The RSA Conference Expo 2019 has now closed, and as exhibitors strike their sets and pack their leftover tchotchkes, it makes for a great time to reflect upon where the rubber met the road at the show.
It’s the products and services that make security real, and the RSAC expo floor truly brings this to life. Spread across massive north and south halls, and even the connecter hallways in-between, there was a real mix of exhibitors. From giant companies with their equally giant booths, up-and-comers with recognisable names, and smaller companies that come with their hopes and prayers looking for that right connection, this year the halls had it all. I saw a lot of Zero Trust-related offerings, threat hunting (from feeds to scans to artificially intelligent services) as well as the staple of SIEMs (where they are becoming predictive now), microsegmentation, cloud security, and better ways to identify users and devices. All of these are important as even with the best-laid security plan, if not matched with the right product and service, organisations are still doomed. Although the work on the expo floor is important, it wasn’t without its issues.
Many cyber professionals have been quietly commenting that since this industry is chartered to protect companies, industries, countries, and the civilised world from harm, perhaps the carnival atmosphere of RSAC is not the best way to represent itself. Booth staff have over-focused on scanning the badges of passers-by, rather than engaging in substantive conversation, and this has furthered a less than trustworthy image that some attendees have blanched at.
In fact, one of the most talked about booths this year is one that’s not even there. It turns out that the conference felt that company Swimlane violated the expo agreement, and draped their booth in black and posted a guard. Lots of talk about whether the punishment matched the ‘crime’, but either way those black drapes became a cyber tourist attraction.
Despite the drama, it was great to see entire geographic regions come to the show. Germany had its own booth, which it used to promote German security products and companies, and Georgia (the US state and not the Eurasian country) featured its Fort Gordon Cyber District as a fast-rising cyber destination for both the public and private cyber sectors. There was even some talk about which Georgia – state or country – has the better cyber capabilities. Perhaps a gauntlet is being thrown?
The expo floor isn’t for everybody, and in fact I had lunch with a guy who has been to dozens of RSA shows, yet avoids the expo religiously and has only visited twice in all his years. I have found this to be a mistake, because beneath the glitz and din lie the prizes that we need to build our defences. These prizes don’t come from the arcades or the giveaways, but from the cyber professionals working hard in the booths, that care about the mission, have pride in what they have to offer, and share a strong desire make the world a better place through cyber security. It is for these people, my collective colleagues, that I am thankful, hopeful, and energised for the future.
Almost on cue after a rainy week, the sun is finally shining and I’m off to walk the Golden Gate Bridge to gain that needed peace and perspective before heading back to the real world. See you next time!