RSAC 2023: A Cybersecurity Enthusiast's Playground
Exploring Emerging Trends, Innovations, and Players in the Industry
In this Cyber Builders publication, I share my excitement for attending the RSA Conference, the premier event for cybersecurity professionals. I look forward to meeting other Cyber Builders, including entrepreneurs, OSS project owners, and security practitioners.
This week's post includes my insights into the companies and trends represented at the conference. I am also interested in discussing the practical uses of AI in cybersecurity, which I believe is an essential topic for the conference.
Join me as I share my experience at this year's RSA Conference (#RSAC).
A dense week of networking
As a conference attendee, especially after the pandemic, I value traveling to RSAC to meet new people and make connections. While reading community members' Substacks and having web calls are great, I enjoy being with people in person and having passionate discussions about the state of our industry.
I am eager to meet other Cyber Builders, including entrepreneurs, OSS project owners, and security practitioners. We are all part of the same community, and security-minded people from the EU and the US should connect more.
I am also open to connecting with visitors, investors, and LPs interested in cybersecurity and wanting to learn more about it. Cybersecurity is still too often seen as an obscure and complex topic, and if I can help explain and make it more accessible, I would be happy to do so.
To schedule a meeting with me during the expo, please use this link: https://book.morgen.so/laurenthausermann61/laurent-rsac-2023.
Would RSAC have a position in cyber and AI?
One of the key topics should be how the latest AI improvements, such as LLMs or generative tools like Midjourney or ChatGPT, can improve information security and help defenders.
Looking at the RSA program, it is currently unclear what the community's opinion is on the practical uses of AI, and this is a bit disappointing. In planned talks, AI is often portrayed as a tool for threat actors rather than for defenders. Speakers will demonstrate how AI can turbocharge phishing campaigns or improve identity theft attacks. In some other talks, the ethical implications of AI are rightly discussed.
Still, vendors' announcements or press releases are vague. If everyone adds the AI keyword to their marketing materials, it is difficult to understand its actual value. More discussion on practical use cases where AI systems can save time, increase productivity, or help distinguish true positives (real attacks) from false positives (time wasters) would be beneficial.
In a rare session, a Microsoft threat intel engineer plans to share more about Microsoft Security CoPilot and its usage by threat analysts. Another session from Cato Networks also discussed ChatGPT for defenders, but it looks fully booked! I am looking forward to it.
Anyway, I am taking that question as homework and will report it in an upcoming edition of cyber builders!
Who will be the Vendors there?
Richard Stiennon released a nice dataset with all vendors at the RSAC expo, their country of origin, headcount, and total funding. I used it to gain some insights. We discussed his dataset over Substack Notes (here)
There are 400 vendors listed in the dataset. I’ve grouped them into buckets:
“Large US Players” is a category defined by headcount to limit scale distortion. I’ve included here IBM, Cisco, and Microsoft. The table shows that 70% of the vendors are coming from the Americas (USA and Canada), 15% from Europe (EU countries + UK, Nordics, and Switzerland), 10% from Israel, and a few percents the rest of the world (Israel, China, South Korea, Hong-Kong, Taiwan). The USA, with 274 vendors, and Israel, 41 vendors, are the two most significant contributors. There is only one Japanese company.
If we zoom in on European vendors:
European players are present at RSA Conference. UK, Germany, France, The Netherlands, and Finland provide most cybersecurity vendors. Note that on the funding, Germany appears to be an outlier in funding as many German actors exposing are older bootstrapped companies without funding. In reverse, the UK has 1.5 B$ of funding, but one vendor (Snyk) got more than 1 B$ alone.
Funding is one data point to compare ecosystems, but the headcount of these companies is also interesting to compare.
So, if you remove the three big companies (IBM, Microsoft, and Cisco) exposing, you see the businesses per geography are different:
US and Canadian players are well-funded businesses. Startups are growing fast, as highlighted by a sizeable median head count of 189 people per company. The market has large companies, such as Palo Alto Networks or VMWare, still relatively young (20 years old max).
Israel is a dynamic country in cybersecurity. Startups have high average funding, and the median headcount shows that companies are growing fast. Technology companies are getting created, funded, and then exporting their products worldwide. Being at RSA is part of that strategy.
Europe number highlights are a pretty different situation. The average funding is lower, showing that technological product companies do not get the same financing level as elsewhere. On the other hand, the average headcount is higher than in Israel. Two types of European players are exposed at RSAC. Large EU service providers have an American presence to operate managed security services in the US; or older product companies that were bootstrapped decades ago and are not highlighted in the funding data.
Some trends based on the RSAC agenda
After preparing for the conference and reviewing its agenda, RSAC visitors can expect the following:
Many vendors are talking about their products. After all, they paid for a slot as it is part of the conference economics. Some vendors differentiate themselves by bringing in customers, while others focus on malware research.
Metaverse security is still a topic. It is less fancy than last year, but few speakers will cover Metaverse crimes and online scams.
Many threat landscape conferences have ransomware on their agenda. Ransomware and its increasing sophistication will be a hot topic at RSA Conference. Experts will discuss the latest trends and techniques ransomware attackers use.
Public authorities are speaking. The NSA, the FBI, and the NIST are discussing their activities. NIST Cybersecurity Framework 2.0 is maturing and will be presented.
Conclusion
Last but not least, RSAC will have its unique, lovely off-topic keynotes. I remember hearing Condoleezza Rice share her experience during the September 11th events. Her memories were still apparent and frightening ten years after.
I expect the tone to be lighter with one celebrity keynote this year. Eric Idle will share how he became a Monty Python. I am looking forward to it! The big Moscone room will be packed, I guess.
Please forward this publication to your Cyber Builder's friends and business relations. Please engage below in the comments section or chat with me!
Before we close…
Notes is a new space on Substack for us to share links, short posts, quotes, photos, and more. I plan to use it for things that don’t fit in the newsletter, like work-in-progress or quick questions. I am also sharing some research I’m doing to get quick feedback.
Head to substack.com/notes or find the “Notes” tab in the Substack app. As a subscriber to Cyber Builders, you’ll automatically see my notes. Feel free to like, reply, or share them around!
