RSA 2020: We had a blast
March 09, 2020
The biggest gathering of security professionals in the world was the backdrop for our biggest ever product launch.
The Panaseer team took the annual pilgrimage to San Francisco to tell everyone and anyone about what we’ve been working on for the last few months.
Identifying a customer need, researching, designing, developing, refining and testing it in stealth mode was a challenge. We then had to bring it to market with our new brand, new messaging, and a great-looking booth. Not to mention all of the admin and logistics to get us there and line up meetings with investors, analysts, partners and prospects. This truly was a huge team effort.
Thanks to the whole team for their commitment to making RSA and the launch of Business Risk Perspectives such a success. As a leadership team, we could not be more proud of the team and what they’ve achieved.
Although many of us are RSA veterans, this year also offered us a number of other firsts: first time as an independent exhibitor, first time our global leadership team would meet on US soil and the first time I’ve exhibited wearing a kilt?! More on that later.
A great reception
On a personal level, I couldn’t wait to get to the booth and start running demos and chatting to the attendees. But before we could even lift the lid on the product we had to dash off and pick up our latest award, Best Continuous Controls Monitoring Platform 2020, as well as being recognised among the top 25 Hot Risk, Operations And Threat Intelligence Platforms At RSA 2020.
Once the doors were open we had a steady stream of visitors to the booth and it was always good to hear about those that had headed straight to find us. This was partly assisted by the stylish socks we were giving away and the British Dairy Milk – an advantage of bringing the UK team over.
Over the course of the week I spent 16 hours on the stand and met people from many different organisations and in many different roles. Our Continuous Controls Monitoring platform delivers value to security, IT, risk and audit teams as well as their senior stakeholders and the new product gave us the best capability yet to have great conversations with each of them.
My favourite demos were those where my guest starts out as a sceptic but leaves exclaiming ‘I love this!’ – we had quite a few of them particularly from the ‘big 4’ whose bread and butter is manual assessment and audit.
The benefits of moving away from slow, subjective, qualitative control measurement to on-demand, automated, quantitative measurement is gaining traction. That helped us differentiate ourselves in a very crowded hall.
The number of vendors
Looking out from our booth it was clear that the proliferation of security tools continues unabated. It’s a bit of a ‘catch-22’ for us as it’s the aggregation and analysis of this data from these point solutions that makes Panaseer so valuable.
There are so many security startups and vendors. The focus seems to be on incrementally better solutions to already well-addressed problems in threat and reactive security, rather than innovating in new problem spaces or step-change solutions.
So many vendors are still focused on detection and response, and even those who talk about prevention seem to be the former dressed up as the latter.
There is a continuing trend of niche, siloed point-solutions solving specific security problems. Investors seem to be loading money into yet another threat intel platform, end-point technology, or detection analytics platform.
Security leaders have to get one tool for each little thing. But how can they effectively manage all of these tools?
Admittedly, there are some early efforts to consolidate this fragmented landscape to improve visibility (with Cisco SecureX, for example). But these are threat or security operations focused, rather than looking to proactively assess and optimise security posture.
Governance functions (risk, compliance, audit) are left with little to look at save some tech-enabled risk assessment services. We spoke with a Head of Audit who said: ‘As usual, there’s nothing for me here’. It seems mad considering how much clout this function has accrued, and will continue to have in the coming years.
It is also interesting to note, particularly given our new capability, that there was almost nothing out there addressing the board and business stakeholders. Companies are overflowing with security-related data but have no real way of curating it for business stakeholders.
A bit of fun…
Now for some light relief and a chance to unwind in style… DJ JAZZY JEFF bringing down the house at the Cisco Live Customer Appreciation Party!
Unfortunately, he only teased us with a few bars of ‘The Fresh Prince of Bel-Air’ theme song and the Carlton dance. It could have been a glorious sequel to my ‘Ice Ice Baby’ rendition at H-ISAC last year!
The usual lightsabers were out in force (*groan*) and there was plenty of fresh popcorn, which made for a surprisingly pleasant background aroma, despite putting me in an almost permanent state of snacking – not helped by the aforementioned bowl of Dairy Milk in front of me.
Harking back to the 80s, the Delorean was a welcome booth touch but given I don’t remember the vendor I think we’ll stick with the British chocolate for now. The Germany Pavilion looked like fun, with lederhosen and dirndls aplenty. There were even some faux kilts (or plaid) so I was pleased to bring some authenticity to the show with my own kilt in the MacIntyre:
As usual, there were enough fancy dos and soirées to shake a stick (or lightsabre) at. The PopRocks at the Digital Shadows party were a delightfully energetic surprise and the malware margaritas washed down the miniature burgers that were at every buffet table.
In all, we had a fantastic time. It was fun, we learned a lot, met some great people, and by the time that we came home, we were all thoroughly exhausted. We can’t wait to take our new product and capability to our clients and further. So after a brief pause, we go again. Watch this space!
