An Investor’s View of the RSA Conference

Posted on by David Needle

The RSA Conference in San Francisco wrapped up earlier this month, and there has been much discussion and analysis of the new products and services that were on display in addition to the many thought-provoking sessions. After spending a week among the crowds, I was very interested to get an investor’s perspective on the conference.

enterprise securityIt’s fascinating because investors can have a very bottom-line, skeptical outlook when it comes to technology—they do less cheerleading and think more about what works, what will sell and what will be successful.

Joel Fischbein, Managing Director of Software and Cloud Technology Research at BTIG, went to the RSA Conference to take the pulse of the security world. I got my hands on a lengthy research note on the conference that he sent to his clients, sharing what he observed to be key trends.

In some ways the conference confirmed some of his earlier analysis. For example, last November in an article entitled “Game of Clones”, Fischbein said there’s a growing number of “me-too” security vendors that fail to offer a significantly better solution than established or more innovative, newer firms. 

“The crux of our Game of Clones thesis is that the security market is overcrowded, overhyped, and overfunded,” Fischbein said in his latest report. “The endpoint market is an ideal case study as hundreds of vendors battle for ‘next generation’ supremacy.”

He went on to say that dozens of vendors have raised huge sums of private funding with the hopes of creating “the next magical cyber security solution.” 

Post-RSA he says “… buyers appear fatigued by the sheer number of tools at their disposal and instead are consolidating around key vendors.” He predicts the security industry is poised for a shakeout as funding slows down “and security buyers get smarter about buying technology over marketing.”

On the product side, he noted a trend of vendors featuring analytics, machine learning, and threat intelligence in a bid to give enterprise customers solutions that provide contextual awareness around threats rather than ones focused solely on detection and raising red flags.

The effort and value is not misguided, however Fischbein believes that in the future, threat intelligence will be a feature consolidated into larger platforms, rather than its own sector of security products. 

His discussions with vendors and enterprise security execs at the conference lead Fischbein to conclude that many buyers are both growing and shifting their security investments into more strategic areas such as data protection, endpoint, and management and orchestration.

A new wave of security products?

Security threats and solutions will continue to evolve. No doubt next year’s RSA Conference will have a different theme or points of emphasis. Perhaps we will have resolved the encryption controversy by then. (Hey a guy can dream, can’t he?) Fischbein sees change coming to security because every interaction within a network generates new data regarding users and their activity.

“New technologies are required that not only flag potential risks, but also provide security teams with actionable insights on that behavior,” he said.

The growing importance of MSSPs

Whether you believe there are too many security products on the market, there is no one solution for the growing number of threats. Enterprises will inevitably need to rely on multiple products from multiple vendors in their security ecosystems.

But with IT security professionals in high demand—and the complexity of managing multiple products—Fischbein sees another important piece of the security puzzle falling into place: Managed Security Service Providers (MSSPs).

He believes MSSPs are going to be “critical” to security vendor’s market strategy and valuable to enterprises to the extent the MSSP can deliver multiple solutions up and down the security stack with end-to-end visibility.

He notes that developing a great new security feature is just a first step because “… how technologies are deployed is at least as important as the technologies themselves.”  


threat intelligence

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs