February 14, 2007

RSA San Francisco 2007 - A Perspective

The RSA Conference has emerged as the leading annual US information security event. The one time crypto-geek fest originally held in the Sofitel Hotel in Redwood City, CA in the early 1990s has blossomed from a gathering of the cryptographic community to the anchor of the information security marketing year.

I’ve been on the Security Speaker circuit for quite some time. I did my first CSI in New York in 1983 and as I recall, my first RSA speaker slot in 1996. The growth of RSA in both size and scope has been nothing short of remarkable. This year’s event featured over 340 exhibitors, 500 speakers and 200 sessions. Many of the keynote speakers called for the conference to broaden its coverage and extend into more general business topics.

Frankly this would be a sad thing. There are plenty of general venues, but not very many places where security oriented start-ups and new technology companies can mingle with end users, venture capital companies, competitors, would be acquirers and of course, analysts. This year’s event was upbeat and by all accounts successful. I’ve noticed that the number of end user attendees has increased. Attendees tend to be people actually doing the work rather than executive management. Engineers and project leaders apparently use RSA as way to stay abreast of industry developments in the sessions and see all the key vendors in one spot. As with many other shows, once the workshops start, the exhibit floor empties out.

Last year may have been the year of compliance where every vendor seemed to base their marketing appeal on ‘compliance’. This year would have to be the year of leakage where many vendors were touting their ability to prevent leakage of sensitive data or intellectual presence.

This year, as with years past, there is growing attention to legal and government matters. While this trend may pay tribute to the early days when bashing NASA over crypto export restrictions was de rigueur, it strikes me that legal penalties, data forensics, electronic discovery and government policy concerns have taken a higher mind share with information users and security vendors alike.

For me, the highlight of the event is always the Speaker’s dinner. Being selected as a speaker or panelist is always an accomplishment. Art Coviello, head of the RSA Division of EMC and former CEO of RSA told us that 500 speakers were accepted from 2300 applicants. In years past the number of acceptances has been a tenth of the applications. It’s also interesting to see the body of speakers and appreciate the range of talent from cryptographers to attorneys. As you might expect the table chatter is lively and often sarcastic, cynical and even thought provoking.

See you there in San Francisco next April?

No comments: