum as various experts have publicly announced their decision to boycott the RSA Conference.  So it seems like the perfect opportunity for me to take a stand as well, and say that I will not be speaking at the conference either!

Wait, I wasn't invited?  That's BS.  I am electing to boycott and I refuse to speak!

In all seriousness, I do have an issue with the folks who are choosing to stay home.  Quite simply, it's an empty gesture.  For real change to occur, issues must be discussed.  And if you won't be at the conference, who will lead that discussion?

The RSA Conference is massive.  The agenda will be full, with or without you.  The exhibition hall will buzz and deals will be made.  I'd like to say that the audience will miss you, but the reality is that most of them won't realize that you were scheduled to speak in the first place, because the folks that need your leadership most are the ones who don't read your blog.  They don't already know you or your opinions.  If you really want to make a difference, come to the conference.  Talk to as many people as you can.  Educate and influence as many attendees as possible.  Teach them what they need to know.  Explain why you lost confidence in RSA, and point them in the right direction.

Furthermore, I'm not sure the conference itself should be boycotted.  It may prove to be RSA's most lasting legacy.  I'm sure it creates revenue for EMC, but it has grown far beyond being just another self-serving user convention.  It has provided many companies with significant exposure, putting start-ups on the map and even giving rivals a chance to compete.  If you're truly objecting to RSA Security's practices, stand tall and help buyers discover alternative vendors.  Many of them will be represented at the conference, you know.

The conference chairman, Dr. Hugh Thompson, doesn't even work for EMC or RSA.  He's been very candid about the controversy and the impending discussion, which I appreciate.

“[The RSA Conference] always been an open forum for people to come and talk about security.  No matter what’s on the printed agenda, this is definitely going to be a topic that’s talked about at the conference, and it should be."

I couldn't agree more.

Actions speak louder than words, and money talks louder than a bullhorn in a library.  So don't just talk about boycotting.  Come to San Francisco, step up, speak out, and help the attendees find their way to solutions that are not backed by RSA.  If you aren't here, it will be a very one-sided conversation.  If you do not speak out, RSA Security will be presenting their point of view with no dissenting opinion or rebuttal.  Twenty thousand attendees are coming in February, not to hear RSA's pitch, but to hear your opinions and see the alternatives.

So here's my proposal.  Come to San Francisco and speak.  Just not on stage at the conference, if that makes you uncomfortable.  Speak on the tradeshow floor.  Speak outside the Moscone Center.  Speak in the hotel lobby.  You're welcome to come speak at SafeLogic's hospitality suite, for that matter!  But please speak.