I have enjoyed going to the RSA conference for the past seven years to see familiar faces, meet new people and be inspired by new and innovative cybersecurity technologies. For those unable to attend this year, or for other attendees interested in a marketer’s perspective, I thought I’d share a few key takeaways you might find interesting.
1. 2000+ cybersecurity vendors, yet still more attacks
It was fascinating to consider the growth of the cybersecurity industry and talk to companies to understand their solutions. At the same time, it was alarming to wake up the morning after RSA and read the headlines about the latest data breach. I realized that the questions I used to ask myself about what technology was needed to fill in the gaps or whether we needed a radically new approach were no longer the right questions. Instead, I now think that solving the cybersecurity problem is not necessarily about piling on new solutions or platforms. Rather, it’s about taking a step back to figure out how make what companies already have in place work together and work better.
2. A lack of customer centricity
Solving problems is the end game and technology is simply the enabler. While every vendor at RSA talked about malware, ransomware and data exfiltration, I found that very few vendors were specific about the problems they solved – what exactly they did for malware or ransomware or data exfiltration. And, more importantly, most didn’t explain what impact their solution would have for the customer. The voice of the customer – an understanding and acknowledgement of customer needs, expectations and preferences – was sorely missing from many sales and marketing pitches.
3. Cloud, cloud and more cloud
Buzzwords at RSA in previous years have included “big data” and “machine learning.” This year was all about “cloud,” and it was front and center in all of the marketing blitz. What was not clear was whether a vendor was offering a solution in the cloud or for the cloud. I would say to vendors: be careful with buzzwords. Don’t use them “just because” if they’re not core to your solution. If you do use them, be clear in your meaning. Don’t assume just because “everyone” is using the word, your audience will understand how it relates to your product.
4. Differentiation vs. more of the same
I saw this at Black Hat and I saw it at RSA. Not only did every vendor sound the same, the icons and graphics used for marketing even looked similar, thanks to the proliferation of stock photography. However, the real challenge for companies in this space is not just looking and sounding different, but actually delivering something unique that helps the customer solve a real problem. I still feel like there’s a lot of work to be done.
5. Cybersecurity policy in the back seat
It was interesting to note that the conversations around policy did not revolve around cybersecurity policy, but rather around fiscal and foreign policy and the potential impacts to free trade. Although it’s unclear at this point what policies may be implemented and what impact they may have on businesses, this uncertainty has the potential to, at the least, delay business decisions.
6. Security orchestration and automation
As cyber attacks continue to mount, it has become very apparent that the only way to scale a response is through automation. It was great to see an acknowledgement of this issue during the conference.
Overall, RSA 2017 lived up to my expectations and it was exhilarating to see how fast the industry is growing. It’s also exciting to realize that the field is wide open for cybersecurity vendors to stand out by clearly demonstrating the value they bring to customers by helping to solve specific problems.