Perhaps you’ve noticed the slogan of the RSA Conference is “Where the World Talks Security.” It’s a good slogan. But have you ever wondered “how” the world talks security? That’s definitely of interest to the RSA Conference organizers as well as us here at the Cyentia Institute. So, we combined our collective data and analytical powers to study that question in a report that’s just been released. 

The report titled “Striking Security Gold” mines a decade’s worth (~15,000) of Call for Paper (CFP) submissions from 2009 to the upcoming 2018 conference. Some may remember a similar analysis from a couple years ago that used 25 years of titles. While informative, those are of limited value when trying to determine something like “how the world talks about security.” CFP submissions, by comparison, are a veritable goldmine of details and insight about each session. 

To dig into that goldmine, we used a combination of Natural Language Processing (NLP) techniques and a classification system developed for the Cyentia Research Library. We started with a technique that measures the relative importance of terms among submissions of a given year compared to other years. The algorithm’s take on the “most important” terms are shown in the figure below, which, if you’re like us, is likely to elicit an “I remember that year!” or two. 

 After tagging all 15,000 CFPs—a process that’s no walk in the park behind Moscone—we were able to produce the visualization below that shows how various topics are trending across the years. Apologies up front; to get the full version and the story behind it, you’ll have to grab the report. For now, notice how some topics are trending up (e.g., Internet of Things), some are flat (e.g., Vulnerability), and some are trending down (Virtualization). The full list is actually quite fascinating and shows how topics enter the industry conversation, dominate it for a time, and eventually get outspoken by others. 

At this point, you might be thinking “that’s cool, but some of those topics appear related—did you analyze common groupings of them among abstracts?” Of course we did! And we have an amazing cluster diagram to prove it. It just doesn’t fit very well into this space, so once again, we’ll have to refer you to the full report for that. Enter your email below to download it. But seriously...it’s worth it. 

We did several other fun things we won’t go into here, but we will mention one we think many will find particularly interesting. As RSA Conference veterans will know, there’s the talk from the official presentations and there’s talk from the vendors. Ever wondered if those two parties are speaking the same language? Us too, and so we tagged the company descriptions of every vendor on the show floor and compared the results to CFPs. As the figure below suggests, we found a surprising degree of correlation. Sure, vendors like to talk a bit more about threat intel, big data, and third-party services, but presenters have their schticks too (*ahem* “threat actor”). At least everyone agrees we need to do something about security incidents. 

And with that, we’ll bring this post to a close and urge you once again to check out the full report. We hope it builds some anticipation and cogitation heading into RSA Conference 2018. Oh - and drop by the Cyentia Institute booth^[1] to hear about all the cool things we’re doing.