Security Bytes

Jan 8 2016   7:27PM GMT

Cybersecurity and CES 2016: A comedy of omissions

Rob Wright Profile: Rob Wright

Tags:
CES

We’re doomed.

I try not to be too much of an alarmist when it comes to information security matters, because all things considered, the situation on a global level could be a lot worse. We could all be suffering from malware –induced power grid outages like the Ukraine, or experiencing stunning invasions of privacy like the poor souls who bought Internet-connected VTech toys for their kids and just didn’t know any better.

The latter situation is more troubling when viewed through the prism of the bright lights and drab histrionics of Las Vegas this week. The Consumer Electronics Show has never really been a home for information security companies, and having attended the show for several years in the past, I didn’t actually expect that to change this year despite the increasing number of enterprise data breaches. After all, CES is about gadgets and TVS and cool tech that people actually want, not need.

But I expected more than security highlights than an iris scan-enabled ATM from EyeLock, a wireless-enabled video security camera puzzlingly named the “Stick Up Cam,” and an Internet-connected home surveillance devices from – get this – VTech (!!!). When the most interesting infosec offering of the week is a “privacy guard” smartphone case that provides a Faraday cage around your beloved gadget, then that’s not exactly a great sign.

CES 2016 wasn’t a complete no-show for security. The show did, in fact, have an all-day cybersercurity forum this week with such speakers as AVG CEO Gary Kovacs, security reporter Brian Krebs and Trend Micro Chief Cybersecurity Officer Tom Kellerman. And with RSA Conference 2016 just around the corner, it may not have made sense for infosec companies to spend more time and money exhibiting at CES.

Still, a number of major tech manufacturers have made CES their launch pad for enterprise-focused offerings in the past, and that trend continued this year (just looked at how IBM promoted its Watson technology and PC makers like Dell, HP and Lenovo pushed their enterprise client devices). It seems like a missed opportunity for security vendors to cross over into such a high-profile event and promote the benefits of good infosec hygiene, to say nothing of the tech giants that were actually at the show that said virtually nothing about infosec (Hello, Intel).

I didn’t attend the show this year, and I’m thankful I didn’t have to make the laborious trip and daily grind that CES requires. But I would have gladly made the sacrifice just to see a few companies make serious attempts to put sound infosec technology in front of 150,000-plus people. But if we can’t get a stronger, more serious security presence at the biggest technology show in the world, then we’re doomed.

3  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Kevin Beaver
    We're doomed or we have a ton of opportunity/job security in IT and security – depends on how you look at it. I'm going to go with the latter! :-)
    23,915 pointsBadges:
    report
  • Rob Wright
    Haha, good point! Maybe I'll be more optimistic at CES 2017 (but probably not)...
    1,440 pointsBadges:
    report
  • Badhockey
    This was my first CES show and as a security professional I was disappointed in the overall consideration for the data being collected and the device connectivity that seems to be promiscuous. I asked a health monitoring device product engineer about the protection of the connection and the authentication of the two devices. I was presented with a blank stare - when I took my android out and showed him the signal I was intercepting as I stood between the devices, I detected some level of understanding of the implications of what I was saying. The devices were plentiful and the toys were fantastic - I'm shopping for a drone now, but the concern remains. We are putting devices on-line that need protection embedded at all levels - maybe if I raise somebodies blood pressure on their monitoring device and it responds an EMS crew at the expense of a real call, we'll start to get the proper attention.
    20 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: