- Related Stories
Unlocking security at RSA 2007February 12, 2007
Security gets mainstream attention at RSAFebruary 5, 2007
PayPal to offer password key fobs to usersJanuary 11, 2007
EMC to buy RSA for $2.1 billionJune 29, 2006
RSA: Microsoft to shelve token support in VistaMay 2, 2006
RSA snaps up authentication software makerApril 24, 2006
RSA to test new Web authentication serviceOctober 14, 2005
Companies urged to move beyond passwordsSeptember 14, 2005
(continued from previous page)
Has the RSA Conference changed as a result of the acquisition?
No, the conference has not changed at all, other than that it continues to grow and expand in terms of the number of vendors that are going to be exhibiting. We're up around 360 now. And in terms of the excitement and in terms of the quality and depth of the presentation, we're close to 400 presenters this year. Roughly 15,000 people are expected to attend.
RSA is mostly known for the key fobs that generate one-time passwords. You have long had a vision of a mass market for such gadgets. Where are they?
We have made our tokens easier to use by creating a toolbar version of the token. We've recently signed up two very large banks that serve their customers over the Internet to use our tokens. These two institutions are going to use a combination of physical tokens--that might be used by high net worth customers--and a toolbar version for broad distribution across all of their millions of Internet users. The SecureID technology will indeed be used in these applications.
Are you frustrated at all at the speed at which this is going?
If you're president or the CEO of a business, you are always frustrated at the speed with which things go. Yes, of course. But I think we're right, directionally. Also, we're not relying on one technology to do authentication. We also have our risk-based authentication and our picture-recognition capability that we acquired from PassMark Security.
If you look at the three biggest Internet banks in the country, they way they have responded to the FFIEC (Federal Financial Institutions Examination Council) recommendation for having strong authentication in online transactions, each one is using a different type of RSA technology.
You're predicting that the one-time password is going to be used more broadly?
There is no question. Outside the U.S. there is far more acceptance and use than within the U.S. It is our job to create alternatives for our customers. We have been able to do this. But take Japan Net Bank, the biggest Internet bank in Japan--they rolled out 1.3 million of our tokens from April of last year through the middle part of July. That's how fast you can roll out tokens to a pretty large mass of consumers.
Is there anything happening in the industry that you believe is so wrong that it makes you want to bang your head against the wall?
It is not so much what is being done wrong, it is what needs to be done right. Antivirus is a perfect example. Antivirus enjoys a very privileged space in all security budgets and for good reason. But the fact of the matter is, in the past year there were over 200,000 variants of malware, according to Yankee Group. It is almost impossible for a static, signature-based product like antivirus to keep up with that. Antivirus needs to morph and change to behavioral blocking based on patterns that are recognized and be much more of a dynamic solution than a static. This change from static to dynamic is going to be one of the most important trends in security going forward.