The RSA Conference held each spring in the US has for many years been heralded as the security show to attend, to the extent that it sets the tone for the industry for the rest of the year. Besides accommodating the single largest collection of security vendors in one place, RSA allows for access to C-Level enterprise executives, particularly CIOs and CISOs.
And 2014 was no exception. This year’s RSA was big – over 350 exhibitors and over 25,000 attendees. Industry watchers held their collective breath to see what would be unveiled at RSA 2014, and the boycotts over the NSA allegations only served to heighten that anticipation. Unfortunately, once the show was over, it was a bit like realizing that all those presents under the Christmas tree were just socks. Yes, we all need socks, but what we were really hoping for was something unique and exciting.
This year’s show was lacking – in innovation, in hard-hitting announcements, and in unique messages. Many announcements felt similar (yet another announcement on threat intelligence) or dated (secure that URL). Opinions on why this was so include:
As the spring conference cycle gets underway, the next few months will be telling. If the lack of important announcements emerges as a trend, the importance of the springtime RSA conference will wane. Perhaps RSA will become a podium for small vendors, with large vendor announcements occurring closer to the mid-year point?
Was RSA 2014 a total loss? No. The show is worth attending for the professional networking alone. No other show attracts the depth of security professionals that participate in RSA. Further, RSA allows participants to gain a true understanding of what folks are looking for in the “real world.”
Some key messages did emerge from the many booths, announcements, and conversations at the show:
While this year’s RSA lacked the WOW factor of previous shows, the high attendance rate and the impressive presence in the exhibition hall do make clear that security is perceived as important in today’s business environment. Perhaps this year’s trend of lackluster announcements is an anomaly – the result of concerns over the strained trust environment between end users, governments, and vendors.
Just like getting socks for Christmas, getting back to some security basics isn’t a bad thing, but we’ve been good, RSA, so can we have nice toys next year?
Follow me on Twitter (@robayoub) to keep informed as new research is released.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.