Cybersecurity

Cybersecurity industry at war with itself

The cybersecurity community is at war with itself.

On the second day of the RSA cybersecurity conference here in San Francisco, protesters from the activist group Code Pink scaled the roof of the Moscone Center and unfurled a banner blasting the security company for its work with the NSA.

Around town, anti-National Security Agency protesters organized counter-conventions, including one called "TrustyCon," featuring speakers who dropped out of the RSA convention over revelations that the cybersecurity company RSA had done business with the agency.

Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow.
Barton Gellman | Getty Images

And across the street, activists rented out the Mexican restaurant Chevy's, a traditional watering hole and dealmaking spot for the cybersecurity set. The activists say they won't let anyone into the restaurant who paid to attend the RSA conference.

Their message: If you support the RSA, no tacos for you.

This year's RSA conference—traditionally one of the industry's biggest deal making and technology sharing meetings—features a tech community divided against itself in the wake of Edward Snowden's revelations of the extent of the NSA's snooping and just how closely some cybersecurity companies here cooperated with it.

Robert Imhoff, founder of a hacker security group, raised $7,000 on a crowdfunding website to rent out Chevy's. He said he wants to inconvenience the attendees to make a point about NSA surveillance. And he said the sponsor of the conference has already taken a reputation hit from the disclosures. "For 30 years, everybody has said RSA, the security division of EMC, is the go-to place for security and safety and trust," he said. "Now [they] have lost so much goodwill."

For its part, RSA has denied allegations that it deliberately created a back door in its security products for the NSA to exploit. CEO Art Coviello suggested in his speech here that RSA had essentially been duped by the agency and would be more skeptical of the government in the future. If "we can't be sure which part of the NSA we're actually working with, and what their motivations are, then we should not work with the NSA at all," he said.

(Read more: How cyberthieves are targeting online daters)

House Intelligence Committee Chairman Mike Rogers said he came to San Francisco this year, in part, to help make amends with the cybersecurity community.

"The damage is real, and we shouldn't shy away from that," the Michigan Republican said. "There's a lot that this community believes that the National Security Agency of the United States is doing that it's not doing—and we need to get that fixed."

(Read more: What cyberthreats are costing US companies)

Potential cybersecurity acquirers & targets
VIDEO1:4201:42
Potential cybersecurity acquirers & targets

Asheem Chandna of the venture capital firm Greylock Partners said the controversy has opened up specific technical and business questions for companies. "As customers move to the cloud, it's a concern," he said. "They do not want that data given to the government."

Overseas customers can be more sensitive, he said, and some are looking to do more business with companies in their home countries so their data can stay local.

(Read more: University of Maryland reports massive data breach)

But not everyone was bothered by the controversy—and several said all the attention has been good for the cybersecurity business.

One vendor working a booth on the convention floor said business was brisk. "The buyers are here," he said. "Snowden or no Snowden, CEOs now know they have to have security, so they're sending people here to buy it."

—By CNBC's Eamon Javers. Follow him on Twitter .

Correction: This version deleted an incorrect reference that information about RSA's cooperation with the NSA came from Edward Snowden.