“In a sea change nothing is safe. Strange waves push us every way,
In a stolen boat we’ll float away” – Beck from Little One
With a week of recovery under my belt I’m finally able to reflect on another amazing RSA Conference. Some of my experiences were the same as years past. My feet were once again sore from 8+ miles a day of walking. I had the pleasure of coming home with the dreaded RSA flu (apparently dousing myself in hand sanitizer does not actually do anything) and my liver and I are no longer on speaking terms. Of course I also got a chance to catch up with dozens of old friends but barely got to speak to countless others. Another year gone and already looking forward to RSA Conference 2016 (in addition to the many Cons I’ll be attending in between).
Here are my top 3 personal takeaways from RSA Conference 2015:
Amit’s keynote kicked butt
For years at RSA we asked ourselves who would give the keynote at RSA Conference once Art Coviello retired. This was often used as a litmus test for water cooler discussions amongst employees about potential successors to the throne. If you couldn’t imagine a person giving the keynote at RSA Conference could they really lead our company? Could they lead our industry? The RSA Conference keynote represents more than a typical vendor keynote, it has always stood as a state of the union so to speak for the security industry and Art was a master at giving it.
When Amit Yoran took over as RSA President no one had any doubt that he was a security guru and a passionate leader. But would that come off on stage? I’ve seen Amit speak many times over the past four years. Sometimes his personality shone through, sometimes he was just seemed like yet another executive. Fortunately, the Amit that gave this year’s keynote was definitely the same passionate, highly opinionated and funny in a slightly inappropriate way person we work with every day at RSA. He doesn’t mince words or shy away from a debate and his keynote was no exception. It was bold, it was aggressive, it kicked butt. You can watch it here.
If I had to summarize the keynote in 3 bullets:
- The security industry is fundamentally broken and we need to change
- Signature-based tools like SIEM are failing. Pervasive visibility and deep investigation is “what SIEM was meant to be”
- We’ve lost focus of our mission and often are just pretending to do security. Its time to actually start facing the most important challenges head on.
Internally at RSA we’re going through a sea change being dubbed as “RSA 2.0” where we focus on moving faster, thinking bigger and solving the most important problems we see in the industry. Amit’s keynote was a call to action for the rest of the industry to take a long hard look at themselves and start doing the same. Some are already getting the message:
There are over 500 vendors at the RSA Conference and I have no idea what most of them do
I usually try and carve out at least 4 hours to walk the showroom floor. Besides competitive analysis, marketing benchmarking and schwag procurement I really just find it …. Fun. I don’t know what that says about me but I’m guessing it stems from a combination of my love for security and my upbringing walking aimlessly around New Jersey malls hoping to spot a cute girl that I’d inevitably be too afraid to talk to (Side note: I’m so glad the Conference banned overexposed booth babes, it was a long time coming).
Each year (and this is 9 straight for me) walking the floor it seems to become more and more difficult to separate one vendor from the next. Besides the fact that many security teams stink at marketing (RSA luckily has geniuses like me so we’re not in this bucket) but the messages are completely bleeding together. I sympathize for practitioners. If I have no idea what a vendor does and I’m paid to figure it out I can’t imagine trying to navigate the Expo Hall in an attempt to learn more about the industry and what you should be looking to purchase must feel like. It has to be overwhelming. Next year we should supply tour guides like they have at the Roman Coliseum to walk you around. Bottom line: Vendors need to do a better job showing the actual use cases their products solve. Buyers need to pay less attention to marketing buzzwords and think about their individual security priorities before walking around the Expo Hall.
We’re past the tipping point
The excitement I felt this year was different than years past. Perhaps it’s the fact that we’ve gone mainstream, or the sheer volume of the event, or the fact that the products we’re focused on in the Advanced SOC group at RSA are really starting to reshape the security landscape. Or perhaps it was the seven caffeinated beverages I drank daily in order to physically get through the Conference. Whatever the cause, I felt there was a real buzz to this year’s event.
First, I went to go to our Advanced SOC user group meeting and couldn’t get into the room. Over 100 customers (with a few employees sprinkled in) overstuffed the venue. Our demo stations didn’t just get traffic they got attention. Demos were lasting 45 minutes with real engagement; the hands-on lab we set up in the booth had users interacting with our products for hours in some cases. When I got to San Francisco I saw a lot of competitors using the same key word as we use: visibility. I started to get a little worried we would get lost in the noise but we didn’t. I think our message that you need to see everything, and not just one myopic security viewpoint really resonated. This is why we chose the tagline “See Everything. Fear Nothing.” for our upcoming RSA Security Analytics launch event and why we had hundreds of articles written about RSA (the company, not the event) through the week. Simply amazing. I’m curious if other vendors felt the same buzz. Rising tides lift all boats.
The week completely wiped me out but also reinvigorated my passion for security and what we still can achieve. I hope it did the same for you.
See you next year.
You can find me on Twitter @Geftic