What To Look for at RSA ‘17: Five Questions with Angelique Faul

The RSA crowd gathers around the Innovation Sandbox Contest

More than 40,000 cybersecurity pros will gather at Moscone Center in San Francisco, starting on Monday, for the 26th annual RSA Conference. The event is cybersecurity’s Woodstock of sorts – a week-long binge of networking, knowledge-sharing and, yes, parties.

Angelique Faul, who leads Kulesa Faul’s IT security practice, has attended about half of the conferences to date. Read on to hear her thoughts on why RSA is such a big deal and what to expect at this year’s conference.

Q: What exactly goes on at RSA and why do so many people in the cybersecurity space flock to it?

A: For cybersecurity companies, RSA is the place to see and be seen. Unlike some technology industry conferences, RSA generally isn’t considered a major lead generation opportunity or a venue for sealing deals with customers. It’s more business-focused, giving companies the chance to rub elbows with industry colleagues, clink glasses with reporters and analysts, and learn about the latest trends and technologies from guest speakers and seasoned security pros.

Although not a heavy-duty technical conference like Black Hat, there are a slew of educational sessions that take place every day. There’s also the Innovation Sandbox Contest, which recognizes young companies creating today’s most innovative security technologies. Being included is a huge win, as it not only generates significant recognition, but helps build awareness for these early-stage companies.

It is truly amazing how much the show has grown. In 2005, RSA reached what was then an all-time high for attendance – 11,000. Last year, a record 40,000 people attended and I’m sure that will be topped this year. The show has become so important to the industry that exhibiting is almost mandatory – any cybersecurity company that decides to skip is conspicuously absent.

Q: What will everyone be talking about at RSA this year? 

A: Internet of Things (IoT) security will be a very hot topic. Analysts say the world will have 20 or 30 billion interconnected things by the end of the decade, but there is considerable concern around security risks. We’ve already started to see some attacks like the one on Dyn last fall where cybercriminals penetrated IoT devices to do a lot of harm. Just this month, the news about spying TVs has further highlighted the security and privacy challenges posed by the IoT.

Another topic you won’t be able to avoid this year is ransomware. In fact, RSA has dedicated a full-day seminar to address all of the issues – technical, policy, compliance and financial response – associated with this growing problem. In addition to providing all of the ins and outs of ransomware, attendees will leave knowing if and when to pay the ransom. I’m intrigued!

Q: How has the cybersecurity landscape changed from, say, three years ago?

A: The number of high-profile attacks has exploded during the last few years. It’s extremely hard to keep track and unfortunately these threats keeps evolving. No longer is it just about hackers, even though they’re becoming more sophisticated by the hour. Now, there are a whole host of new risks involving cloud computing, insiders and, as I mentioned, IoT.

As you can imagine, this is driving an unprecedented interest in the space. I recently read there are going to be 700 exhibitors at RSA this year. That’s incredible. It was 400 just a few years ago. And as more and more companies enter the cybersecurity market, the fight for attention at the conference becomes exponentially competitive.

Q: What’s your advice to companies wondering how to break through the noise at such a huge show?

A: It’s difficult. We usually advise against making news announcements at RSA – it’s just too hard to get proper attention given the noise. A better idea might be to prepare some original research or data about pressing security issues and trends and make influencers aware of it two or three weeks before the conference.

It’s important for every security company to develop an articulate technologist or thought leader who can speak at a high level about security challenges and how to address them. Try to set up meetings for that person with key reporters or analysts attending RSA.

Many companies host parties at RSA. There’s a lot of competition, but with creative approaches, such as clever use of social media, you can throw a party and people will show. And if that doesn’t work, insert the word “exclusive” or “private” or “VIP” and you’ll be overbooked!

Q. What do you love about working in the security space?

A: All the things that make the space so noisy also make it fun! It’s a big challenge. You have to be really creative to deliver successful PR campaigns for security companies. You have to be very much on top of industry developments, every minute of every day. But the best part? I’m fortunate enough to work with an amazing group of people who kill it every day.

I hope to see you next week!

Angelique has been serving and providing counsel to high-tech companies for over 20 years. As a partner of Kulesa Faul, she heads up the agency’s thriving IT security practice. Contact Angelique here.