This post is part of a multi-part series about the Securosis Guide to the RSA Conference (download the RSAC-G PDF). Please scroll to the bottom for links to other posts in the series.
\While everyone likes to talk about the "security market" or the "security industry," in practice security is more a collection of markets, tools, and practices all competing for our time, attention, and dollars. Here at Securosis we have a massive coverage map (just for fun, which doesn't say much now that you've experienced some of our sense of humor), which includes seven major focus areas (like network, endpoint, and data security), and dozens of different practice and product segments.
It's always fun to whip out the picture when vendors are pitching us on why CISOs should spend money on their single-point defense widget instead of the hundreds of other things on the list, many of them mandated by auditors using standards that get updated once every decade or so.
In our next sections we dig into the seven major coverage areas and detail what you can expect to see, based in large part on what users and vendors have been talking to us about for the past year. You'll notice there can be a bunch of overlap. Cloud and DevOps, for example, affect multiple coverage areas in different ways, and cloud is a coverage area all on its own.
When you walk into the conference, you are likely there for a reason. You already have some burning issues you want to figure out, or specific project needs. These sections will let you know what to expect, and what to look for.
The information is based in many cases on dozens of vendor briefings and discussions with security practitioners. We try to help illuminate what questions to ask, where to watch for snake oil, and what key criteria to focus on, based on successes and failures from your peers who tried it first.
The general themes are fun and interesting, but for those of you facing real projects, these deep dives will be a lot more practical.
Check out other posts in the series: Introduction
Theme posts: Change; Internet of Things; Professionalism; Compliance; Big Data; Bonk; DevOps
Coverage Area Deep Dives: Overview; Endpoint Security; Network Security; IAM; Cloud Security; Data Security; Security Management;
Download your copy of RSAC-G