What I expect from the RSA Conference February 26, 2010Posted by jonathanpenn in news.
I’ll be pretty busy at the RSA Conference this year, with participation in the always-well-attended Industry Analyst Roundtable discussion with my colleagues at Gartner and IDC (March 2, 1:00 PM, Orange Room 302), and moderation a very interesting session on the changing nature of the vendor-CISO relationship (March 4, 9:10 AM, Green Room 123) with the CEO of Sophos and the CISO of Raymond James Financial.
And about 30 vendor briefings, with some time to cruise the exhibit floor. I’ll probably have to view many of the keynotes online, unfortunately. But I promise to blog each day about what I’m seeing (and not seeing) at the event.
Here’s what I expect:
- Cloudiness. Lots of solutions focused on securing IT as it adopts cloud (IaaS, PaaS, and SaaS) computing. This is a marked difference from last year, which showed many vendors offering security products that simply exist “in the cloud” (ie, cloud/SaaS as a delivery model)
- Commotion. For several years the RSA Conf was somewhat torpid. IT security investment was down, and attendance reflected that as the vendor presence started to overshadow that of practitioners. Last year represented an uptick in both activity and innovation. Expect that continue – new product, new vendors (!), and lots of interested security professionals eager to learn.
- Corroboration. Security professionals are always scrutinizing in their spending, but this year is especially tight. Even though their own security budgets have fared reasonably well, other IT groups and business units that normally contribute funds to various projects simply don’t have the money to spare. On top of this, IT Security groups are facing enormous staffing pressures at a time when the pace of change – IT change, business change, and change in the threat landscape – is increasing. I don’t know if vendors will be providing better models or examples of the benefits their solutions can bring, but the IT sec pros asking questions at the booths and from the audience at the session will have a laser-like focus not just on how these solutions deliver more security, but also on how they deliver demonstrable value,.
- Consistency. What I don’t expect see is any ground-breaking new security technologies or groundswells of vendor movement, the way we saw identity management, then compliance and governance, then data loss prevention each sweep through the industry in turn through the course of the last decade.
There you have it. As I said, it’s going to be a whirlwind week. I’ll be posting frequently, so please let me know what you’d like to hear about as I grill vendors on their performance, plans, and products, and also talk with security professionals about their priorities, challenges, and successes.