• United States



Contributing Writer

Hot Topics at the RSA Conference

Feb 20, 20144 mins
Check PointCisco SystemsData and Information Security

Mostly the same as last year but with more innovation, startups, and excitement

It’s the calm before the storm and I’m not talking about the unusual winter weather.  Just a few days before the 2014 RSA Security Conference at the Moscone Center in San Francisco.

In spite of this year’s controversy over the relationship between the NSA and RSA Security (the company), I expect a tremendous turnout that will likely shatter the attendance records of last year.  Cybersecurity issues are just too big to ignore so there will likely be a fair number of first-time attendees. 

So which areas will be hottest at this year’s event?  Well, RSA is really a cybersecurity vendor event so discussions will center on a handful of technology categories.  Additionally, much of the buzz will be similar to last year.  Here’s what I’m expecting to hear about throughout the week in San Francisco (in no particular order):

  1. Advanced malware prevention and detection.  Bromium was the Hollywood startup last year, and everyone was anticipating the FireEye IPO.  If anything, FireEye’s success and recent acquisition of Mandiant will only fuel this fire.  Cylance’s math-based malware detection/prevention will likely get lots of attention as will Bit9’s recent acquisition of Carbon Black.  I also foresee a fair amount of “antivirus is dead” hyperbole (which I don’t buy into), as well as advanced malware detection/protection innovation from the old guard (Kaspersky Lab, McAfee, Symantec, Trend Micro, etc.) and assorted newbies (Lumension, Malwarebytes, Triumfant, etc.).

  2. Mobile computing security.  This theme may be a tad muted since RSA falls at the same time as Mobile World Conference in Barcelona.  Nevertheless, mobile computing security remains extremely relevant.  According to ESG research, 62% of security professionals working at enterprise organizations (i.e. more than 1,000 employees) say that mobile computing has made security management and operations “much more difficult” or “somewhat more difficult.”  This is likely due to issues around mobile computing scale, the presence of consumer devices, and managing/securing cloud services like games and on-line file synch/sharing.  I look forward to meeting mobile management and security vendors like Good Technology and MobileIron, but it will also be interesting how everyone else weaves mobile computing into their value proposition.

  3. Security analytics.  Last year, “big data security analytics” was part of the show floor lexicon but few vendors other than IBM, LogRhythm, RSA, and Splunk had much to talk about.  I anticipate a “coming out” party at this year’s event as a plethora of real vendors most security professionals have never heard of like 21CT, Click Security, Cybereason, Hexis Cyber Solutions, Leidos, Narus, and ISC8 have real products to demonstrate.  Security professionals interested in this burgeoning area should cast a wide net at RSA and take advantage of all of this cybersecurity mathematics, machine learning, and statistical brain power in one place.

  4. Next-generation network security.  Everyone was gaga over Palo Alto Networks in 2012 and FireEye in 2013.  The question now is how these technologies become the foundation of an integrated end-to-end network security architecture that spans physical, virtual, and cloud-based networks with firewall, IDS/IPS, segmentation, and content security services.  Okay, this may be a bit heady for an event more akin to products and cocktail parties, but if you listen closely, you are bound to hear Check Point, Cisco, Fortinet, McAfee, IBM, and Juniper crafting a similar story.  This is especially true because of developments like VMware’s NSX, Cisco ACI, and Software-defined networking in general. 

  5. Cloud security.  This was probably the marquis topic at RSA 2011 and it hasn’t lost steam.  I look forward to hearing what Amazon and the CSA has to say and yacking with a few intriguing startups like CloudPassage, HyTrust, and SkyHigh Networks. 

Okay, so this is my list of “hot topics” for RSA 2014.  I’ll blog “cold topics” tomorrow.  As a preview, these “cold topics” are the cybersecurity issues that should get more attention at RSA, but probably won’t.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author