Gates, CEOs to stress computer security at S.F. conference
By Dan Lee
Mercury News
Posted on Sun, Feb. 13, 2005
Microsoft Chairman Bill Gates is coming to San Francisco to take on hackers and spammers -- and skeptics of his company's ability to defend its software against an onslaught of Internet attacks.
Gates will deliver the opening keynote Tuesday for the RSA Conference, which will attract an estimated 11,000 technology professionals this week to the Moscone Center. His plan to headline the show for the second consecutive year underscores the intense pressure the world's largest software company has come under to close security flaws in its Windows operating system.
The star-studded list of speaker also illustrates the rise of cyber-security as one of the most perplexing technology problems.
The RSA show, put on by Massachusetts software company RSA Security, brings together more than 275 exhibitors and such top industry keynote speakers as Cisco Systems Chief Executive John Chambers and Symantec CEO John Thompson. Former White House adviser and homeland security expert Richard Clarke will talk as well.
RSA events in Tokyo and Austria are slated for later this year. That's one sign that the computer security industry is still growing rapidly.
``Last year, people were saying this can't last,'' said John Muir, managing partner of Trusted Strategies, a Pleasanton research firm focused on Internet security. ``There's got to be a huge bubble burst here because the industry can't support this many companies.''
He said more than 800 computer-security focused companies are now vying for business across North America, an estimate not counting major tech providers such as Cisco that also sell security products and services.
``Every time a new technology comes out, you need a new type of security to take care of it,'' he said.
After a rash of damaging computer attacks in the first half of 2004, including the Mydoom and Sasser worms, the past 18 months have been free of those sorts of major outbreaks. ``There has been a lot of little attacks,'' said Walter Pritchard, a senior analyst with SG Cowen who covers Internet security. ``There's still quite a bit of focus on how bad things could be.''
Last week, Microsoft released eight security fixes -- seven were rated ``critical'' -- for vulnerabilities in its Windows operating systems and related software.
Critics have blasted Microsoft for not being more proactive in securing the company's software that runs most of the world's computers.
``I think they've had enough enterprise customers tell them: `This is your problem,' '' Pritchard said.
At last year's show, Gates predicted spam could become an insignificant problem over the next few years because of improved filtering and other technologies. But the tide of unwanted e-mail shows few signs of abating.
Microsoft also is facing increased competition from Linux or Unix operating systems as an alternative to the company's Windows software, especially to run on corporate servers. ``Their primary motivation is to ensure the long-term future of Windows,'' Pritchard said.
This week, Mike Nash, Microsoft's corporate vice president of Microsoft's security business and technology unit, said Gates would outline the company's overall security strategy but declined to give specifics.
Microsoft is expected eventually to offer anti-virus software to consumers, a direct challenge to security providers such as Symantec of Cupertino and McAfee of Santa Clara. Microsoft has taken steps recently to bolster security, including last week's acquisition of Sybari Software, which protects corporate e-mail systems from viruses and worms.
``They've signaled sort of on-and-off-again over the last 20 months that they were going to get into the anti-virus market. This would be a great venue to give people some clarity,'' Pritchard said of the RSA show.
Other hot areas in cyber-security include methods to identify computer users beyond the ubiquitous user name and password, Pritchard said. For example, a small token carried on a key chain can display a one-time code to replace a password.
Muir added that companies are improving security to comply with laws such as the Sarbanes-Oxley Act that crack down on corporate practices.
A company with a major security breach, such as customers' confidential information being made public, could face legal action, he said. ``For the attorney, it's the perfect world: The little guy gets hurt because of the negligence of a major company with deep pockets.''
AI
