RSA Conference 2018 Observations – Technology, Buzz, Suits, Trolls, and More…

by Logan Gilbert

April 26, 2018

access_time 8 min read

RSA Conference 2018

After spending a few days with the Ziften team at the 2018 RSA Conference, my technology observation was: more of the same, the usual suspects and the usual buzzwords. Buzz words like - “AI”, “machine learning”, “predictive” were wonderfully overused. Lots of attention paid to prevention, everyone’s favorite attack vector – e-mail, and everyone’s favorite exploit – ransomware.

About the only surprise to me was seeing a smattering of NetFlow analysis companies – lots of smaller companies trying to make their mark using a very rich, but difficult to work with, data set. Very cool stuff! Find the small booths and you’ll find tons of innovation. Now, in fairness to the bigger vendors I know there are some truly cool technologies in there, but RSA hardly lends itself to seeing through the buzzwords to actual value.

RSA Buzz

I might have a biased view since Ziften has been partnering with Microsoft for the last 6+ months, but Microsoft seemed to play a much more prominent leadership role at RSA this year. First, on Monday, Microsoft announced it’s all new Intelligent Security Association bringing together their security partnerships “to focus on defending customers in a world of increased threats”, and more importantly - strengthening that protection through shared security intelligence across this ecosystem of partners. Ziften is of course proud to be a founding member in the Intelligent Security Association.

Additionally, on Tuesday, Microsoft announced a ground-breaking partnership with many in the cybersecurity industry named the “Cybersecurity Tech Accord.” This accord calls for a “digital Geneva Convention” that sets norms of behavior for cyberspace just as the Geneva Conventions set rules for the conduct of war in the physical world.

RSA Attendees – Suits and Decision Makers

A true point of interest to me though was the makeup of the expo audience itself. As I was also an exhibitor at RSA, I noted that of my visitors, I saw more “suits” and less t-shirts.

Figure 1: The Ziften booth where I spent a good portion of my time at RSA meeting with customers!

Ok, maybe not suits per se, but more security Managers, Directors, VPs, CISOs, and security leaders than I recall seeing in the past. I was encouraged to see what I believe are the business decision makers checking out security companies first hand, as opposed to doling that task to their security team. From this audience I often heard the same themes:

  • This is overwhelming.
  • I can’t tell the difference between one technology and another.
  • You guys have really cool socks. (We really do. If you don’t believe me, check out this video on our Twitter feed from RSA. And, if you missed out, come by and get some at Black Hat in August.)

RSA Absences – Technology Trolls

What I saw less of were “technology trolls”. What, you may ask, are technology trolls? Well, as a vendor and security engineer, these are the guys (always guys) that show up 5 minutes before the close of the day and drag you into a technical due-diligence exercise for an hour, or at least until the happy hour parties begin. Their goal – absolutely nothing useful to either party - and here I’m assuming that the troll actually works for a company, so nothing useful for the company that actually paid thousands of dollars for their attendance. The only thing gained is the troll’s self-affirmation that they are able to “beat down the vendor” with their technical prowess. I’m being harsh, but I’ve known the trolls from both sides of the fence, both as a seller, and as a buyer – and back at the home office no one is basing buying decisions based on troll recommendations. I can only assume that companies send tech trolls to RSA and similar events because they don’t want them in their office.

Holistic Security Conversations

Which brings me back to the type of people I did see a lot of at RSA: security savvy (not just tech savvy) security leaders, who understand the business argument and decisions behind security technologies. Not only are they influencers but in many cases the business owners of security for their respective organizations. Now, aside from the aforementioned questions, these security leaders seemed less focused on a technology or particular use case, but rather an emphasis on a desire for “holistic” security. As we know, good security requires a collection of technologies, policy and practice. Security savvy customers wanted to know how our technology fit into their holistic solution, which is a refreshing change of dialog. As such, the types of questions I would hear:

  • How does your technology partner with other products I already use?
  • More importantly: Does your company really buy into that partnership?

That last question is critical, essentially asking if our partnerships are simply fodder for a website, or, if we truly have a recognition with our partner that the whole is greater than the parts.

The latter is what security professionals are looking for and need.


Overall, RSA 2018 was great from my perspective. After you get past the jargon, much of the buzz centered on things that matter to customers, our industry, and us as individuals – things like security partner ecosystems that add value, more holistic security through real partnership and meaningful integrations, and face to face conversations with company security leaders, not technology trolls.