“It’s good to be back!” was a phrase frequently heard through the Moscone Center halls last week, during the 2022 RSA Conference.
It’s been more than two years since the renowned RSA conference took place and everyone, including yours truly, was excited to be back to meeting in person, exchanging ideas, and networking.
26,000 attendees participated in RSA 2022 , reportedly down 38% from 2020, but if we’re being honest, it’s not a bad turn out after two years of COVID.
While this year marks my ninth year at RSAC, I’ve found that there is always something new to learn, and exciting new people to meet while we all get back into the swing of conference life. Let’s get to it. Here are my 5 key takeaways from RSAC 22’:
1- Demand for cybersecurity is mounting, CISOs are (still) an incredible buying force
The perceived need for new and innovative cyber solutions continues to grow and CISOs keep spending.This year’s RSAC was notable for its significant level of CISO participation and they gave no indications that they intend to slow down their spendings.
In recent years RSA Conference organizers have received a backlash of complaints over the conference being “all vendors, no buyers”. This years’ exhibition floor was still packed with vendors, but the proportion of CISOs displaying interest in innovative solutions stood out. True, the majority of the CISOs I met at off-conf events such as our annual breakfast, and our closed-door CISOs roundtables event, but their hunger for cyber innovation does not cease to exist. As a result of the demographic shift, conference organizers will need to adapt in future years and perhaps divert some of the exhibition focus to B2B meetings and connections-making, an effort which is often facilitated by ecosystem partners.
2- A new financial playbook
RSA is not an investor summit nor a financial one, and still, discussions seemed to focus on spending trends and the changing financial landscape. Vendors, and specifically the startups we spoke with were consistently concerned about a potential market meltdown and were cautious with the practical implications on their businesses. This touchpoint is critical despite the continuously mentioned buying interest of CISOs.
RSAC 22’ did not witness significant participation from early stage companies and startups, as the exhibition floor was clearly smaller than in previous years. Unlike in previous years, even the big vendors didn’t seem to put on extravagant booths and presentations. The focus of this year’s RSA clearly shifted from easy spend to demonstrating clear ROI on every dollar spent.
Between the increased CISO presence and greater push towards established cyber vendors RSA 2022 was a more intimate event, closer to how it used to be 5–8 years ago.
Admittedly though, with the goal of attracting young companies and innovators, next years’ conferences will have to consider sizing down the expo hall and provide greater value through competitions, workshops, accelerators, and business meetings.
3- Cloud, Supply Chain, and next-gen AppSec lead the way
It was difficult to catch a clear theme this year, maybe due to the uncertainty surrounding the event’s date. For many, this resulted in a flurry of buzzwords and occasionally some disconnect between technologies. Nevertheless, it is clear that cloud security, as well as next gen App Sec and developer-focused security are quickly rising to the top digital transformation priority for many organizations, big and small.
And let’s never forget Zero Trust.
4- Automation, Simplification and Consolidation (you have heard this one before)
There are currently 2.7M vacancies for cybersecurity experts, according to Financial Review. These jobs cannot get filled, there are simply not enough cyber experts out there. Unfortunately, The gap is not new and has been the subject of uneventful discussion for years now. Still, the vastly expanding threat landscape and the growing amount of tools (some of which are highly involved to operate), continue to put pressure on CISOs to expand their team and broaden cyber understanding, despite talent limitations.
To overcome the talent shortage, three things will need to happen:
A. More automation must be done via augmentation of human efforts (i.e. get more with the same human resources)
B. Simplification of cyber operations
C. More consolidation – less tools to achieve the same goals.
In other words, CISO conversations throughout RSAC supported the same clear message: it’s not enough to give us security, it needs to be done in a way we can consume and translate for our teams.
5- ‘Start-Up Nation’ is not going anywhere
A lot was written about the strength of Israel in the cyberspace. This was very clear to see at RSAC 2022, with notable participation from a number of Israeli startups, as well as the hosting of a handful of Israeli related events, and an Israeli winner in the RSA Sandbox Innovation Contest (congrats Talon!).With that said, we couldn’t help but notice the absence of The Israeli Pavilion this year’s RSA. The Israeli Pavilion has traditionally been a destination for many potential buyers and a shining point for the holy land in the event. One could say this marks another milestone in the scale-down of the expo hall and refocus on business meetings and networking events.
To sum it up, It was a great feeling to be back at the RSA Conference, seeing all of our portfolio companies thrive, meeting our trusted advisors and liaising with industry veterans and partners. Despite current market conditions, it’s clear that the need for Israeli innovation in the cyber domain will continue to grow. In practice we all know RSAC is a great place for conversations, but it’s not the only one.
Keep the conversation going with us. See you at the next event!