It’s hard to believe that RSA Conference week is finally here! After months and months of preparing for cybersecurity’s “Super Bowl” event, more than 40,000 people will come together in San Francisco to network, learn new things, and determine what is “The Art of Possible.”
For those of us who have been in security for a long time (like me!), we know that the relationship-building that happens this week can last a lifetime. While the event is becoming increasingly busier year after year, the exhaustion is well worth it—especially when you look back at all those new connections you’ve made! Nothing can replace shaking hands and exchanging ideas about where the cyber market is headed next. That’s why this event is a must-attend for so many!
Like others, I’m watching eagerly from the RSA sidelines this year to learn as much as I can from the event. I’m curious to know:
- Other than more innovations around AI, what will be the big news coming out of the show?
- What are the VCs expecting?
- What key themes will come out of the keynote sessions?
- What will cyber policymakers have to say about election security, as we’re six months out from voting?
While we eagerly await the onslaught of headlines, our team reached out to our reporter and analyst friends to see what they are most excited about for the week. Here’s what they had to say:
Phillip Wylie, Podcast Host, Phillip Wylie Show
“I’m most excited to see the advancements with AI in cybersecurity products…especially in the area of offensive security automating pentesting.”
Alan Shimel, CEO of TechStrong Group
“I’m most excited to see my friends at RSA! AI of course will be the ‘thing’ we hear most about all week. One trend we are hearing more about though is that companies are getting tired of spending a lot of money on security tools and services and can still be breached. This could affect security budgets going forward.”
Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group (ESG)
“We’re excited to meet with friends and clients for meaningful discussions on how to bolster security team effectiveness. I’m most excited about Enterprise Strategy Group having two sessions unveiling new research results on two important topics: genAI opportunities and challenges and where organizations are focusing, and then we also have our annual report with the ISSA on how cybersecurity professionals are navigating today’s challenges. I’m excited about the overall program, including the keynote with U.S. Secretary of State Antony Blinken that shows the importance of our industry and all that we do. While AI and genAI are top of mind to transform how we work, what a great message to have an emphasis on the human element because of its importance to cybersecurity effectiveness. It will be fun to see the Jason Sudekis keynote on Wednesday to address the power of the community, teamwork, collaboration, as well as the importance of mental health and kindness.”
Sean Kerner, Freelance Journalist, SDxCentral & TechTarget
“I’ve covered the last 24 RSA conferences and it doesn’t take very long for one year to sound much like the next. AI. AI. AI – everything is AI this year. It’s annoying and much of it isn’t AI at all. But some of it is. Finding the gem, the actual vendor/tech that is actually doing something different will be interesting.”
Richard Stiennon, Chief Research Analyst, IT-Harvest & Author of Security Yearbook 2024
“This is our first time ever having a booth at RSAC. We are buzzing with excitement. The best thing is I just rescheduled all my appointments to meetings in the booth! I am looking forward to continuing the decades-old debate between platform and best of breed. Of course, AI is the big trend/topic this year. There were 30 late withdrawals from exhibiting at RSAC this year. A sign of stressed companies, mostly those with venture funding.”
Laura Larghi, Senior Financial Journalist, Mergermarket
“For me, one of the main topics at RSA this year is to understand how cybersecurity companies are planning to leverage AI. The questions to answer are:
-
-
-
-
- How can AI help increase cybersecurity? What new risks/exposure does it create?
- How fast can companies integrate AI in their businesses?
-
-
-
There have been several deals in the cybersecurity space in the beginning of 2024, and I am hoping to understand if the trend will continue and if it will also involve large deals. Another question I am looking to find an answer for is whether an improved IPO market is becoming a real alternative for cybersecurity players?”
Eric Parizo, Managing Principal Analyst, Omdia
“We’ll be sending nearly a dozen analysts to San Francisco this year. And as you know our parent company, Informa Tech, also owns Dark Reading, and their incredible team, led by Kelly Jackson Higgins, will be there as well. Plus, we’re excited that our new friends from Canalys, recently acquired by Informa Tech, will be there too.
As an industry analyst, my focus is broad, but generally in the areas of cybersecurity technology, vendor strategy, and how both relate to current and future cybersecurity industry trends. One of the hardest and most important roles that we play as analysts is to pull together the different threads we see across the industry and identify what they mean and what they tell us about where cybersecurity is headed. It’s always a challenge, but it’s always fun to be out in front of a huge new trend.
In my research, I specifically focus on security operations (SecOps), so I’ll be watching for emerging capabilities in solutions like SIEM and XDR, and specifically the extent to which AI/GenAI is ‘moving the needle’ in SecOps for enterprise customers. Even if I receive a research opportunity that is outside of my core research area, a big part of my job is directing those opportunities to one of the many analysts on our amazing Omdia Cyber research team.”
Paul Roberts, Publisher & Editor in Chief, Security Ledger
“I’m most excited about Bricked and Abandoned, the panel I’m doing on Tuesday (on the sidelines of RSA). I’m joined by Allan Friedman of CISA, Chris Wysopal of Veracode, Tarah Wheeler (Red Queen) Window Snyder (Thistle) and Jake Williams (IANS) to talk about the problem of ‘abandoned’ IoT devices and the cybersecurity repercussions of manufacturers’ decision to declare devices ‘end of life’ regardless of whether the device is still functioning and has years (decades?) of useful life in it. This is part of a larger ‘launch’ of a non-profit I’m helping to stand up (along with Chris and Tarah) called Secure Resilient Future Foundation (SRFF) that is rallying the cyber community to combat the status quo of ‘security through obscurity’ and advocate for more transparent, sustainable, resilient design and development.
I think that’s consistent with a larger theme I’m perceiving at this year’s show, which is a real push for accountability for software producers. Between the recent release of NIST’s CSF 2.0 and the very vocal calls for software makers to meet higher standards for secure software design, I think we’re seeing the (long awaited) acceptance of the notion that leaving it to the market and companie to self regulate is not a recipe for success when it comes to cybersecurity. More than at any time in my 20+ years of coming to RSA, I hear people both within and outside of government talking about the need for rules and standards that software makers must adhere to in order to protect their customers and the public from hacks, data breaches and other bad outcomes. We’ll see what happens, but I’m tentatively hopeful that next year will bring some real advancements on this front.”
Joel Witts, Content Director & Podcast Host at Expert Insights
“I’m most excited to hear about the new innovation happening in the cybersecurity space, not just the flashy new AI tools (although they are exciting of course!), but also the under the radar product launches and updates that will really help security teams deal with the challenges they are facing. Gen AI is already emerging as the main talking point of the show this year, both in terms of governing its usage within the enterprise and how it can be used to help CISOs manage security alerts. It’s probably the answer everyone will give, but I think this is something that will come up in almost every conversation we have this year!”
The senior leaders of our Cybersecurity Practice here at Merritt Group will be onsite at RSA this week to network, make new connections, and help support our stellar security clients. We’ll also be thinking hard about how emerging themes from this year’s event may impact the industry moving forward.
If you’d like to learn more about our PR and marketing services or discuss what all this buzz means for your business, please reach out and we can book a time to chat during or after the show.
For more insight on how great brands can disrupt the crowded cybersecurity market, check out Merritt Group’s Security Practice page.