I keynoted yesterday to an audience of senior security chiefs at the Information Security Forum's 18th annual world congress. Other presenters included Ira Winkler and Bruce Schneier.
Much of the focus of the congress was in governance and compliance, but there were some interesting technical talks too.
I especially enjoyed the presentation of Jolyon Clulow from Deloitte about future techniques for securing online banks. He had with him some first examples of embedded smart bank cards I've ever seen. Check this out:
This card, the size of a normal credit card, has a keypad and small display embedded to it and is capable of doing responses to challenges presented to it. The challenge, shown to a user of an online bank, can then include some sort of a hash of transaction values and recipients, making man-in-the-browser attacks harder.
Signing off, Mikko
P.S. South Africa has the only airports I remember seeing, that has separate check-in desks for people checking in with… guns.