The hardest part about the RSA Conference was finding a quiet place to talk.  I probably met with over 100 people over the course of the week, all of them were unplanned but wound up being exceptional conversations and I want to thank everyone that took some time out of their schedule to meet with me!

Innovation Sandbox:

I like the format and the idea behind this forum.  Pitting 10-12 company’s head to head in a pit and let the tigers loose to learn more about each company.  I stood in a line that was 200+ deep by the time I joined and I was 20 minutes early.   Once inside I was able to hear from each vendor many with eerily similar beginnings… our CXO or VP was “X “or “Y “at Checkpoint “so we know what we are doing”.  I wasn’t overwhelmed by anyone there, some interesting stories, 1-2 that I still have no idea why there are even in business, but overall an enjoyable way to spend a few hours. 

Talks:

Each talk probably deserves it’s own post and I’ve seen plenty of talk on the keynotes by others so I’ll focus on some of the more finite points.  As I look back on the RSA Conference one presentation in particular stands out in my mind.  It was during the “Yadda Yadda Yadda” Panel (Moderated by Mischel Kwon) discussion.  Amit Yoran gave his always fun “things suck” talk but immediately afterward two gentlemen representing the Department of State (John Struefert, Christopher Lucas) had a good conversation on how they took Dept of State from an absolutely abysmal security organization to a leader in government.  They each had an interesting perspective.  Mr Struefert focused on automating vulnerability scanning and system certification (C&A) from a 3 year “point in time” process to one that now occurs every 2-15 days.  Mr. Lucas focused on the integration of Intelligence and Security Operations.   Always a sweet spot with me!

Exposition Hall:

The RSAC Exposition Hall is a visual reminder of just how many vendors there are in the security space.  Many of the booths were actually very good at allowing you to hear what they company did (I know novel concept).  Some drew good crowds (ArcSight’s $20K Money Machine comes to mind).  I also appreciated the “Enigma” machine at the NSA booth.  

Next year I just want to have a booth that is ½ chairs and tables for “offline” conversations and 1/2 massage table/chairs and charge in 15 Minute increments.  I’d be able to create a VC Fund by the end of the week.

What surprised me most:

I’m actually very surprised there weren’t more vendor acquisition announcements.  Trustwave buying Intellitactics was a let down, IMHO.  I don’t know the financial terms of the deal but it really doesn’t matter.  MSSP commoditizing SIEM to some degree (and being locked into a SIEM) makes some sense as you look at the Compliance and SMB angle and I’m glad the I-tactics saga finally comes to a merciful end.  I miss the days of the DISA bake-off… On that note,  one of the best conversations I had all week was an impromptu meeting with Anton Chuvakin and for over an hour we reminisced on the topic of how SIEM has evolved from 2001 to date.  In hindsight I wish I had recorded that conversation, our perspectives on certain key points really helped shed on light on why things evolved the way they did.  Oh well maybe it is a good topic for an upcoming podcast!

Special thank you:  To RSA who was kind enough to allow me press credentials for RSA 2010 Conference.  I don’t take it for granted and I sincerely appreciate it.  Thank you.