RSA 2024 Insights

I just returned from an exciting RSA 2024 Conference, and wow, what an experience! Here are some of the insights I had from conversations with hundreds of CISOs:

1. The Power of Community: While the RSA floor had its quiet moments (with some of the booths looking empty), the real magic was in the after-hour dinners and off-site meetups. The CISO community is more vibrant and connected than ever, showing strength in numbers and insight.
2. AI Revolution: It's official—AI is the new gold. Most companies are now incorporating AI language prompts on top of their data, and just like being a “SaaS company is a given” so will “AI”.
3. Commoditizing Attack Surface: It’s now table stakes to have external threat visibility. The coolest part? It's often baked right into many products at no extra charge. Talk about value!
4. Top of Mind Trends: CISOs are zeroing in on (1) Identity Access Management, (2) Cloud Security, and (3) Third-Party Risk. These are the battlegrounds where cyber wars are fought and won. Over 60% of the data breaches are now due to negligence of Third Parties - so that positions the important work that SecurityScorecard does very well.
5. Startup Tsunami: As the CEO of a thriving $100M+ ARR company, I'm swamped with pitches from Alliance and M&A partners. Tip for startups: Scale matters, quality products matter, and gimmicks don't cut it.   Too many startups are burning capital, building point solutions, getting stuck at under $20M ARR and hoping someone will buy them.   As the scrutiny for budgets gets tougher, some startups are even resorting to gimmicks (like 50% off on the price - remember 50% off nothing in value is still nothing!) 
6. Metrics that Matter: If we can't measure it, we can't master it. KPIs are our roadmap to industry excellence. We need objective, trusted ways to measure and quantify risk.
7. Platformization—Just a Buzzword? While 'one-stop-shop' sounds great, savvy CISOs know better than to put all their eggs in one vendor's basket. This is good news for startups - because CISOs want the best solutions out there.
8. Public Sector :  I was very impressed by collaboration between public and private sectors. The public sector cyber heads that I met, were innovative, forward-looking thinkers who wanted to make a difference. Big opportunity ahead to make life for adversaries harder!
9. Top CISOs are in demand: The job market for CISOs is thriving, and some Fortune 500 CISOs are making $1-$3M a year in compensation. This is now a legitimate executive position with a seat at the Board room.
10.  Investor Frenzy: There’s a gold rush in cybersecurity investment. Capital is eager and ready, but the capital is concentrated in best-of-breed companies (for example WIZ who has an amazing product announced a $1B investment at $12B valuation).   Picking the right investor makes a big difference - funds like Evolution Equity, BoldStart Ventures, Sequoia Capital, CyberStarts, and so on - are the right partners who will help not just with capital but also with advice and CISO introductions.

I’m feeling supercharged and ready to take on the future with all these insights and connections. The next wave of cyber innovation can't come soon enough! Let's do this!

Are there any insights that you had from RSA that I missed?

💥🔒

#RSAC #Cybersecurity #Innovation #FutureReady #RSA2024