It was another record year for the RSA Conference USA, with a reported 33,000 attendees (an increase, I believe of 8-10k year-over-year). This year also saw the first truly full-scale double-expo event with both Moscone North and South sporting packed expo spaces with more vendors than seemed possible or reasonable. Impressive growth for our industry, to be sure, though as always in many ways it raised more questions than provided answers.
Due to limited personal funding, my trip was short (Tu-Th) this year, so I missed out on the DevOps Connect event Monday, which I heard was phenomenal. I also didn't get a chance to look at Innovation Sandbox, though given prior year experiences I wasn't too disappointed. I did wish I could have caught Amit Yoran's first opening keynote as RSA big chief, but alas it wasn't to be...
A couple themes I noticed this year:
1) Automate everything!
Dozens of booths had the word "automate" (or related derivative) on display. Some of the automation was the same old broken stuff we've seen for years. Some was just workflow automation. A LOT was incident response related (oftentimes automated malware response). However, it was a major theme throughout.
My talk was no exception, of course, and for good reason. The DevOps and DevOpsSec movement is well underway now and, frankly, smart automation is the only way we will ever scale to address the threat landscape. We've seen pockets of automation for ages, but the notion that we can automate some risk mgmt. decisions through to remediation activities is new and, for many, uncomfortable.
It will be interesting to see how the reality compares with the promise of automation, machine learning, and AI in the near future. For once, I feel optimistic about the future of the IT industry, even if it leads to the eventual demise of the security industry as we know it today.
2) Eating our own!
Another interesting theme from the event was the increased "eating our own" rhetoric, ironically from some of the major vendors in the space. Yes, the indsutry is a self-perpetuating delusion. Many of us have said this for years. It was just interesting to see large vendors parroting this line (all the while hocking their wares). Cognitive dissonance much? ;)
3) Hiring, hiring everywhere!
I don't think I saw a single vendor booth on either expo floor that didn't have a sign somewhere proclaiming that they were hiring. In speaking with the awesome folks at Alta Associates (hi Lauren!), the remarked that never before did they recall being approached at RSAC by so many companies seeking talent! There's no doubt that this is a good time to be looking for opportunities because it appears to be a seller's market.
Of course, that said, I'm also a wee bit skeptical about the nature of many of the positions. I've long since tired of hearing the US Government proclaim a need for "10,000 cyber warriors"... which end up being underpaid low-level people sitting in SCIFs staring at screens and clicking the ocassional alert button (jobs that should, by all rights, be largely replaced with automation and orchestration).
So... yes, there are a lot of jobs out there, a lot vendor hiring, but caveat emptor.
It was great to see so many people (friends/colleagues/Romans/countrymen) who I often only see during RSA week. It's always fun to catch-up on lives and hugs.
The parties/receptions were just too much, and I felt completely adrift without a Barracuda party to anchor the evening. In past years, it's become an unstated understanding amongst friends that we'll go do the events we're expected to do, but will catch-up in the end with the 'cuda party. No joy this year, which left a feeling of disorientation.
Overall, the event has hit the "too big" point. I think the program folks need to figure out how to start convening smaller communities within the overall event context. The receptions do a poor job of this, and I think we really need to come up with a better way to encourage more discussion and more interaction and more collaboration. Part of me wonders if the tracks need to evolve behind their fairly static approach to become more like mini-events within the larger event framework. I think we see this a little bit in some of the specialty tracks, like Law and Crypto, but how do we better facilitate more social interaction within these tracks?
A couple ideas that come to mind would be running track-specific networking receptions to kickoff sessions. It could also be interesting to have post-session networking areas where conversations can continue. I'd love to see designated zones within the event for each track, perhaps with shared communal spaces for after-chats with reasonably adjacent tracks. Anyway...
Other than that, I think this was yet another successful event. It's amazing how big it's gotten in the past decade. Sure, our industry is growing like mad (emphasis on the insanity;), but it's nice to see that reflected in the event, too.
I'm eager to see continued growth in the event, and hopefully additional maturity. I liked not having "booth babes" shoved in my face during the event. Kudos to the event management team for adding the dress code provision for expo floor staff because it was definitely an improvement. I'm starting to think that the next step should be to start shrinking the max space allowed for vendors, too. The north expo hall was well beyond the absurd this year.
In closing, an offer: If anybody wants to see my RSAC talk, "Automate or Die! How to Scale and Evolve to Fix Our Broken Industry," please get in touch. Cover my travel and I'm willing to make a quick trip to most places to deliver it.
Hope to see you at RSAC 2016, if not sooner! :)