After recovering from a 2014 event that featured an adjacent, competing event and speakers resigning in protest, the 18th Annual RSA Conference USA showcased an information security industry at a crossroads. This year, both established industry personalities and executives at cutting-edge security startups remarked that the infosec industry seemed to have accepted that many outdated yet fundamental security assumptions need to be re-examined. One notable example was the show’s official press conference, where new RSA President Amit Yoran said the incumbent security model of the information security industry was fundamentally broken, and highlighted the need for improved threat intelligence to identify attacks that are in progress.
At the annual OpenDNS Researcher and Responder Party, held last Wednesday at OpenDNS’s headquarters in San Francisco’s SOMA neighborhood, several companies who are exploring new ways to deliver enterprise security were on-hand. Several of them discussed how both the industry in general and the RSA Conference in particular have changed in recent years.
Chris Cullison, CTO and Co-Founder of ZeroFOX, a threat intelligence company that focuses on social media, said the increased attention at this year’s show on detecting attacks before they strike has been good for awareness of his company’s business.
“Previously, a lof of people were trying to build their own threat intelligence products, not realizing that someone was already trying to solve this problem,” Cullison said. “Telling our story two years ago was a little bit harder.”
Cullison was one of several security startup executives in attendance to demo their products and services for incident responders. The Researcher and Responder Party focuses on providing an environment where researchers and technical professions can network and learn about new tools for predicting, investigating, and responding to security incidents.
Other attendees agreed with Cullison’s assessment. “Walking around the RSA expo floor I saw a lot of newer companies both in the endpoint and threat intelligence space,” said Stephan Chenette, Co-Founder and CTO of Attack IQ.
Another thing that was impossible to ignore this year was the event’s size. This year broke all previous records for attendance, with conference organizers reporting 33,000 attendees, an increase of over 4,500 attendees from last year.
“I’ve been going to RSA for more than 10 years,” Chenette said. “I’ve seen more companies and attendees this year than in any other year that I attended.”
ThreatConnect Senior Threat Analyst Jody Caldwell agreed, calling the crowds on the expo floor “overwhelming,” adding that the critical mass of attendees makes attending RSA a must for many in the industry.
“Networking is a big part of the show,” he said. “It’s a huge networking opportunity, personally and professionally, above all else.”
“A lot of that takes place outside of the expo floor,” he added.
One of key point attendees repeated over and over again was, despite the crush of the expo floor crowds, having the ability to meet with technical professionals in a low-pressure atmosphere was something they found invaluable.
“Even if the conference was just one day, it would be a successful trip,” Cullison said.