RSAing the Roof! Observations on RSA Security Conference Fringe Events...
The #rsaconference (#rsac2023 ) took place in San Francisco at the end of April and I was close to the action, having put together the RSA “Insider” Schedule that was a graphical representation of fringe events taking place around the conference.
According to the conference organisers this year’s event attracted over 40,000 attendees, including 650+ speakers, 500+ exhibitors and 500+ members of the media, with 33 keynote presentations, 650+ speakers across over 350 sessions and just under 550 exhibitors on the expo floor.
It certainly felt like it had returned to a pre-pandemic level of buzz, with many San Francisco locals finding that their trendy local bars and restaurants were booked out by cyber security companies!
My favourite quote this week comes from a VC Partner that shall not be named, who lamented that they “Used to like CompanyX” after finding out that they had entirely taken over The Grove on Tuesday morning…!
The typical cyber security themes were bouncing around in conversations – such as #software supply chain, secure code development / #devsecops , product consolidation, the evolving role of #identitysecurity , etc… But two topics were particularly pre-eminent – the role of the #CISO and what #generativeai means for #cybersecurity (both as an enabler and a new challenge).
However, this article is more about the dynamics of the RSA Conference as a mechanism for the security ecosystem to coalesce, rather than about the technology trends discussed – so a little different than what you would usually expect.
Strength of the RSA Fringe
While the conference itself was busy, much of the actual action took place at the RSA Fringe where at least 175 events of varying sizes were crammed mostly into three days in every corner of San Francisco – and these are just the ones that I (or my spies!) found out about, so there were undoubtedly others.
There were also many thousands of 1:1 meetings that happened away from the conference floor in hotel suites, restaurants, coffee shops and basically anywhere where that a company could find a quiet corner with a table and chairs... This is where much of the real conference business gets done and the importance of the Fringe to the conference itself cannot be overstated.
There were a broad range of events from speaker sessions to straight-up parties, hosted by all sorts of organisations – I’ve broken them out by Tech Company, Venture Capital (#VC ) Firm, Service Provider and Cross Industry (i.e. governments etc..) here:
While there were a number of large-scale events – like the Cyber Leaders party, FOMO, Scale Up and 17(!) happy hours - much of the really interesting discussion took place in smaller more exclusive group settings.
Return of the Purchasers?
With the uncertainty around #covid and shifting event dates, RSA 2023 didn’t quite have the typical pre-covid energy – however it felt like the security purchasers were back in full force! There was fresh energy around San Francisco and it felt distinctly busier than 2022.
I ran into a broad range of Security Executives at fringe events and all of the companies that I talked with had a full roster of 1:1 meetings, so RSA life seems to be returning to normal.?This is what brought back much of the energy to the conference week, as any tech conference without potential customers is somewhat one-dimensional.?
The Exclusivity Arms Race
Regardless of how many large organisations attend, there will always be an imbalance between the availability of security executives and the companies who want their time - this was again the case in 2023.?
领英推荐
The arms race between major vendors to win the attention of CISOs resulted in a number of exclusive events during the week, with big names like Lenny Kravitz being brought in for high end small groups of 200-300 executives.
On the other end of the spectrum there were more than 17 happy hours during RSA this year, in addition to so many cocktail receptions and large drinks events.?I tend to avoid the larger scale events, in favour of the better dialogue that comes with smaller groups, but I always wonder whether the vendors who host mega events feel like they get value for money or do they just see it as an RSA “Tax”?
Making Best Use of Your Time
Thinking about planning for RSA 2024, I would suggest that there may be some value to coming into town on the weekend before to attend BSides (assuming it lands in on the Saturday/Sunday again) and this also lets you be somewhat in the right mindspace to make most of your time on Monday to Wednesday. This is particularly important if you want to attend any of the full day fringe conferences like CISA, the AGC Partners CyberSecurity conference or the Piper Sandler conference as examples.
While Monday and Tuesday were busy, Wednesday was beyond crazy – looking at the data, things got busier as each day progressed with the evening being where there was most going on. ?Executive schedules were getting noticeably stretched by Wednesday evening, so there were undoubtedly events that were losing out. ?
A Side Note for Event Organisers…
To all budding event organisers out there, for the love of all that is ?don’t just book another happy hour on Wednesday!??
From what I can see, the best recipe for success within this overly noisy schedule was to be smart around timing - avoid the overly busy times and try to find venues that are convenient to the conference or its catchment. Interesting content well presented is always a winner in my book.
My personal favourite was getting to see Craig Froelich , Daniel Conroy , Betsy Wille and Michael McFaul speak at the Insight Partners Cyber@Scale event, in collaboration with Diligent - a great example of a high quality content driven event.
There is a belief that a lot of executives are gone by Thursday morning – while the pace was distinctly slower on Thursday, many folks didn’t leave until later Thursday or Friday morning. So, there may be an opportunity to move some events to Thursday, unless attendees end up running out of energy by Wednesday…?
In summary....
For those attending, take the time to plan your schedule in advance (or ask for help!), as this will make all the difference to how you experience the event - take a look at the #RSACinsiderschedule from 2023 here to see what is possible...
If you're planning an event, aim for a breakfast or lunch and please do something thought provoking…!
Thank you Atmosec (Acquired by Check Point) , Entitle - a BeyondTrust company , Garrison Technologies , Mitiga , Oligo Security , Strong Network , SURF SECURITY , Valarian and yes-security Inc. for taking mini-profiles in the schedule - your support is always appreciated.
Finally. #RSAC2024 will be taking place on 6-9 May in San Francisco, so hope to see you there!
Transformational CRO | Driving Revenue Growth for SaaS/B2B Startups | Expert in Go-To- Market Strategies
1 年Ian, thanks for sharing!
For those in London this week, here is an "Insider" Schedule for InfoSecurity Europe... https://www.dhirubhai.net/posts/ellisian_infosec-europe-2023-insider-schedule-activity-7076566254676791296-MmMh?utm_source=share&utm_medium=member_desktop