RSA Reflections

RSA put on another great conference last week in San Francisco. For the uninitiated, the RSA Security Conference is the premier corporate security conference with attendance to the tune of seventeen thousand people. It is a fantastic place to see what’s hot, what technologies are up-and-coming (they tend to have the little booths *not* in the middle of the show floor), as well as putting faces with names.

RSA is as much about the business side of marketing, research, and innovation as it is about professional networking. The after hours event did San Francisco justice- the food and drinks served in the vendor receptions (and parties) were absolutely stellar.

I was on ‘booth babe’ patrol (err, duty) and enjoyed a continual stream of collegues, teammates, friends, and some very impressive prospects and inquisitors. There was an exhausting volume of traffic at our booth, the questions and discussion only confirmed- Application Security is certainly no longer academic, and corporations concerns are growing.

Walking the conference floor before the show was intimidating, giant booths, colors, displays, screens, squawking wireless microphones, and people racing around making final adjustmensts for the show. Even after the show was live, I think Walt’s Blog probably had the best description of the expo floor, “The expo floor is like Blade Runner meets the Cairo souk in a train wreck.” I was struck by a couple things before the show started:

1) What’s up with all the booths playing with a Wii and/or Rock Band??

2) Every other booth with PCI solutions in a box?!

3) ILP and DLP are still gaining traction. (will rant on this in a later post)

As a QSA, I was stuck that so many organizations could ‘sell’ PCI compliance, I wonder how much confusion those displays and sales pitches create for those being audited. There were some fantastic thoughts and discussion on vendors using PCI and compliance for marketing leverage, Rob and Walt had similar experiences. Michael Dahn has posted a great reflective piece on his RSA vendor experience, and brings an elegance to those lessons learned.

I am convinced PCI is going to maintain velocity and buzz for the next year, it certainly has given a much needed boost in putting security on corporate radar.


Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: