Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Training & Awareness

Observations From RSA Conference 2019

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it’s also a great opportunity for people like me to get insight into trends in the industry.

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it’s also a great opportunity for people like me to get insight into trends in the industry. When vendors, clients, partners, and professionals from all corners of the industry come together, you get a very clear picture of how people are thinking about the present and future of cybersecurity. 

My focus is on security orchestration, automation, and response solutions, better known by the acronym SOAR, and it’s been especially interesting to see how SOAR has evolved alongside broader industry trends. Here are a few observations from my time at RSAC 2019 about SOAR and the cybersecurity world at large.

SOAR is more of a known quantity now

What a difference a couple of years makes. The term SOAR has only existed since 2015, and while the foundational elements that it brings together—e.g. security automation, incident response, threat intelligence—have been on the scene for longer, many of these technologies have only become household names across the industry in the last few years. The past year has been huge for the growth of SOAR, and we saw that reflected in the way that conference attendees approached SOAR and how vendors presented their platforms. The buzzwords and bold marketing claims are giving way to more tangible offerings, as prospective buyers are learning to see through the noise and understand exactly what they’re looking for. From my perspective, this is a great development. I had a lot fewer conversations explaining what SOAR was, and more conversations that could get right into the details of the technology.

There’s a shake-up going on in the SOAR market 

As SOAR has become more prominent, there have been major moves in the industry, including the acquisitions of SOAR companies by major tech players. Bigger cybersecurity companies are seeing the SOAR market growing and are recognizing the potential of adding it to their offerings. There are actually only a few independent SOAR vendors left. These big public changes in the market have made many people start to pay attention and are affecting the way that people at RSAC were talking about SOAR, particularly because acquisitions and consolidation can make buying decisions more complicated. Buyers were wanting assurances that SOAR platforms would coexist with the rest of their security infrastructure, regardless of who developed the tools. 

Don’t forget about the human users

I deal with software buyers and users every day, but that can’t compete with RSAC for the opportunity to talk to a huge amount of people who are on the front lines using security tools in their day-to-day roles. Something that I heard from a lot of people is that as the technology behind the tools evolves, vendors shouldn’t forget about who is actually using the platform. For instance, powerful automation is great, but if the interface doesn’t reflect the real-world workflows of analysts, those gains in speed will be quickly cancelled out. Or to take another example, if a system’s integrations all require extensive manual coding, it’s going to require a lot more time from users up front, before it starts saving them time down the line. It’s a valuable thing to be reminded of periodically. As developers, it’s easy to get lost in the new features and powerful tech, while forgetting about who the solution is actually for.

Advertisement. Scroll to continue reading.

And finally…

Maybe it’s just me, but it seemed like fewer organizations were throwing big parties at RSAC. There are still lots of fun events, but the focus seems to be on more intimate settings that are conducive to connecting with colleagues, clients, partners, and others in the industry. This is fine with me! After being on my feet all day presenting and talking to folks, going to a big party is the last thing I want to do. 

It’s an exciting time of the year, because there are several other events coming up where the security industry will come together to share their solutions, exchange ideas, and meet like-minded people from around the world. Now that the dust has settled from RSAC 2019, I’m already looking forward to the next one.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Training & Awareness

Google has announced a new training program for cybersecurity analysts and those who graduate will get a professional certificate from Google.

Management & Strategy

750 cyber specialists have participated in Defence Cyber Marvel 2 (DCM2), the biggest military cyberwarfare exercise in Western Europe.

Phishing

Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how...

Management & Strategy

Addressing the people problem with effective approaches and tools for users and security practitioners will enable us to work smarter, and force attackers into...

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Management & Strategy

Tips for making a presentation that will help improve the state of security programs and reflect favorably on the presenters and their companies

Management & Strategy

UK-based cybersecurity training solutions provider Immersive Labs announced on Wednesday that it has raised $66 million in new capital.