The chairman of leading security company RSA strongly defended the company’s relationship with the US government and the National Security Agency (NSA) as strictly above board, while criticising the security agency’s mass surveillance programmes.
In the midst of industry disquiet over allegations of RSA collusion with the NSA that overshadows this year's RSA Conference in San Francisco, RSA chairman Art Coviello also called for the breakup of the NSA into separate organisations, one dedicated to national security and one to defensive monitoring and addressing of threats.
A Reuters article in December alleged RSA had a “secret $10 million contract” with the NSA that involved supplying deliberately flawed encryption in one of its widely used products, enabling the NSA to conduct surveillance on organisatiions using that product.
Coviello argued in his opening keynote that RSA has primarily worked with the defensive arm of the NSA -- known as the Information Assurance Directorate (IAD) -- and was not involved in colluding with the surreptitious surveillance of citizens and other governments revealed by whistleblower Edward Snowden.
For years, RSA has provided security algorithms that underlie the way in which data is encrypted. It is a leading supplier of data and internet security products and services to businesses and governments.
Coviello said that the situation the company finds itself in now was an ironic counterpoint to the past, when it fought the US government to allow for the wider international use of security products and encryption algorithms.
He said if companies in the security industry could not be sure what part of the NSA they were working with, and what the NSA’s motivations might be, they should not work with the NSA at all.
He also noted that unwarranted spying was an international problem, and that all security agencies worldwide must not overstep their role.
“All security agencies need to adopt a model that enables them to do more to defend us and less to offend us,” he said